diff --git a/.gitignore b/.gitignore index 8a81222fe..cbd894ff0 100644 --- a/.gitignore +++ b/.gitignore @@ -213,7 +213,7 @@ id_ed25519.pub .mypy_cache .pytest_cache .ipynb_checkpoints - +.build-cache **/jcef-bundle/ diff --git a/app/common/build.gradle b/app/common/build.gradle index 25ae6707b..c2719d29f 100644 --- a/app/common/build.gradle +++ b/app/common/build.gradle @@ -41,8 +41,8 @@ dependencies { api "org.apache.pdfbox:preflight:$pdfboxVersion" api 'com.github.junrar:junrar:7.5.7' // RAR archive support for CBR files api 'jakarta.servlet:jakarta.servlet-api:6.1.0' - api 'org.snakeyaml:snakeyaml-engine:2.10' - api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.14" + api 'org.snakeyaml:snakeyaml-engine:3.0.1' + api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.15" // Simple Java Mail for EML/MSG parsing (replaces direct Angus Mail usage) api 'org.simplejavamail:simple-java-mail:8.12.6' api 'org.simplejavamail:outlook-module:8.12.6' // MSG file support diff --git a/app/core/src/main/java/stirling/software/SPDF/controller/api/SettingsController.java b/app/core/src/main/java/stirling/software/SPDF/controller/api/SettingsController.java index 33c0691a1..16f752f5d 100644 --- a/app/core/src/main/java/stirling/software/SPDF/controller/api/SettingsController.java +++ b/app/core/src/main/java/stirling/software/SPDF/controller/api/SettingsController.java @@ -1,14 +1,11 @@ package stirling.software.SPDF.controller.api; import java.io.IOException; -import java.util.HashMap; import java.util.Map; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestParam; import io.swagger.v3.oas.annotations.Hidden; @@ -52,385 +49,4 @@ public class SettingsController { public ResponseEntity> getDisabledEndpoints() { return ResponseEntity.ok(endpointConfiguration.getEndpointStatuses()); } - - // ========== GENERAL SETTINGS ========== - - @GetMapping("/admin/settings/general") - @Hidden - public ResponseEntity> getGeneralSettings() { - Map settings = new HashMap<>(); - settings.put("ui", applicationProperties.getUi()); - settings.put( - "system", - Map.of( - "defaultLocale", applicationProperties.getSystem().getDefaultLocale(), - "showUpdate", applicationProperties.getSystem().isShowUpdate(), - "showUpdateOnlyAdmin", - applicationProperties.getSystem().isShowUpdateOnlyAdmin(), - "customHTMLFiles", applicationProperties.getSystem().isCustomHTMLFiles(), - "fileUploadLimit", applicationProperties.getSystem().getFileUploadLimit())); - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/general") - @Hidden - public ResponseEntity updateGeneralSettings(@RequestBody Map settings) - throws IOException { - // Update UI settings - if (settings.containsKey("ui")) { - Map ui = (Map) settings.get("ui"); - if (ui.containsKey("appNameNavbar")) { - GeneralUtils.saveKeyToSettings("ui.appNameNavbar", ui.get("appNameNavbar")); - applicationProperties.getUi().setAppNameNavbar(ui.get("appNameNavbar")); - } - } - - // Update System settings - if (settings.containsKey("system")) { - Map system = (Map) settings.get("system"); - if (system.containsKey("defaultLocale")) { - GeneralUtils.saveKeyToSettings("system.defaultLocale", system.get("defaultLocale")); - applicationProperties - .getSystem() - .setDefaultLocale((String) system.get("defaultLocale")); - } - if (system.containsKey("showUpdate")) { - GeneralUtils.saveKeyToSettings("system.showUpdate", system.get("showUpdate")); - applicationProperties.getSystem().setShowUpdate((Boolean) system.get("showUpdate")); - } - if (system.containsKey("showUpdateOnlyAdmin")) { - GeneralUtils.saveKeyToSettings( - "system.showUpdateOnlyAdmin", system.get("showUpdateOnlyAdmin")); - applicationProperties - .getSystem() - .setShowUpdateOnlyAdmin((Boolean) system.get("showUpdateOnlyAdmin")); - } - if (system.containsKey("fileUploadLimit")) { - GeneralUtils.saveKeyToSettings( - "system.fileUploadLimit", system.get("fileUploadLimit")); - applicationProperties - .getSystem() - .setFileUploadLimit((String) system.get("fileUploadLimit")); - } - } - - return ResponseEntity.ok( - "General settings updated. Restart required for changes to take effect."); - } - - // ========== SECURITY SETTINGS ========== - - @GetMapping("/admin/settings/security") - @Hidden - public ResponseEntity> getSecuritySettings() { - Map settings = new HashMap<>(); - ApplicationProperties.Security security = applicationProperties.getSecurity(); - - settings.put("enableLogin", security.isEnableLogin()); - settings.put("loginMethod", security.getLoginMethod()); - settings.put("loginAttemptCount", security.getLoginAttemptCount()); - settings.put("loginResetTimeMinutes", security.getLoginResetTimeMinutes()); - settings.put( - "initialLogin", - Map.of( - "username", - security.getInitialLogin().getUsername() != null - ? security.getInitialLogin().getUsername() - : "")); - - // JWT settings - ApplicationProperties.Security.Jwt jwt = security.getJwt(); - settings.put( - "jwt", - Map.of( - "enableKeystore", jwt.isEnableKeystore(), - "enableKeyRotation", jwt.isEnableKeyRotation(), - "enableKeyCleanup", jwt.isEnableKeyCleanup(), - "keyRetentionDays", jwt.getKeyRetentionDays())); - - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/security") - @Hidden - public ResponseEntity updateSecuritySettings(@RequestBody Map settings) - throws IOException { - if (settings.containsKey("enableLogin")) { - GeneralUtils.saveKeyToSettings("security.enableLogin", settings.get("enableLogin")); - applicationProperties - .getSecurity() - .setEnableLogin((Boolean) settings.get("enableLogin")); - } - if (settings.containsKey("loginMethod")) { - GeneralUtils.saveKeyToSettings("security.loginMethod", settings.get("loginMethod")); - applicationProperties - .getSecurity() - .setLoginMethod((String) settings.get("loginMethod")); - } - if (settings.containsKey("loginAttemptCount")) { - GeneralUtils.saveKeyToSettings( - "security.loginAttemptCount", settings.get("loginAttemptCount")); - applicationProperties - .getSecurity() - .setLoginAttemptCount((Integer) settings.get("loginAttemptCount")); - } - if (settings.containsKey("loginResetTimeMinutes")) { - GeneralUtils.saveKeyToSettings( - "security.loginResetTimeMinutes", settings.get("loginResetTimeMinutes")); - applicationProperties - .getSecurity() - .setLoginResetTimeMinutes( - ((Number) settings.get("loginResetTimeMinutes")).longValue()); - } - - // JWT settings - if (settings.containsKey("jwt")) { - Map jwt = (Map) settings.get("jwt"); - if (jwt.containsKey("keyRetentionDays")) { - GeneralUtils.saveKeyToSettings( - "security.jwt.keyRetentionDays", jwt.get("keyRetentionDays")); - applicationProperties - .getSecurity() - .getJwt() - .setKeyRetentionDays((Integer) jwt.get("keyRetentionDays")); - } - } - - return ResponseEntity.ok( - "Security settings updated. Restart required for changes to take effect."); - } - - // ========== CONNECTIONS SETTINGS (OAuth/SAML) ========== - - @GetMapping("/admin/settings/connections") - @Hidden - public ResponseEntity> getConnectionsSettings() { - Map settings = new HashMap<>(); - ApplicationProperties.Security security = applicationProperties.getSecurity(); - - // OAuth2 settings - ApplicationProperties.Security.OAUTH2 oauth2 = security.getOauth2(); - settings.put( - "oauth2", - Map.of( - "enabled", oauth2.getEnabled(), - "issuer", oauth2.getIssuer() != null ? oauth2.getIssuer() : "", - "clientId", oauth2.getClientId() != null ? oauth2.getClientId() : "", - "provider", oauth2.getProvider() != null ? oauth2.getProvider() : "", - "autoCreateUser", oauth2.getAutoCreateUser(), - "blockRegistration", oauth2.getBlockRegistration(), - "useAsUsername", - oauth2.getUseAsUsername() != null - ? oauth2.getUseAsUsername() - : "")); - - // SAML2 settings - ApplicationProperties.Security.SAML2 saml2 = security.getSaml2(); - settings.put( - "saml2", - Map.of( - "enabled", saml2.getEnabled(), - "provider", saml2.getProvider() != null ? saml2.getProvider() : "", - "autoCreateUser", saml2.getAutoCreateUser(), - "blockRegistration", saml2.getBlockRegistration(), - "registrationId", saml2.getRegistrationId())); - - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/connections") - @Hidden - public ResponseEntity updateConnectionsSettings( - @RequestBody Map settings) throws IOException { - // OAuth2 settings - if (settings.containsKey("oauth2")) { - Map oauth2 = (Map) settings.get("oauth2"); - if (oauth2.containsKey("enabled")) { - GeneralUtils.saveKeyToSettings("security.oauth2.enabled", oauth2.get("enabled")); - applicationProperties - .getSecurity() - .getOauth2() - .setEnabled((Boolean) oauth2.get("enabled")); - } - if (oauth2.containsKey("issuer")) { - GeneralUtils.saveKeyToSettings("security.oauth2.issuer", oauth2.get("issuer")); - applicationProperties - .getSecurity() - .getOauth2() - .setIssuer((String) oauth2.get("issuer")); - } - if (oauth2.containsKey("clientId")) { - GeneralUtils.saveKeyToSettings("security.oauth2.clientId", oauth2.get("clientId")); - applicationProperties - .getSecurity() - .getOauth2() - .setClientId((String) oauth2.get("clientId")); - } - if (oauth2.containsKey("clientSecret")) { - GeneralUtils.saveKeyToSettings( - "security.oauth2.clientSecret", oauth2.get("clientSecret")); - applicationProperties - .getSecurity() - .getOauth2() - .setClientSecret((String) oauth2.get("clientSecret")); - } - if (oauth2.containsKey("provider")) { - GeneralUtils.saveKeyToSettings("security.oauth2.provider", oauth2.get("provider")); - applicationProperties - .getSecurity() - .getOauth2() - .setProvider((String) oauth2.get("provider")); - } - if (oauth2.containsKey("autoCreateUser")) { - GeneralUtils.saveKeyToSettings( - "security.oauth2.autoCreateUser", oauth2.get("autoCreateUser")); - applicationProperties - .getSecurity() - .getOauth2() - .setAutoCreateUser((Boolean) oauth2.get("autoCreateUser")); - } - if (oauth2.containsKey("blockRegistration")) { - GeneralUtils.saveKeyToSettings( - "security.oauth2.blockRegistration", oauth2.get("blockRegistration")); - applicationProperties - .getSecurity() - .getOauth2() - .setBlockRegistration((Boolean) oauth2.get("blockRegistration")); - } - if (oauth2.containsKey("useAsUsername")) { - GeneralUtils.saveKeyToSettings( - "security.oauth2.useAsUsername", oauth2.get("useAsUsername")); - applicationProperties - .getSecurity() - .getOauth2() - .setUseAsUsername((String) oauth2.get("useAsUsername")); - } - } - - // SAML2 settings - if (settings.containsKey("saml2")) { - Map