diff --git a/app/common/build.gradle b/app/common/build.gradle index e19b36d466..3cd6bae741 100644 --- a/app/common/build.gradle +++ b/app/common/build.gradle @@ -27,10 +27,10 @@ spotless { } } dependencies { - api 'com.google.guava:guava:33.4.8-jre' + api 'com.google.guava:guava:33.5.0-jre' api 'org.springframework.boot:spring-boot-starter-webmvc' api 'org.springframework.boot:spring-boot-starter-aspectj' - api 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20260102.1' + api 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20260313.1' api 'com.fathzer:javaluator:3.0.6' api 'com.posthog.java:posthog:1.2.0' api 'org.apache.commons:commons-lang3:3.20.0' @@ -43,7 +43,7 @@ dependencies { api 'com.github.junrar:junrar:7.5.8' // RAR archive support for CBR files api 'jakarta.servlet:jakarta.servlet-api:6.1.0' api 'org.snakeyaml:snakeyaml-engine:3.0.1' - api "org.springdoc:springdoc-openapi-starter-webmvc-ui:3.0.1" + api "org.springdoc:springdoc-openapi-starter-webmvc-ui:3.0.2" // Simple Java Mail for EML/MSG parsing (replaces direct Angus Mail usage) api 'org.simplejavamail:simple-java-mail:8.12.6' api 'org.simplejavamail:outlook-module:8.12.6' // MSG file support diff --git a/app/core/build.gradle b/app/core/build.gradle index 48d488b9ab..d3e7fc4993 100644 --- a/app/core/build.gradle +++ b/app/core/build.gradle @@ -66,7 +66,7 @@ dependencies { implementation 'commons-io:commons-io:2.21.0' implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion" implementation "org.bouncycastle:bcpkix-jdk18on:$bouncycastleVersion" - implementation 'io.micrometer:micrometer-core:1.16.2' + implementation 'io.micrometer:micrometer-core' implementation 'com.google.zxing:core:3.5.4' implementation "org.commonmark:commonmark:$commonmarkVersion" // https://mvnrepository.com/artifact/org.commonmark/commonmark implementation "org.commonmark:commonmark-ext-gfm-tables:$commonmarkVersion" @@ -82,7 +82,7 @@ dependencies { // veraPDF still uses javax.xml.bind, not the new jakarta namespace implementation 'javax.xml.bind:jaxb-api:2.3.1' implementation 'com.sun.xml.bind:jaxb-impl:2.3.9' - implementation 'com.sun.xml.bind:jaxb-core:4.0.6' + implementation 'com.sun.xml.bind:jaxb-core:4.0.7' implementation 'org.apache.poi:poi-ooxml:5.5.1' // https://mvnrepository.com/artifact/technology.tabula/tabula diff --git a/app/proprietary/build.gradle b/app/proprietary/build.gradle index e0c294e09a..fb716338d0 100644 --- a/app/proprietary/build.gradle +++ b/app/proprietary/build.gradle @@ -37,7 +37,7 @@ spotless { } dependencies { implementation project(':common') - api 'com.google.guava:guava:33.4.8-jre' + api 'com.google.guava:guava:33.5.0-jre' api 'org.springframework:spring-jdbc' api 'org.springframework:spring-webmvc' @@ -51,8 +51,8 @@ dependencies { api 'org.springframework.boot:spring-boot-starter-mail' api 'org.springframework.boot:spring-boot-starter-cache' api 'com.github.ben-manes.caffeine:caffeine' - api 'io.swagger.core.v3:swagger-core-jakarta:2.2.43' - implementation 'com.bucket4j:bucket4j_jdk17-core:8.16.1' + api 'io.swagger.core.v3:swagger-core-jakarta:2.2.46' + implementation 'com.bucket4j:bucket4j_jdk17-core:8.17.0' // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17 implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion" @@ -62,7 +62,7 @@ dependencies { api "io.jsonwebtoken:jjwt-api:$jwtVersion" runtimeOnly "io.jsonwebtoken:jjwt-impl:$jwtVersion" runtimeOnly "io.jsonwebtoken:jjwt-jackson:$jwtVersion" - runtimeOnly 'com.h2database:h2:2.3.232' // Don't upgrade h2database + runtimeOnly 'com.h2database:h2:2.3.232' // Don't upgrade h2database - file format incompatible with 2.4.x, would break existing user databases runtimeOnly 