diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml new file mode 100644 index 00000000000..e610f12a4ca --- /dev/null +++ b/.github/workflows/vulnerability-scan.yml @@ -0,0 +1,85 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: "Vulnerability Scan" +on: + push: + branches: + - '7.0.x' + - '7.1.x' + - '8.0.x' + schedule: + # Run every Monday at 03:00 UTC + - cron: '0 3 * * 1' + workflow_dispatch: +# Do not scan concurrently; OSS Index has per-account rate limits +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: false +jobs: + scan-grails-core: + name: "OSS Index Scan - grails-core" + runs-on: ubuntu-24.04 + permissions: + contents: read + security-events: write + steps: + - name: "📥 Checkout repository" + uses: actions/checkout@v6 + - name: "☕️ Setup JDK" + uses: actions/setup-java@v4 + with: + distribution: liberica + java-version: 17 + - name: "🐘 Setup Gradle" + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} + - name: "🔍 Run OSS Index Vulnerability Scan" + env: + SONATYPE_GUIDE_USERNAME: ${{ secrets.SONATYPE_GUIDE_USERNAME }} + SONATYPE_GUIDE_TOKEN: ${{ secrets.SONATYPE_GUIDE_TOKEN }} + continue-on-error: true + id: scan + run: ./gradlew ossIndexAudit --continue --info 2>&1 | tee /tmp/ossindex-scan.log; exit ${PIPESTATUS[0]} + - name: "📋 Publish Vulnerability Summary" + if: always() + run: | + echo "## 🔍 OSS Index Vulnerability Scan — grails-core" >> $GITHUB_STEP_SUMMARY + if [ "${{ steps.scan.outcome }}" = "success" ]; then + echo "✅ No vulnerabilities found." >> $GITHUB_STEP_SUMMARY + else + echo "❌ Vulnerabilities detected." >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + awk ' + BEGIN { in_section=0; in_vuln=0 } + { gsub(/\033\[[0-9;]*m/, "") } + /^##\[ossIndexAudit:begin\]/ { in_section=1; next } + /^##\[ossIndexAudit:end\]/ { in_section=0; in_vuln=0; next } + !in_section { next } + /^\[[0-9]+\/[0-9]+\] - pkg:maven\// { + sub(/^\[[0-9]+\/[0-9]+\] - /, "") + if (!seen_coord[$0]++) { print ""; print } + next + } + /^ Vulnerability Title:/ { in_vuln=1; block=$0 "\n"; cve_id=""; next } + in_vuln && /^ CVE:/ { match($0,/CVE-[0-9-]+/); if (RSTART) cve_id=substr($0,RSTART,RLENGTH); block=block $0 "\n"; next } + in_vuln && /^ Reference:/ { block=block $0 "\n"; if (cve_id && !seen_cve[cve_id]++) printf "%s",block; in_vuln=0; next } + in_vuln { block=block $0 "\n" } + ' /tmp/ossindex-scan.log >> $GITHUB_STEP_SUMMARY \ + || echo "(no scan output captured — check the full log)" >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + fi diff --git a/build-logic/plugins/build.gradle b/build-logic/plugins/build.gradle index ef5b010fbd7..629829df4f4 100644 --- a/build-logic/plugins/build.gradle +++ b/build-logic/plugins/build.gradle @@ -38,6 +38,7 @@ dependencies { implementation "${gradleBomDependencies['grails-publish-plugin']}" implementation "org.gradle.crypto.checksum:org.gradle.crypto.checksum.gradle.plugin:${gradleProperties.gradleChecksumPluginVersion}" implementation "org.cyclonedx.bom:org.cyclonedx.bom.gradle.plugin:${gradleProperties.gradleCycloneDxPluginVersion}" + implementation "org.sonatype.gradle.plugins:scan-gradle-plugin:${gradleProperties.sonatypeScanPluginVersion}" } gradlePlugin { @@ -78,5 +79,9 @@ gradlePlugin { id = 'org.apache.grails.buildsrc.dependency-validator' implementationClass = 'org.apache.grails.buildsrc.GrailsDependencyValidatorPlugin' } + register('vulnerabilityScanPlugin') { + id = 'org.apache.grails.buildsrc.vulnerability-scan' + implementationClass = 'org.apache.grails.buildsrc.VulnerabilityScanPlugin' + } } } \ No newline at end of file diff --git a/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy b/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy new file mode 100644 index 00000000000..5bd234c6548 --- /dev/null +++ b/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy @@ -0,0 +1,75 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.grails.buildsrc + +import groovy.transform.CompileStatic + +import org.gradle.api.GradleException +import org.gradle.api.Plugin +import org.gradle.api.Project +import org.sonatype.gradle.plugins.scan.ossindex.OssIndexPluginExtension + +/** + * Convention plugin that configures Sonatype OSS Index / Guide vulnerability scanning. + * + *

Credentials are supplied via environment variables: + *