saml2 = (Map) settings.get("saml2"); - if (saml2.containsKey("enabled")) { - GeneralUtils.saveKeyToSettings("security.saml2.enabled", saml2.get("enabled")); - applicationProperties - .getSecurity() - .getSaml2() - .setEnabled((Boolean) saml2.get("enabled")); - } - if (saml2.containsKey("provider")) { - GeneralUtils.saveKeyToSettings("security.saml2.provider", saml2.get("provider")); - applicationProperties - .getSecurity() - .getSaml2() - .setProvider((String) saml2.get("provider")); - } - if (saml2.containsKey("autoCreateUser")) { - GeneralUtils.saveKeyToSettings( - "security.saml2.autoCreateUser", saml2.get("autoCreateUser")); - applicationProperties - .getSecurity() - .getSaml2() - .setAutoCreateUser((Boolean) saml2.get("autoCreateUser")); - } - if (saml2.containsKey("blockRegistration")) { - GeneralUtils.saveKeyToSettings( - "security.saml2.blockRegistration", saml2.get("blockRegistration")); - applicationProperties - .getSecurity() - .getSaml2() - .setBlockRegistration((Boolean) saml2.get("blockRegistration")); - } - } - - return ResponseEntity.ok( - "Connection settings updated. Restart required for changes to take effect."); - } - - // ========== PRIVACY SETTINGS ========== - - @GetMapping("/admin/settings/privacy") - @Hidden - public ResponseEntity> getPrivacySettings() { - Map settings = new HashMap<>(); - - settings.put("enableAnalytics", applicationProperties.getSystem().getEnableAnalytics()); - settings.put("googleVisibility", applicationProperties.getSystem().isGooglevisibility()); - settings.put("metricsEnabled", applicationProperties.getMetrics().isEnabled()); - - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/privacy") - @Hidden - public ResponseEntity updatePrivacySettings(@RequestBody Map settings) - throws IOException { - if (settings.containsKey("enableAnalytics")) { - GeneralUtils.saveKeyToSettings( - "system.enableAnalytics", settings.get("enableAnalytics")); - applicationProperties - .getSystem() - .setEnableAnalytics((Boolean) settings.get("enableAnalytics")); - } - if (settings.containsKey("googleVisibility")) { - GeneralUtils.saveKeyToSettings( - "system.googlevisibility", settings.get("googleVisibility")); - applicationProperties - .getSystem() - .setGooglevisibility((Boolean) settings.get("googleVisibility")); - } - if (settings.containsKey("metricsEnabled")) { - GeneralUtils.saveKeyToSettings("metrics.enabled", settings.get("metricsEnabled")); - applicationProperties.getMetrics().setEnabled((Boolean) settings.get("metricsEnabled")); - } - - return ResponseEntity.ok( - "Privacy settings updated. Restart required for changes to take effect."); - } - - // ========== ADVANCED SETTINGS ========== - - @GetMapping("/admin/settings/advanced") - @Hidden - public ResponseEntity> getAdvancedSettings() { - Map settings = new HashMap<>(); - - settings.put("endpoints", applicationProperties.getEndpoints()); - settings.put( - "enableAlphaFunctionality", - applicationProperties.getSystem().isEnableAlphaFunctionality()); - settings.put("maxDPI", applicationProperties.getSystem().getMaxDPI()); - settings.put("enableUrlToPDF", applicationProperties.getSystem().isEnableUrlToPDF()); - settings.put("customPaths", applicationProperties.getSystem().getCustomPaths()); - settings.put( - "tempFileManagement", applicationProperties.getSystem().getTempFileManagement()); - - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/advanced") - @Hidden - public ResponseEntity updateAdvancedSettings(@RequestBody Map settings) - throws IOException { - if (settings.containsKey("enableAlphaFunctionality")) { - GeneralUtils.saveKeyToSettings( - "system.enableAlphaFunctionality", settings.get("enableAlphaFunctionality")); - applicationProperties - .getSystem() - .setEnableAlphaFunctionality( - (Boolean) settings.get("enableAlphaFunctionality")); - } - if (settings.containsKey("maxDPI")) { - GeneralUtils.saveKeyToSettings("system.maxDPI", settings.get("maxDPI")); - applicationProperties.getSystem().setMaxDPI((Integer) settings.get("maxDPI")); - } - if (settings.containsKey("enableUrlToPDF")) { - GeneralUtils.saveKeyToSettings("system.enableUrlToPDF", settings.get("enableUrlToPDF")); - applicationProperties - .getSystem() - .setEnableUrlToPDF((Boolean) settings.get("enableUrlToPDF")); - } - - return ResponseEntity.ok( - "Advanced settings updated. Restart required for changes to take effect."); - } } diff --git a/app/core/src/main/java/stirling/software/SPDF/service/CertificateValidationService.java b/app/core/src/main/java/stirling/software/SPDF/service/CertificateValidationService.java index 2fe7213ca..3f02bd430 100644 --- a/app/core/src/main/java/stirling/software/SPDF/service/CertificateValidationService.java +++ b/app/core/src/main/java/stirling/software/SPDF/service/CertificateValidationService.java @@ -2,6 +2,7 @@ package stirling.software.SPDF.service; import java.io.