'org.postgresql:postgresql:42.7.10' implementation('com.coveo:saml-client:5.0.0') { exclude group: 'org.opensaml', module: 'opensaml-core' diff --git a/build.gradle b/build.gradle index 5acd760592..4a319a315f 100644 --- a/build.gradle +++ b/build.gradle @@ -2,13 +2,13 @@ plugins { id "java" id "jacoco" id "io.spring.dependency-management" version "1.1.7" - id "org.springframework.boot" version "4.0.3" + id "org.springframework.boot" version "4.0.5" id "org.springdoc.openapi-gradle-plugin" version "1.9.0" id "io.swagger.swaggerhub" version "1.3.2" - id "com.diffplug.spotless" version "8.1.0" - id "com.github.jk1.dependency-license-report" version "3.0.1" + id "com.diffplug.spotless" version "8.4.0" + id "com.github.jk1.dependency-license-report" version "3.1.1" //id "nebula.lint" version "19.0.3" - id "org.sonarqube" version "7.2.2.6593" + id "org.sonarqube" version "7.2.3.7755" } import com.github.jk1.license.render.* @@ -20,17 +20,17 @@ import org.gradle.api.tasks.testing.Test import org.gradle.jvm.toolchain.JavaLanguageVersion ext { - springBootVersion = "4.0.3" + springBootVersion = "4.0.5" pdfboxVersion = "3.0.7" imageioVersion = "3.13.1" - lombokVersion = "1.18.42" + lombokVersion = "1.18.44" bouncycastleVersion = "1.83" - springSecuritySamlVersion = "7.0.2" + springSecuritySamlVersion = "7.0.4" openSamlVersion = "5.2.1" - commonmarkVersion = "0.27.1" + commonmarkVersion = "0.28.0" googleJavaFormatVersion = "1.28.0" logback = "1.5.32" - junitPlatformVersion = "1.12.2" + // junit-platform-launcher version managed by Spring Boot BOM modernJavaVersion = 21 } @@ -198,6 +198,10 @@ subprojects { imports { mavenBom "org.springframework.boot:spring-boot-dependencies:$springBootVersion" } + dependencies { + // Override BOM-managed commons-lang3 for CVE-2025-48924 fix + dependency 'org.apache.commons:commons-lang3:3.20.0' + } } dependencies { @@ -523,7 +527,7 @@ dependencies { } testImplementation 'org.springframework.boot:spring-boot-starter-test' - testRuntimeOnly "org.junit.platform:junit-platform-launcher:$junitPlatformVersion" + testRuntimeOnly "org.junit.platform:junit-platform-launcher" testImplementation platform("com.squareup.okhttp3:okhttp-bom:5.3.2") testImplementation "com.squareup.okhttp3:mockwebserver" diff --git a/testing/cucumber/features/external.feature b/testing/cucumber/features/external.feature index ba3834eded..bf392d7206 100644 --- a/testing/cucumber/features/external.feature +++ b/testing/cucumber/features/external.feature @@ -251,34 +251,6 @@ Feature: API Validation And the response ZIP should contain 3 files - @ffmpeg @positive @pdftovideo - Scenario: Convert PDF to video (MP4) - Given I generate a PDF file as "fileInput" - And the pdf contains 3 pages with random text - And the request data includes - | parameter | value | - | videoFormat | mp4 | - | fps | 1 | - When I send the API request to the endpoint "/api/v1/convert/pdf/video" - Then the response status code should be 200 - And the response file should have size greater than 1000 - And the response file should have extension ".mp4" - - - @ffmpeg @positive @pdftovideo - Scenario: Convert PDF to video (WebM) - Given I generate a PDF file as "fileInput" - And the pdf contains 2 pages with random text - And the request data includes - | parameter | value | - | videoFormat | webm | - | fps | 2 | - When I send the API request to the endpoint "/api/v1/convert/pdf/video" - Then the response status code should be 200 - And the response file should have size greater than 1000 - And the response file should have extension ".webm" - - @positive @pdftojson Scenario: Convert PDF to JSON (text editor format) Given I generate a PDF file as "fileInput"