+ * The {@code ossIndexAudit} task is skipped silently when credentials are absent.

+ */ +@CompileStatic +class VulnerabilityScanPlugin implements Plugin { + + static final String TASK_NAME = 'ossIndexAudit' + + @Override + void apply(Project project) { + project.pluginManager.apply('org.sonatype.gradle.plugins.scan') + + OssIndexPluginExtension extension = project.extensions.getByType(OssIndexPluginExtension) + extension.username = System.getenv('SONATYPE_GUIDE_USERNAME') ?: '' + extension.password = System.getenv('SONATYPE_GUIDE_TOKEN') ?: '' + extension.excludeCoordinates = [ + 'org.hibernate:hibernate-core:5.6.11.Final', + // CVE-2018-14335: Sonatype flags this against all H2 versions; no upstream fix exists. + 'com.h2database:h2:2.4.240', + // CVE-2026-22747: spring-security-web 6.5.10 is the latest available release; no fix exists yet upstream. + // Remove this exclusion once Spring Security releases a patched version and spring-boot.version is bumped. + 'org.springframework.security:spring-security-web:6.5.10', + ] as Set + + project.tasks.named(TASK_NAME) { task -> + task.group = 'verification' + task.description = "Scans ${project.name} runtime dependencies for known vulnerabilities via Sonatype Guide" + task.doFirst { + if (!System.getenv('SONATYPE_GUIDE_TOKEN')) { + throw new GradleException('SONATYPE_GUIDE_TOKEN environment variable is not set. ' + + 'A Sonatype Guide Personal Access Token is required to run the vulnerability scan.') + } + println "##[ossIndexAudit:begin] ${project.path}" + } + task.doLast { + println "##[ossIndexAudit:end] ${project.path}" + } + } + } +} diff --git a/dependencies.gradle b/dependencies.gradle index e1dc53bbb52..ac123683eaf 100644 --- a/dependencies.gradle +++ b/dependencies.gradle @@ -23,6 +23,7 @@ ext { gradleBomDependencyVersions = [ 'ant.version' : '1.10.15', + 'asm.version' : '9.7.1', 'asciidoctor-gradle-jvm.version': '4.0.5', 'asciidoctorj.version' : '3.0.0', 'asset-pipeline-gradle.version' : '5.0.34', @@ -50,6 +51,8 @@ ext { gradleBomDependencies = [ 'ant' : "org.apache.ant:ant:${gradleBomDependencyVersions['ant.version']}", 'ant-junit' : "org.apache.ant:ant-junit:${gradleBomDependencyVersions['ant.version']}", + 'asm' : "org.ow2.asm:asm:${gradleBomDependencyVersions['asm.version']}", + 'asm-util' : "org.ow2.asm:asm-util:${gradleBomDependencyVersions['asm.version']}", 'asciidoctor-gradle-jvm': "org.asciidoctor:asciidoctor-gradle-jvm:${gradleBomDependencyVersions['asciidoctor-gradle-jvm.version']}", 'asciidoctorj' : "org.asciidoctor:asciidoctorj:${gradleBomDependencyVersions['asciidoctorj.version']}", 'asset-pipeline-gradle' : "cloud.wondrify:asset-pipeline-gradle:${gradleBomDependencyVersions['asset-pipeline-gradle.version']}", @@ -67,13 +70,16 @@ ext { ] bomDependencyVersions = [ + 'asm.version' : '9.9.1', 'asset-pipeline-bom.version' : '5.0.34', 'bootstrap-icons.version' : '1.13.1', 'bootstrap.version' : '5.3.8', - 'commons-codec.version' : '1.18.0', + 'commons-codec.version' : '1.19.0', + 'commons-compress.version' : '1.28.0', 'commons-lang3.version' : '3.20.0', 'geb-spock.version' : '8.0.1', 'groovy.version' : '4.0.31', + 'h2.version' : '2.4.240', 'jackson.version' : '2.21.2', 'jquery.version' : '3.7.1', 'hibernate-groovy-proxy.version': '1.1', @@ -83,6 +89,7 @@ ext { 'junit-platform.version' : '1.13.3', 'mongodb.version' : '5.5.2', 'opentelemetry.version' : '1.55.0', + 'plexus-utils.version' : '4.0.3', 'rxjava.version' : '1.3.8', 'rxjava2.version' : '2.2.21', 'rxjava3.version' : '3.1.12', @@ -104,84 +111,89 @@ ext { // Note: the name of the dependency must be the prefix of the property name so properties in the pom are resolved correctly bomDependencies = [ - 'bootstrap' : "org.webjars.npm:bootstrap:${bomDependencyVersions['bootstrap.version']}", - 'bootstrap-icons' : "org.webjars.npm:bootstrap-icons:${bomDependencyVersions['bootstrap-icons.version']}", - 'commons-codec' : "commons-codec:commons-codec:${bomDependencyVersions['commons-codec.version']}", - 'commons-lang3' : "org.apache.commons:commons-lang3:${bomDependencyVersions['commons-lang3.version']}", - 'geb-spock' : "org.apache.groovy.geb:geb-spock:${bomDependencyVersions['geb-spock.version']}", + 'asm' : "org.ow2.asm:asm:${bomDependencyVersions['asm.version']}", + 