issue_863: removed unused dependencies and am currently resolving cri…

…tical vulnerable dependendcies
nsacyber · Nov 27, 2024 · 028a521 · 028a521
1 parent a57cd09
commit 028a521
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 10 deletions.
diff --git a/HIRS_AttestationCAPortal/build.gradle b/HIRS_AttestationCAPortal/build.gradle
@@ -31,12 +31,9 @@ dependencies {
 
     implementation libs.bouncycastle
     implementation libs.gson
-    implementation libs.guava
     implementation libs.jakarta.persistence.api
-    implementation libs.jakarta.servlet
     implementation libs.jakarta.xml
     implementation libs.log4j.spring.boot
-    implementation libs.mariadb.java.client
 
     // pull the pci dependency and ...
     implementation(libs.pci) {
@@ -49,20 +46,21 @@ dependencies {
     implementation libs.spring.boot.starter.web
     implementation libs.spring.boot.starter.validation
     implementation libs.spring.boot.starter.data.jpa
-    implementation libs.spring.boot.starter.log4j2
-    implementation libs.tomcat.embed.jasper
+    runtimeOnly libs.tomcat.embed.jasper
 
     compileOnly libs.lombok
     annotationProcessor libs.lombok
 
     providedRuntime libs.spring.boot.starter.tomcat
+    runtimeOnly libs.mariadb.java.client
 
     testImplementation libs.junit.jupiter
-    testImplementation libs.hsqldb
     testImplementation libs.spring.boot.starter.test
 
     testCompileOnly libs.lombok
     testAnnotationProcessor libs.lombok
+
+    testRuntimeOnly libs.hsqldb
 }
 
 test {

diff --git a/build.gradle b/build.gradle
@@ -5,15 +5,17 @@ import java.util.concurrent.TimeUnit
 plugins {
     // Apply the application plugin to add support for building a CLI application in Java.
     id 'application'
-    id 'com.github.spotbugs' version '6.0.4' apply false
+    id 'com.autonomousapps.dependency-analysis' version "2.5.0"
     id 'checkstyle'
+    id 'com.github.spotbugs' version "6.0.4" apply false
     id 'java'
 }
 
 // Global checkstyle file
 ext.checkstyleConfigFile = new File(rootDir, "/config/checkstyle/sun_checks.xml")
 
 subprojects {
+    apply plugin: 'com.autonomousapps.dependency-analysis'
     apply plugin: "com.github.spotbugs"
     apply plugin: "java"
     apply plugin: "checkstyle"

diff --git a/gradle/versions.toml b/gradle/versions.toml
@@ -11,7 +11,6 @@ guavaVersion = "33.3.1-jre"
 hibernateCoreVersion = "6.2.32.Final"
 jacksonVersion = "2.18.0"
 jakartaPersistenceApiVersion = "3.2.0"
-jakartaServletVersion = "3.0.0"
 jakartaXmlVersion = "4.0.2"
 jcommanderVersion = "1.85"
 log4jVersion = "2.24.2"
@@ -50,7 +49,6 @@ hibernate-core = { module = "org.hibernate:hibernate-core", version.ref = "hiber
 jackson-core = { module = "com.fasterxml.jackson.core:jackson-core", version.ref = "jacksonVersion" }
 jackson-databind = { module = "com.fasterxml.jackson.core:jackson-databind", version.ref = "jacksonVersion" }
 jakarta-persistence-api = { module = "jakarta.persistence:jakarta.persistence-api", version.ref = "jakartaPersistenceApiVersion" }
-jakarta-servlet = { module = "org.glassfish.web:jakarta.servlet.jsp.jstl", version.ref = "jakartaServletVersion" }
 jakarta-xml = { module = "jakarta.xml.bind:jakarta.xml.bind-api", version.ref = "jakartaXmlVersion" }
 jcommander = { module = "org.jcommander:jcommander", version.ref = "jcommanderVersion" }
 log4j-api = { module = "org.apache.logging.log4j:log4j-api", version.ref = "log4jVersion" }

diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle
@@ -14,7 +14,6 @@ dependencies {
     implementation libs.commons.codec
     implementation libs.glassfish.jakarta.json
     implementation libs.glassfish.jaxb.runtime
-    implementation libs.guava
     implementation libs.hibernate.core
     implementation libs.jcommander
     implementation libs.jackson.databind