From 01c160fe2500515db74d6a229c100402de9480db Mon Sep 17 00:00:00 2001
From: "Cezar.Leahu" <cezar.leahu@ness.com>
Date: Wed, 21 Aug 2019 09:48:02 +0300
Subject: [PATCH] ATS-534 : Security - Vulnerability in Quartz - CVE-2019-13990

- publish SNAPSHOT artifacts from the master branch
- exclude quartz dependency from tika-parsers
---
 _ci/build.sh                 | 5 ++++-
 alfresco-docker-tika/pom.xml | 5 +++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/_ci/build.sh b/_ci/build.sh
index 285c1061..0c9c18f9 100644
--- a/_ci/build.sh
+++ b/_ci/build.sh
@@ -8,8 +8,11 @@ pushd "$(dirname "${BASH_SOURCE[0]}")/../"
 # Always build the image, but only publish from the "master" branch
 [ "${TRAVIS_PULL_REQUEST}" = "false" ] && [ "${TRAVIS_BRANCH}" = "master" ] && PROFILE="internal" || PROFILE="local"
 
+# If the branch is "master" and the commit is not a Pull Request then deploy the JAR SNAPSHOT artifacts
+[ "${TRAVIS_PULL_REQUEST}" = "false" ] && [ "${TRAVIS_BRANCH}" = "master" ] && DEPLOY="deploy" || DEPLOY="install"
+
 mvn -B -U \
-    clean install \
+    clean ${DEPLOY} \
     -DadditionalOption=-Xdoclint:none -Dmaven.javadoc.skip=true \
     "-P${PROFILE},docker-it-setup"
 
diff --git a/alfresco-docker-tika/pom.xml b/alfresco-docker-tika/pom.xml
index e797e61c..819b9f42 100644
--- a/alfresco-docker-tika/pom.xml
+++ b/alfresco-docker-tika/pom.xml
@@ -75,6 +75,11 @@
                     <groupId>org.bouncycastle</groupId>
                     <artifactId>bcmail-jdk15on</artifactId>
                 </exclusion>
+                <!-- TODO ATS-534 check transformations not affected by this missing quartz lib -->
+                <exclusion>
+                    <groupId>org.quartz-scheduler</groupId>
+                    <artifactId>quartz</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>