'asm-util' : "org.ow2.asm:asm-util:${bomDependencyVersions['asm.version']}", + 'bootstrap' : "org.webjars.npm:bootstrap:${bomDependencyVersions['bootstrap.version']}", + 'bootstrap-icons' : "org.webjars.npm:bootstrap-icons:${bomDependencyVersions['bootstrap-icons.version']}", + 'commons-codec' : "commons-codec:commons-codec:${bomDependencyVersions['commons-codec.version']}", + 'commons-compress' : "org.apache.commons:commons-compress:${bomDependencyVersions['commons-compress.version']}", + 'commons-lang3' : "org.apache.commons:commons-lang3:${bomDependencyVersions['commons-lang3.version']}", + 'geb-spock' : "org.apache.groovy.geb:geb-spock:${bomDependencyVersions['geb-spock.version']}", + 'h2' : "com.h2database:h2:${bomDependencyVersions['h2.version']}", // start - restate the groovy-bom includes here because the spring dependency management will pick the library from spring-boot-dependencies otherwise - 'groovy' : "org.apache.groovy:groovy:${bomDependencyVersions['groovy.version']}", - 'groovy-ant' : "org.apache.groovy:groovy-ant:${bomDependencyVersions['groovy.version']}", - 'groovy-astbuilder' : "org.apache.groovy:groovy-astbuilder:${bomDependencyVersions['groovy.version']}", - 'groovy-cli-commons' : "org.apache.groovy:groovy-cli-commons:${bomDependencyVersions['groovy.version']}", - 'groovy-cli-picocli' : "org.apache.groovy:groovy-cli-picocli:${bomDependencyVersions['groovy.version']}", - 'groovy-console' : "org.apache.groovy:groovy-console:${bomDependencyVersions['groovy.version']}", - 'groovy-contracts' : "org.apache.groovy:groovy-contracts:${bomDependencyVersions['groovy.version']}", - 'groovy-datetime' : "org.apache.groovy:groovy-datetime:${bomDependencyVersions['groovy.version']}", - 'groovy-dateutil' : "org.apache.groovy:groovy-dateutil:${bomDependencyVersions['groovy.version']}", - 'groovy-docgenerator' : "org.apache.groovy:groovy-docgenerator:${bomDependencyVersions['groovy.version']}", - 'groovy-ginq' : "org.apache.groovy:groovy-ginq:${bomDependencyVersions['groovy.version']}", - 'groovy-groovydoc' : "org.apache.groovy:groovy-groovydoc:${bomDependencyVersions['groovy.version']}", - 'groovy-groovysh' : "org.apache.groovy:groovy-groovysh:${bomDependencyVersions['groovy.version']}", - 'groovy-jmx' : "org.apache.groovy:groovy-jmx:${bomDependencyVersions['groovy.version']}", - 'groovy-json' : "org.apache.groovy:groovy-json:${bomDependencyVersions['groovy.version']}", - 'groovy-jsr223' : "org.apache.groovy:groovy-jsr223:${bomDependencyVersions['groovy.version']}", - 'groovy-macro' : "org.apache.groovy:groovy-macro:${bomDependencyVersions['groovy.version']}", - 'groovy-macro-library' : "org.apache.groovy:groovy-macro-library:${bomDependencyVersions['groovy.version']}", - 'groovy-nio' : "org.apache.groovy:groovy-nio:${bomDependencyVersions['groovy.version']}", - 'groovy-servlet' : "org.apache.groovy:groovy-servlet:${bomDependencyVersions['groovy.version']}", - 'groovy-sql' : "org.apache.groovy:groovy-sql:${bomDependencyVersions['groovy.version']}", - 'groovy-swing' : "org.apache.groovy:groovy-swing:${bomDependencyVersions['groovy.version']}", - 'groovy-templates' : "org.apache.groovy:groovy-templates:${bomDependencyVersions['groovy.version']}", - 'groovy-test' : "org.apache.groovy:groovy-test:${bomDependencyVersions['groovy.version']}", - 'groovy-test-junit5' : "org.apache.groovy:groovy-test-junit5:${bomDependencyVersions['groovy.version']}", - 'groovy-testng' : "org.apache.groovy:groovy-testng:${bomDependencyVersions['groovy.version']}", - 'groovy-toml' : "org.apache.groovy:groovy-toml:${bomDependencyVersions['groovy.version']}", - 'groovy-typecheckers' : "org.apache.groovy:groovy-typecheckers:${bomDependencyVersions['groovy.version']}", - 'groovy-xml' : "org.apache.groovy:groovy-xml:${bomDependencyVersions['groovy.version']}", - 'groovy-yaml' : "org.apache.groovy:groovy-yaml:${bomDependencyVersions['groovy.version']}", + 'groovy' : "org.apache.groovy:groovy:${bomDependencyVersions['groovy.version']}", + 'groovy-ant' : "org.apache.groovy:groovy-ant:${bomDependencyVersions['groovy.version']}", + 'groovy-astbuilder' : "org.apache.groovy:groovy-astbuilder:${bomDependencyVersions['groovy.version']}", + 