*; import java.net.HttpURLConnection; +import java.net.URI; import java.net.URL; import java.security.GeneralSecurityException; import java.security.KeyStore; @@ -510,7 +511,7 @@ public class CertificateValidationService { private byte[] downloadTrustList(String urlStr) { HttpURLConnection conn = null; try { - URL url = new URL(urlStr); + URL url = URI.create(urlStr).toURL(); conn = (HttpURLConnection) url.openConnection(); conn.setRequestMethod("GET"); conn.setConnectTimeout(10_000); @@ -700,7 +701,7 @@ public class CertificateValidationService { private byte[] downloadXml(String urlStr) { HttpURLConnection conn = null; try { - URL url = new URL(urlStr); + URL url = URI.create(urlStr).toURL(); conn = (HttpURLConnection) url.openConnection(); conn.setRequestMethod("GET"); conn.setConnectTimeout(10_000); diff --git a/app/core/src/main/java/stirling/software/SPDF/service/telegram/TelegramPipelineBot.java b/app/core/src/main/java/stirling/software/SPDF/service/telegram/TelegramPipelineBot.java index 798f880a9..89910781b 100644 --- a/app/core/src/main/java/stirling/software/SPDF/service/telegram/TelegramPipelineBot.java +++ b/app/core/src/main/java/stirling/software/SPDF/service/telegram/TelegramPipelineBot.java @@ -82,7 +82,7 @@ public class TelegramPipelineBot extends TelegramLongPollingBot { @PostConstruct public void register() { - if (StringUtils.isAnyBlank(getBotUsername(), getBotToken())) { + if (StringUtils.isAnyBlank(getBotUsername(), this.telegramProperties.getBotToken())) { log.warn("Telegram bot disabled because botToken or botUsername is not configured"); return; } @@ -392,7 +392,7 @@ public class TelegramPipelineBot extends TelegramLongPollingBot { new URI( "https", "api.telegram.org", - "/file/bot" + getBotToken() + "/" + filePath, + "/file/bot" + this.telegramProperties.getBotToken() + "/" + filePath, null); return uri.toURL(); } catch (URISyntaxException e) { @@ -516,9 +516,4 @@ public class TelegramPipelineBot extends TelegramLongPollingBot { public String getBotUsername() { return telegramProperties.getBotUsername(); } - - @Override - public String getBotToken() { - return telegramProperties.getBotToken(); - } } diff --git a/app/core/src/main/resources/static/3rdPartyLicenses.json b/app/core/src/main/resources/static/3rdPartyLicenses.json index 0d76e0d3c..71618c28c 100644 --- a/app/core/src/main/resources/static/3rdPartyLicenses.json +++ b/app/core/src/main/resources/static/3rdPartyLicenses.json @@ -45,98 +45,98 @@ { "moduleName": "com.fasterxml.jackson.core:jackson-annotations", "moduleUrl": "https://github.com/FasterXML/jackson", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.core:jackson-core", "moduleUrl": "https://github.com/FasterXML/jackson-core", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.core:jackson-databind", "moduleUrl": "https://github.com/FasterXML/jackson", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml", "moduleUrl": "https://github.com/FasterXML/jackson-dataformats-text", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.datatype:jackson-datatype-jdk8", "moduleUrl": "https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jdk8", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.datatype:jackson-datatype-jsr310", "moduleUrl": "https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jsr310", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-base", "moduleUrl": "https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-base", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider", "moduleUrl": "https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-json-provider", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.jaxrs:jackson-jaxrs-base", "moduleUrl": "https://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-base", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider", "moduleUrl": "https://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-json-provider", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations", "moduleUrl": "https://github.com/FasterXML/jackson-modules-base", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.module:jackson-module-jaxb-annotations", "moduleUrl": "https://github.com/FasterXML/jackson-modules-base", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.module:jackson-module-parameter-names", "moduleUrl": "https://github.com/FasterXML/jackson-modules-java8/jackson-module-parameter-names", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson:jackson-bom", "moduleUrl": "https://github.com/FasterXML/jackson-bom", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -170,7 +170,7 @@ { "moduleName": "com.github.ben-manes.caffeine:caffeine", "moduleUrl": "https://github.com/ben-manes/caffeine", - "moduleVersion": "3.2.2", + "moduleVersion": "3.2.3", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -210,7 +210,7 @@ { "moduleName": "com.google.errorprone:error_prone_annotations", "moduleUrl": "https://errorprone.info/error_prone_annotations", - "moduleVersion": "2.40.0", + "moduleVersion": "2.43.0", "moduleLicense": "Apache 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -670,14 +670,14 @@ { "moduleName": "io.micrometer:micrometer-commons", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "io.micrometer:micrometer-core", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -691,21 +691,21 @@ { "moduleName": "io.micrometer:micrometer-jakarta9", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "io.micrometer:micrometer-observation", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "io.micrometer:micrometer-registry-prometheus", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -751,13 +751,6 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, - { - "moduleName": "io.swagger.core.v3:swagger-annotations-jakarta", - "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-annotations", - "moduleVersion": "2.2.38", - "moduleLicense": "Apache License, Version 2.0", - "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" - }, { "moduleName": "io.swagger.core.v3:swagger-annotations-jakarta", "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-annotations", @@ -765,13 +758,6 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, - { - "moduleName": "io.swagger.core.v3:swagger-core-jakarta", - "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-core", - "moduleVersion": "2.2.38", - "moduleLicense": "Apache License, Version 2.0", - "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" - }, { "moduleName": "io.swagger.core.v3:swagger-core-jakarta", "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-core", @@ -779,13 +765,6 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, - { - "moduleName": "io.swagger.core.v3:swagger-models-jakarta", - "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-models", - "moduleVersion": "2.2.38", - "moduleLicense": "Apache License, Version 2.0", - "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" - }, { "moduleName": "io.swagger.core.v3:swagger-models-jakarta", "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-models", @@ -1113,7 +1092,7 @@ { "moduleName": "org.apache.tomcat.embed:tomcat-embed-el", "moduleUrl": "https://tomcat.apache.org/", - "moduleVersion": "10.1.48", + "moduleVersion": "10.1.50", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -1140,7 +1119,7 @@ { "moduleName": "org.aspectj:aspectjweaver", "moduleUrl": "https://www.eclipse.org/aspectj/", - "moduleVersion": "1.9.24", + "moduleVersion": "1.9.25.1", "moduleLicense": "Eclipse Public License - v 2.0", "moduleLicenseUrl": "https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.txt" }, @@ -1229,183 +1208,183 @@ { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jakarta-client", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jakarta-common", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jakarta-server", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jetty-server", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-servlet", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-annotations", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-plus", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-servlet", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-servlets", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-webapp", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-core-client", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-core-common", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-core-server", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-jetty-api", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-jetty-common", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-alpn-client", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-client", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-ee", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-http", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-io", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-plus", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-security", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-server", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-session", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-util", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-xml", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { @@ -1551,7 +1530,7 @@ { "moduleName": "org.hibernate.orm:hibernate-core", "moduleUrl": "https://www.hibernate.org/orm/6.6", - "moduleVersion": "6.6.33.Final", + "moduleVersion": "6.6.39.Final", "moduleLicense": "GNU Library General Public License v2.1 or later", "moduleLicenseUrl": "https://www.opensource.org/licenses/LGPL-2.1" }, @@ -1783,179 +1762,179 @@ { "moduleName": "org.snakeyaml:snakeyaml-engine", "moduleUrl": "https://bitbucket.org/snakeyaml/snakeyaml-engine", - "moduleVersion": "2.10", + "moduleVersion": "3.0.1", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "org.springdoc:springdoc-openapi-starter-common", - "moduleVersion": "2.8.14", + "moduleVersion": "2.8.15", "moduleLicense": "The Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "org.springdoc:springdoc-openapi-starter-webmvc-api", - "moduleVersion": "2.8.14", + "moduleVersion": "2.8.15", "moduleLicense": "The Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "org.springdoc:springdoc-openapi-starter-webmvc-ui", - "moduleVersion": "2.8.14", + "moduleVersion": "2.8.15", "moduleLicense": "The Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "org.springframework.boot:spring-boot", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-actuator", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-actuator-autoconfigure", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-autoconfigure", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-devtools", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-actuator", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-aop", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-cache", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-data-jpa", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-jdbc", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-jetty", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-json", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-logging", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-mail", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-oauth2-client", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-security", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-validation", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-web", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.data:spring-data-commons", "moduleUrl": "https://spring.io/projects/spring-data", - "moduleVersion": "3.5.5", + "moduleVersion": "3.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.data:spring-data-jpa", "moduleUrl": "https://projects.spring.io/spring-data-jpa", - "moduleVersion": "3.5.5", + "moduleVersion": "3.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.security:spring-security-config", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, @@ -1966,31 +1945,38 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, + { + "moduleName": "org.springframework.security:spring-security-core", + "moduleUrl": "https://spring.io/projects/spring-security", + "moduleVersion": "6.5.7", + "moduleLicense": "Apache License, Version 2.0", + "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" + }, { "moduleName": "org.springframework.security:spring-security-crypto", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.security:spring-security-oauth2-client", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.security:spring-security-oauth2-core", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.security:spring-security-oauth2-jose", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, @@ -2001,108 +1987,115 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, + { + "moduleName": "org.springframework.security:spring-security-saml2-service-provider", + "moduleUrl": "https://spring.io/projects/spring-security", + "moduleVersion": "6.5.7", + "moduleLicense": "Apache License, Version 2.0", + "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" + }, { "moduleName": "org.springframework.security:spring-security-web", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.session:spring-session-core", "moduleUrl": "https://spring.io/projects/spring-session", - "moduleVersion": "3.5.3", + "moduleVersion": "3.5.4", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-aop", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-aspects", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-beans", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-context", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-context-support", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-core", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-expression", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-jcl", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-jdbc", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-orm", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-tx", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-web", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-webmvc", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, @@ -2166,7 +2159,7 @@ { "moduleName": "org.webjars:swagger-ui", "moduleUrl": "https://www.webjars.org", - "moduleVersion": "5.30.1", + "moduleVersion": "5.31.0", "moduleLicense": "Apache-2.0" }, { @@ -2205,4 +2198,4 @@ "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" } ] -} \ No newline at end of file +} diff --git a/app/proprietary/build.gradle b/app/proprietary/build.gradle index f6bb668c1..29a419d67 100644 --- a/app/proprietary/build.gradle +++ b/app/proprietary/build.gradle @@ -1,5 +1,5 @@ repositories { - maven { url "https://build.shibboleth.net/maven/releases" } + maven { url = "https://build.shibboleth.net/maven/releases" } } ext { diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/controller/api/AuditDashboardController.java b/app/proprietary/src/main/java/stirling/software/proprietary/controller/api/AuditDashboardController.java index 16f860e96..a37d7f7a7 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/controller/api/AuditDashboardController.