inteligr8/alfresco-transform-core
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-transform-core.git synced 2025-05-12 17:04:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

ATS-534 : Security - Vulnerability in Quartz - CVE-2019-13990

Browse Source 
- publish SNAPSHOT artifacts from the master branch
- exclude quartz dependency from tika-parsers
This commit is contained in:
Cezar.Leahu 2019-08-21 09:48:02 +03:00 committed by CezarLeahu
parent 3c977bd914
commit 01c160fe25
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
_ci/build.sh
View File

@ -8,8 +8,11 @@ pushd "$(dirname "${BASH_SOURCE[0]}")/../"
# Always build the image, but only publish from the "master" branch # Always build the image, but only publish from the "master" branch
[ "${TRAVIS_PULL_REQUEST}" = "false" ] && [ "${TRAVIS_BRANCH}" = "master" ] && PROFILE="internal" || PROFILE="local" [ "${TRAVIS_PULL_REQUEST}" = "false" ] && [ "${TRAVIS_BRANCH}" = "master" ] && PROFILE="internal" || PROFILE="local"
# If the branch is "master" and the commit is not a Pull Request then deploy the JAR SNAPSHOT artifacts
[ "${TRAVIS_PULL_REQUEST}" = "false" ] && [ "${TRAVIS_BRANCH}" = "master" ] && DEPLOY="deploy" || DEPLOY="install"
mvn -B -U \ mvn -B -U \
clean install \ clean ${DEPLOY} \
-DadditionalOption=-Xdoclint:none -Dmaven.javadoc.skip=true \ -DadditionalOption=-Xdoclint:none -Dmaven.javadoc.skip=true \
"-P${PROFILE},docker-it-setup" "-P${PROFILE},docker-it-setup"

5
alfresco-docker-tika/pom.xml
View File

@ -75,6 +75,11 @@
<groupId>org.bouncycastle</groupId> <groupId>org.bouncycastle</groupId>
<artifactId>bcmail-jdk15on</artifactId> <artifactId>bcmail-jdk15on</artifactId>
</exclusion> </exclusion>
<!-- TODO ATS-534 check transformations not affected by this missing quartz lib -->
<exclusion>
<groupId>org.quartz-scheduler</groupId>
<artifactId>quartz</artifactId>
</exclusion>
</exclusions> </exclusions>
</dependency> </dependency>