'groovy-cli-commons' : "org.apache.groovy:groovy-cli-commons:${bomDependencyVersions['groovy.version']}", + 'groovy-cli-picocli' : "org.apache.groovy:groovy-cli-picocli:${bomDependencyVersions['groovy.version']}", + 'groovy-console' : "org.apache.groovy:groovy-console:${bomDependencyVersions['groovy.version']}", + 'groovy-contracts' : "org.apache.groovy:groovy-contracts:${bomDependencyVersions['groovy.version']}", + 'groovy-datetime' : "org.apache.groovy:groovy-datetime:${bomDependencyVersions['groovy.version']}", + 'groovy-dateutil' : "org.apache.groovy:groovy-dateutil:${bomDependencyVersions['groovy.version']}", + 'groovy-docgenerator' : "org.apache.groovy:groovy-docgenerator:${bomDependencyVersions['groovy.version']}", + 'groovy-ginq' : "org.apache.groovy:groovy-ginq:${bomDependencyVersions['groovy.version']}", + 'groovy-groovydoc' : "org.apache.groovy:groovy-groovydoc:${bomDependencyVersions['groovy.version']}", + 'groovy-groovysh' : "org.apache.groovy:groovy-groovysh:${bomDependencyVersions['groovy.version']}", + 'groovy-jmx' : "org.apache.groovy:groovy-jmx:${bomDependencyVersions['groovy.version']}", + 'groovy-json' : "org.apache.groovy:groovy-json:${bomDependencyVersions['groovy.version']}", + 'groovy-jsr223' : "org.apache.groovy:groovy-jsr223:${bomDependencyVersions['groovy.version']}", + 'groovy-macro' : "org.apache.groovy:groovy-macro:${bomDependencyVersions['groovy.version']}", + 'groovy-macro-library' : "org.apache.groovy:groovy-macro-library:${bomDependencyVersions['groovy.version']}", + 'groovy-nio' : "org.apache.groovy:groovy-nio:${bomDependencyVersions['groovy.version']}", + 'groovy-servlet' : "org.apache.groovy:groovy-servlet:${bomDependencyVersions['groovy.version']}", + 'groovy-sql' : "org.apache.groovy:groovy-sql:${bomDependencyVersions['groovy.version']}", + 'groovy-swing' : "org.apache.groovy:groovy-swing:${bomDependencyVersions['groovy.version']}", + 'groovy-templates' : "org.apache.groovy:groovy-templates:${bomDependencyVersions['groovy.version']}", + 'groovy-test' : "org.apache.groovy:groovy-test:${bomDependencyVersions['groovy.version']}", + 'groovy-test-junit5' : "org.apache.groovy:groovy-test-junit5:${bomDependencyVersions['groovy.version']}", + 'groovy-testng' : "org.apache.groovy:groovy-testng:${bomDependencyVersions['groovy.version']}", + 'groovy-toml' : "org.apache.groovy:groovy-toml:${bomDependencyVersions['groovy.version']}", + 'groovy-typecheckers' : "org.apache.groovy:groovy-typecheckers:${bomDependencyVersions['groovy.version']}", + 'groovy-xml' : "org.apache.groovy:groovy-xml:${bomDependencyVersions['groovy.version']}", + 'groovy-yaml' : "org.apache.groovy:groovy-yaml:${bomDependencyVersions['groovy.version']}", // end - restate the groovy-bom here because the spring dependency management - 'jquery' : "org.webjars.npm:jquery:${bomDependencyVersions['jquery.version']}", + 'jquery' : "org.webjars.npm:jquery:${bomDependencyVersions['jquery.version']}", // start - boot & selenium conflict, so pin the version we want (newest) - 'jakarta-servlet-api' : "jakarta.servlet:jakarta.servlet-api:${bomDependencyVersions['jakarta-servlet-api.version']}", - 'jakarta-validation-api' : "jakarta.validation:jakarta.validation-api:${bomDependencyVersions['jakarta-validation-api.version']}", + 'jakarta-servlet-api' : "jakarta.servlet:jakarta.servlet-api:${bomDependencyVersions['jakarta-servlet-api.version']}", + 'jakarta-validation-api' : "jakarta.validation:jakarta.validation-api:${bomDependencyVersions['jakarta-validation-api.version']}", // end - boot & selenium conflict, so pin the version we want (newest) // start - boot & spock conflict, so pin the version we want (newest) - 'junit-jupiter' : "org.junit.jupiter:junit-jupiter:${bomDependencyVersions['junit.version']}", - 'junit-jupiter-api' : "org.junit.jupiter:junit-jupiter-api:${bomDependencyVersions['junit.version']}", - 'junit-jupiter-engine' : "org.junit.jupiter:junit-jupiter-engine:${bomDependencyVersions['junit.version']}", - 'junit-jupiter-params' : "org.junit.jupiter:junit-jupiter-params:${bomDependencyVersions['junit.version']}", - 