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/controller/api/AuditDashboardController.java @@ -119,7 +119,7 @@ public class AuditDashboardController { @Schema( description = "Number of days to look back for audit events", example = "7", - required = true) + requiredMode = Schema.RequiredMode.REQUIRED) @RequestParam(value = "days", defaultValue = "7") int days) { diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java index 9ffdeef1e..b4dff413d 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java @@ -5,6 +5,7 @@ import java.security.Principal; import java.sql.SQLException; import java.util.HashMap; import java.util.List; +import java.util.Locale; import java.util.Map; import java.util.Optional; import java.util.UUID; @@ -390,9 +391,19 @@ public class UserController { } } - if (authType.equalsIgnoreCase(AuthenticationType.SSO.toString())) { - userService.saveUser(username, AuthenticationType.SSO, effectiveTeamId, role); + AuthenticationType requestedAuthType; + if ("SSO".equalsIgnoreCase(authType)) { + requestedAuthType = AuthenticationType.OAUTH2; } else { + try { + requestedAuthType = AuthenticationType.valueOf(authType.toUpperCase(Locale.ROOT)); + } catch (IllegalArgumentException e) { + return ResponseEntity.status(HttpStatus.BAD_REQUEST) + .body(Map.of("error", "Invalid authentication type specified.")); + } + } + + if (requestedAuthType == AuthenticationType.WEB) { if (password == null || password.isBlank()) { return ResponseEntity.status(HttpStatus.BAD_REQUEST) .body(Map.of("error", "Password is required.")); @@ -402,6 +413,8 @@ public class UserController { .body(Map.of("error", "Password must be at least 6 characters.")); } userService.saveUser(username, password, effectiveTeamId, role, forceChange); + } else { + userService.saveUser(username, requestedAuthType, effectiveTeamId, role); } return ResponseEntity.ok(Map.of("message", "User created successfully")); } diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java index 36975dc84..08332dd4b 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java @@ -1,9 +1,9 @@ package stirling.software.proprietary.security.oauth2; import static stirling.software.proprietary.security.model.AuthenticationType.OAUTH2; -import static stirling.software.proprietary.security.model.AuthenticationType.SSO; import java.io.IOException; +import java.net.URI; import java.sql.SQLException; import java.util.Map; import java.util.Optional; @@ -114,10 +114,10 @@ public class CustomOAuth2AuthenticationSuccessHandler .sendRedirect(request, response, "/logout?userIsDisabled=true"); return; } + boolean isSsoUser = userService.isSsoAuthenticationTypeByUsername(username); if (userExists && userService.hasPassword(username) - && (!userService.isAuthenticationTypeByUsername(username, SSO) - || !userService.isAuthenticationTypeByUsername(username, OAUTH2)) + && !isSsoUser && oauth2Properties.getAutoCreateUser()) { response.sendRedirect(contextPath + "/logout?oAuth2AuthenticationErrorWeb=true"); return; @@ -259,19 +259,23 @@ public class CustomOAuth2AuthenticationSuccessHandler String referer = request.getHeader("Referer"); if (referer != null && !referer.isEmpty()) { try { - java.net.URL refererUrl = new java.net.URL(referer); - String refererHost = refererUrl.getHost().toLowerCase(); + URI refererUri = URI.create(referer); + String host = refererUri.getHost(); + if (host == null) { + return Optional.empty(); + } + + String refererHost = host.toLowerCase(); if (!isOAuthProviderDomain(refererHost)) { - String origin = refererUrl.getProtocol() + "://" + refererUrl.getHost(); - if (refererUrl.getPort() != -1 - && refererUrl.getPort() != 80 - && refererUrl.getPort() != 443) { - origin += ":" + refererUrl.getPort(); + String origin = refererUri.getScheme() + "://" + host; + int port = refererUri.getPort(); + if (port != -1 && port != 80 && port != 443) { + origin += ":" + port; } return Optional.of(origin); } - } catch (java.net.MalformedURLException e) { + } catch (IllegalArgumentException e) { // ignore and fall back } } diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java index 3c63f1bf4..5f2ce254f 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java @@ -1,9 +1,9 @@ package stirling.software.proprietary.security.saml2; import static stirling.software.proprietary.security.model.AuthenticationType.SAML2; -import static stirling.software.proprietary.security.model.AuthenticationType.SSO; import java.io.IOException; +import java.net.URI; import java.net.URLDecoder; import java.nio.charset.StandardCharsets; import java.sql.SQLException; @@ -126,8 +126,8 @@ public class CustomSaml2AuthenticationSuccessHandler } boolean hasPassword = userExists && userService.hasPassword(username); - boolean isSSOUser = - userExists && userService.isAuthenticationTypeByUsername(username, SSO); + boolean isSsoUser = + userExists && userService.isSsoAuthenticationTypeByUsername(username); boolean isSAML2User = userExists && userService.isAuthenticationTypeByUsername(username, SAML2); @@ -135,15 +135,15 @@ public class CustomSaml2AuthenticationSuccessHandler "User status - Exists: {}, Has password: {}, Is SSO user: {}, Is SAML2 user: {}", userExists, hasPassword, - isSSOUser, + isSsoUser, isSAML2User); if (userExists && hasPassword - && (!isSSOUser || !isSAML2User) + && !isSsoUser && saml2Properties.getAutoCreateUser()) { log.debug( - "User {} exists with password but is not SSO user, redirecting to logout", + "User {} exists with password but is not an SSO user, redirecting to logout", username); String origin = resolveOrigin(request); response.sendRedirect(origin + "/logout?oAuth2AuthenticationErrorWeb=true"); @@ -318,15 +318,18 @@ public class CustomSaml2AuthenticationSuccessHandler String referer = request.getHeader("Referer"); if (referer != null && !referer.isEmpty()) { try { - java.net.URL refererUrl = new java.net.URL(referer); - String origin = refererUrl.getProtocol() + "://" + refererUrl.getHost(); - if (refererUrl.getPort() != -1 - && refererUrl.getPort() != 80 - && refererUrl.getPort() != 443) { - origin += ":" + refererUrl.getPort(); + URI refererUri = URI.create(referer); + String host = refererUri.getHost(); + if (host == null) { + return Optional.empty(); + } + String origin = refererUri.getScheme() + "://" + host; + int port = refererUri.getPort(); + if (port != -1 && port != 80 && port != 443) { + origin += ":" + port; } return Optional.of(origin); - } catch (java.net.MalformedURLException e) { + } catch (IllegalArgumentException e) { log.debug( "Malformed referer URL: {}, falling back to request-based origin", referer); } diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/service/UserService.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/service/UserService.java index fa9a80494..59a19c1e7 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/service/UserService.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/service/UserService.java @@ -600,6 +600,32 @@ public class UserService implements UserServiceInterface { return user.isPresent() && user.get().hasPassword(); } + public boolean isSsoAuthenticationTypeByUsername(String username) { + Optional user = findByUsernameIgnoreCase(username); + if (user.isEmpty()) { + return false; + } + + String authType = user.get().getAuthenticationType(); + if (authType == null) { + return false; + } + + try { + AuthenticationType authenticationType = + AuthenticationType.valueOf(authType.toUpperCase(Locale.ROOT)); + if (authenticationType == AuthenticationType.OAUTH2 + || authenticationType == AuthenticationType.SAML2) { + return true; + } + } catch (IllegalArgumentException ignored) { + // Fall through to legacy string comparison below + } + + // Backward compatibility for legacy "SSO" value without relying on the deprecated enum + return "SSO".equalsIgnoreCase(authType); + } + public boolean isAuthenticationTypeByUsername( String username, AuthenticationType authenticationType) { Optional user = findByUsernameIgnoreCase(username); diff --git a/app/proprietary/src/test/java/stirling/software/proprietary/security/model/UserTest.java b/app/proprietary/src/test/java/stirling/software/proprietary/security/model/UserTest.java index 10ea9be32..f09ae344d 100644 --- a/app/proprietary/src/test/java/stirling/software/proprietary/security/model/UserTest.java +++ b/app/proprietary/src/test/java/stirling/software/proprietary/security/model/UserTest.java @@ -113,10 +113,10 @@ class UserTest { // Use an existing value from your AuthenticationType enum (e.g. OAUTH2/SAML2/DATABASE) // If the name differs, simply adjust below. - AuthenticationType at = AuthenticationType.SSO; + AuthenticationType at = AuthenticationType.OAUTH2; u.setAuthenticationType(at); - assertEquals("sso", u.getAuthenticationType()); + assertEquals("oauth2", u.getAuthenticationType()); } @Test diff --git a/build.gradle b/build.gradle index c6bf2746b..5f44fcd5d 100644 --- a/build.gradle +++ b/build.gradle @@ -2,7 +2,7 @@ plugins { id "java" id "jacoco" id "io.spring.dependency-management" version "1.1.7" - id "org.springframework.boot" version "3.5.7" + id "org.springframework.boot" version "3.5.9" id "org.springdoc.openapi-gradle-plugin" version "1.9.0" id "io.swagger.swaggerhub" version "1.3.2" id "com.diffplug.spotless" version "8.1.0" @@ -18,7 +18,7 @@ import groovy.xml.XmlSlurper import org.gradle.api.tasks.testing.Test ext { - springBootVersion = "3.5.7" + springBootVersion = "3.5.9" pdfboxVersion = "3.0.6" imageioVersion = "3.13.0" lombokVersion = "1.18.42" @@ -102,12 +102,14 @@ def updateSimulationVersion(File fileToUpdate, String version) { writeIfChanged(fileToUpdate, updatedContent) } +def rootProjectRef = project + tasks.register('syncAppVersion') { group = 'versioning' description = 'Synchronizes app version across desktop and simulation configs.' doLast { - def appVersion = project.version.toString() + def appVersion = rootProjectRef.version.toString() println "Synchronizing application version to ${appVersion}" updateTauriConfigVersion(appVersion) @@ -149,18 +151,18 @@ subprojects { repositories { if (!rootProject.ext.mavenUrl.isEmpty()) { maven { - url rootProject.ext.mavenUrl + '/releases' + url = rootProject.ext.mavenUrl + '/releases' credentials(PasswordCredentials) { - username rootProject.ext.username - password rootProject.ext.password + username = rootProject.ext.username + password = rootProject.ext.password } authentication { basic(BasicAuthentication) } - allowInsecureProtocol true + allowInsecureProtocol = true } } - maven { url "https://build.shibboleth.net/maven/releases" } + maven { url = "https://build.shibboleth.net/maven/releases" } mavenCentral() } @@ -397,8 +399,10 @@ tasks.withType(JavaCompile).configureEach { gradle.taskGraph.whenReady { graph -> if (project.hasProperty("noSpotless")) { - tasks.matching { it.name.startsWith("spotless") }.configureEach { - enabled = false + allprojects { scopedProject -> + scopedProject.tasks.matching { it.name.startsWith("spotless") }.configureEach { + enabled = false + } } } }