'junit-platform-commons' : "org.junit.platform:junit-platform-commons:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-engine' : "org.junit.platform:junit-platform-engine:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-launcher' : "org.junit.platform:junit-platform-launcher:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-runner' : "org.junit.platform:junit-platform-runner:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-suite' : "org.junit.platform:junit-platform-suite:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-suite-api' : "org.junit.platform:junit-platform-suite-api:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-suite-commons': "org.junit.platform:junit-platform-suite-commons:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-suite-engine' : "org.junit.platform:junit-platform-suite-engine:${bomDependencyVersions['junit-platform.version']}", + 'junit-jupiter' : "org.junit.jupiter:junit-jupiter:${bomDependencyVersions['junit.version']}", + 'junit-jupiter-api' : "org.junit.jupiter:junit-jupiter-api:${bomDependencyVersions['junit.version']}", + 'junit-jupiter-engine' : "org.junit.jupiter:junit-jupiter-engine:${bomDependencyVersions['junit.version']}", + 'junit-jupiter-params' : "org.junit.jupiter:junit-jupiter-params:${bomDependencyVersions['junit.version']}", + 'junit-platform-commons' : "org.junit.platform:junit-platform-commons:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-engine' : "org.junit.platform:junit-platform-engine:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-launcher' : "org.junit.platform:junit-platform-launcher:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-runner' : "org.junit.platform:junit-platform-runner:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-suite' : "org.junit.platform:junit-platform-suite:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-suite-api' : "org.junit.platform:junit-platform-suite-api:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-suite-commons' : "org.junit.platform:junit-platform-suite-commons:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-suite-engine' : "org.junit.platform:junit-platform-suite-engine:${bomDependencyVersions['junit-platform.version']}", // end - boot & spock conflict, so pin the version we want (newest) - 'hibernate-groovy-proxy' : "org.yakworks:hibernate-groovy-proxy:${bomDependencyVersions['hibernate-groovy-proxy.version']}", - 'mongodb-bson' : "org.mongodb:bson:${bomDependencyVersions['mongodb.version']}", - 'mongodb-driver-core' : "org.mongodb:mongodb-driver-core:${bomDependencyVersions['mongodb.version']}", - 'mongodb-driver-sync' : "org.mongodb:mongodb-driver-sync:${bomDependencyVersions['mongodb.version']}", - 'mongodb-record-codec' : "org.mongodb:bson-record-codec:${bomDependencyVersions['mongodb.version']}", + 'hibernate-groovy-proxy' : "org.yakworks:hibernate-groovy-proxy:${bomDependencyVersions['hibernate-groovy-proxy.version']}", + 'mongodb-bson' : "org.mongodb:bson:${bomDependencyVersions['mongodb.version']}", + 'mongodb-driver-core' : "org.mongodb:mongodb-driver-core:${bomDependencyVersions['mongodb.version']}", + 'mongodb-driver-sync' : "org.mongodb:mongodb-driver-sync:${bomDependencyVersions['mongodb.version']}", + 'mongodb-record-codec' : "org.mongodb:bson-record-codec:${bomDependencyVersions['mongodb.version']}", // start - pin opentelemetry to prevent bom conflicts - 'opentelemetry-api' : "io.opentelemetry:opentelemetry-api:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-context' : "io.opentelemetry:opentelemetry-context:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-exporter-logging' : "io.opentelemetry:opentelemetry-exporter-logging:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk' : "io.opentelemetry:opentelemetry-sdk:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-common' : "io.opentelemetry:opentelemetry-sdk-common:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-trace' : "io.opentelemetry:opentelemetry-sdk-trace:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-metrics' : "io.opentelemetry:opentelemetry-sdk-metrics:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-logs' : "io.opentelemetry:opentelemetry-sdk-logs:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-extension-autoconfigure-spi' : "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure-spi:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-extension-autoconfigure' : "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-api' : "io.opentelemetry:opentelemetry-api:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-context' : "io.opentelemetry:opentelemetry-context:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-exporter-logging' : "io.opentelemetry:opentelemetry-exporter-logging:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk' : "io.opentelemetry:opentelemetry-sdk:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-common' : "io.opentelemetry:opentelemetry-sdk-common:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-trace' : "io.opentelemetry:opentelemetry-sdk-trace:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-metrics' : "io.opentelemetry:opentelemetry-sdk-metrics:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-logs' : "io.opentelemetry:opentelemetry-sdk-logs:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-extension-autoconfigure-spi': "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure-spi:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-extension-autoconfigure' : "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure:${bomDependencyVersions['opentelemetry.version']}", // end - pin opentelemetry to prevent bom conflicts - 'rxjava' : "io.reactivex:rxjava:${bomDependencyVersions['rxjava.version']}", - 'rxjava2' : "io.reactivex.rxjava2:rxjava:${bomDependencyVersions['rxjava2.version']}", - 'rxjava3' : "io.reactivex.rxjava3:rxjava:${bomDependencyVersions['rxjava3.version']}", - 'sitemesh' : "opensymphony:sitemesh:${bomDependencyVersions['sitemesh.version']}", - 'starter-sitemesh' : "org.sitemesh:spring-boot-starter-sitemesh:${bomDependencyVersions['starter-sitemesh.version']}", + 'plexus-utils' : "org.codehaus.plexus:plexus-utils:${bomDependencyVersions['plexus-utils.version']}", + 'rxjava' : "io.reactivex:rxjava:${bomDependencyVersions['rxjava.version']}", + 'rxjava2' : "io.reactivex.rxjava2:rxjava:${bomDependencyVersions['rxjava2.version']}", + 'rxjava3' : "io.reactivex.rxjava3:rxjava:${bomDependencyVersions['rxjava3.version']}", + 'sitemesh' : "opensymphony:sitemesh:${bomDependencyVersions['sitemesh.version']}", + 'starter-sitemesh' : "org.sitemesh:spring-boot-starter-sitemesh:${bomDependencyVersions['starter-sitemesh.version']}", ] // Because pom exclusions aren't properly supported by gradle, we can't inherit the grails-gradle-bom @@ -219,14 +231,11 @@ ext { else if (project.name == 'grails-micronaut-bom') { customBomVersions = [ 'javaparser-core.version': '3.27.0', // micronaut requires 3.27, groovy 4 ships with 3.28 but is compatible with 3.27 - 'asm.version' : '9.9.1', 'guava.version' : '33.5.0-jre', ] combinedVersions += customBomVersions customBomDependencies = [ 'javaparser-core': "com.github.javaparser:javaparser-core:${combinedVersions['javaparser-core.version']}", - 'asm' : "org.ow2.asm:asm:${combinedVersions['asm.version']}", - 'asm-util' : "org.ow2.asm:asm-util:${combinedVersions['asm.version']}", 'guava' : "com.google.guava:guava:${combinedVersions['guava.version']}", ] combinedDependencies += customBomDependencies diff --git a/gradle.properties b/gradle.properties index a6f90611004..3bb6baf33f3 100644 --- a/gradle.properties +++ b/gradle.properties @@ -68,6 +68,7 @@ micronautSerdeJacksonVersion=2.11.0 # build dependencies for code quality checks checkstyleVersion=11.0.0 codenarcVersion=3.6.0-groovy-4.0 +sonatypeScanPluginVersion=3.1.5 # This prevents the Grails Gradle Plugin from unnecessarily excluding slf4j-simple in the generated POMs # https://github.com/apache/grails-gradle-plugin/issues/222 diff --git a/grails-async/core/build.gradle b/grails-async/core/build.gradle index cee4816f2ea..eba15cd9b82 100644 --- a/grails-async/core/build.gradle +++ b/grails-async/core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/gpars/build.gradle b/grails-async/gpars/build.gradle index 8c8d001b266..0624a31414c 100644 --- a/grails-async/gpars/build.gradle +++ b/grails-async/gpars/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/plugin/build.gradle b/grails-async/plugin/build.gradle index b7f0f7188cb..93eda319e9d 100644 --- a/grails-async/plugin/build.gradle +++ b/grails-async/plugin/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/rxjava/build.gradle b/grails-async/rxjava/build.gradle index 0bc5e0a8c71..efc6065e810 100644 --- a/grails-async/rxjava/build.gradle +++ b/grails-async/rxjava/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/rxjava2/build.gradle b/grails-async/rxjava2/build.gradle index 1e3d564320a..b07962ed487 100644 --- a/grails-async/rxjava2/build.gradle +++ b/grails-async/rxjava2/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/rxjava3/build.gradle b/grails-async/rxjava3/build.gradle index d5c36cb6f4b..7f02f49a634 100644 --- a/grails-async/rxjava3/build.gradle +++ b/grails-async/rxjava3/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-bootstrap/build.gradle b/grails-bootstrap/build.gradle index bda613d68db..88d9bbebcb0 100644 --- a/grails-bootstrap/build.gradle +++ b/grails-bootstrap/build.gradle @@ -28,6 +28,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-cache/build.gradle b/grails-cache/build.gradle index 9d607d16ca0..54367fbd625 100644 --- a/grails-cache/build.gradle +++ b/grails-cache/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-codecs-core/build.gradle b/grails-codecs-core/build.gradle index b3b27849130..bec14665aa2 100644 --- a/grails-codecs-core/build.gradle +++ b/grails-codecs-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-codecs/build.gradle b/grails-codecs/build.gradle index d30dbe2deee..783444be526 100644 --- a/grails-codecs/build.gradle +++ b/grails-codecs/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-common/build.gradle b/grails-common/build.gradle index 87ae157af90..28d74b517c5 100644 --- a/grails-common/build.gradle +++ b/grails-common/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-console/build.gradle b/grails-console/build.gradle index 5f6000c2e53..6c334326b65 100644 --- a/grails-console/build.gradle +++ b/grails-console/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-controllers/build.gradle b/grails-controllers/build.gradle index ca0a0125420..7aa95fb3b9c 100644 --- a/grails-controllers/build.gradle +++ b/grails-controllers/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-converters/build.gradle b/grails-converters/build.gradle index 2df6da086b2..a89bc876fa1 100644 --- a/grails-converters/build.gradle +++ b/grails-converters/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-core/build.gradle b/grails-core/build.gradle index b7e1717a4e7..c6a71a32c03 100644 --- a/grails-core/build.gradle +++ b/grails-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-hibernate5/boot-plugin/build.gradle b/grails-data-hibernate5/boot-plugin/build.gradle index 65ecb9e8853..5b4d6540a4a 100644 --- a/grails-data-hibernate5/boot-plugin/build.gradle +++ b/grails-data-hibernate5/boot-plugin/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-hibernate5/core/build.gradle b/grails-data-hibernate5/core/build.gradle index 60e57020866..73104d30f90 100644 --- a/grails-data-hibernate5/core/build.gradle +++ b/grails-data-hibernate5/core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-hibernate5/dbmigration/build.gradle b/grails-data-hibernate5/dbmigration/build.gradle index c4f5c80f2f2..f23e7ad8f1b 100644 --- a/grails-data-hibernate5/dbmigration/build.gradle +++ b/grails-data-hibernate5/dbmigration/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-hibernate5/grails-plugin/build.gradle b/grails-data-hibernate5/grails-plugin/build.gradle index 22fd52fe58e..368edbdde89 100644 --- a/grails-data-hibernate5/grails-plugin/build.gradle +++ b/grails-data-hibernate5/grails-plugin/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/boot-plugin/build.gradle b/grails-data-mongodb/boot-plugin/build.gradle index 7496dd6670c..1bbf7364941 100644 --- a/grails-data-mongodb/boot-plugin/build.gradle +++ b/grails-data-mongodb/boot-plugin/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/bson/build.gradle b/grails-data-mongodb/bson/build.gradle index 1ac2663ee71..d92fe25e879 100644 --- a/grails-data-mongodb/bson/build.gradle +++ b/grails-data-mongodb/bson/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/core/build.gradle b/grails-data-mongodb/core/build.gradle index f080478090f..c740300e19e 100644 --- a/grails-data-mongodb/core/build.gradle +++ b/grails-data-mongodb/core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/ext/build.gradle b/grails-data-mongodb/ext/build.gradle index f8271315be4..ef4e84ba270 100644 --- a/grails-data-mongodb/ext/build.gradle +++ b/grails-data-mongodb/ext/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/grails-plugin/build.gradle b/grails-data-mongodb/grails-plugin/build.gradle index 1ace1bc70db..f595bf31c99 100644 --- a/grails-data-mongodb/grails-plugin/build.gradle +++ b/grails-data-mongodb/grails-plugin/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/gson-templates/build.gradle b/grails-data-mongodb/gson-templates/build.gradle index 445f6f36760..926cb7829d5 100644 --- a/grails-data-mongodb/gson-templates/build.gradle +++ b/grails-data-mongodb/gson-templates/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-simple/build.gradle b/grails-data-simple/build.gradle index 22567f865ca..d796d478a0f 100644 --- a/grails-data-simple/build.gradle +++ b/grails-data-simple/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-databinding-core/build.gradle b/grails-databinding-core/build.gradle index be9a2092619..15c2cd1272a 100644 --- a/grails-databinding-core/build.gradle +++ b/grails-databinding-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-databinding/build.gradle b/grails-databinding/build.gradle index 06d19e9aa13..9487e8103ff 100644 --- a/grails-databinding/build.gradle +++ b/grails-databinding/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-async/build.gradle b/grails-datamapping-async/build.gradle index a2731948935..a8572029e00 100644 --- a/grails-datamapping-async/build.gradle +++ b/grails-datamapping-async/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-core-test/build.gradle b/grails-datamapping-core-test/build.gradle index cf4d0f1cb8e..cc6fac20366 100644 --- a/grails-datamapping-core-test/build.gradle +++ b/grails-datamapping-core-test/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-datamapping-core/build.gradle b/grails-datamapping-core/build.gradle index 9eb9a7412ce..88c14d6cadd 100644 --- a/grails-datamapping-core/build.gradle +++ b/grails-datamapping-core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-rx/build.gradle b/grails-datamapping-rx/build.gradle index 202e1839028..b3a85ac7114 100644 --- a/grails-datamapping-rx/build.gradle +++ b/grails-datamapping-rx/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-support/build.gradle b/grails-datamapping-support/build.gradle index 95656e2b87d..7f2803d780b 100644 --- a/grails-datamapping-support/build.gradle +++ b/grails-datamapping-support/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-tck/build.gradle b/grails-datamapping-tck/build.gradle index 15e7de95097..a9376b36429 100644 --- a/grails-datamapping-tck/build.gradle +++ b/grails-datamapping-tck/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-validation/build.gradle b/grails-datamapping-validation/build.gradle index 0748bcffd95..5996e15a4b8 100644 --- a/grails-datamapping-validation/build.gradle +++ b/grails-datamapping-validation/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datasource/build.gradle b/grails-datasource/build.gradle index 4f352431f1d..cb8a6b77f68 100644 --- a/grails-datasource/build.gradle +++ b/grails-datasource/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datastore-async/build.gradle b/grails-datastore-async/build.gradle index 68f9ed6685b..cd4e915fd5c 100644 --- a/grails-datastore-async/build.gradle +++ b/grails-datastore-async/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datastore-core/build.gradle b/grails-datastore-core/build.gradle index 8750516d37a..a93ba481aab 100644 --- a/grails-datastore-core/build.gradle +++ b/grails-datastore-core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datastore-web/build.gradle b/grails-datastore-web/build.gradle index 138497f193b..94f3fe44dc2 100644 --- a/grails-datastore-web/build.gradle +++ b/grails-datastore-web/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-dependencies/assets/build.gradle b/grails-dependencies/assets/build.gradle index 12f33ab1af6..7c4bb8ad986 100644 --- a/grails-dependencies/assets/build.gradle +++ b/grails-dependencies/assets/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-dependencies/starter-web/build.gradle b/grails-dependencies/starter-web/build.gradle index 46f99f7d155..d06d761c0de 100644 --- a/grails-dependencies/starter-web/build.gradle +++ b/grails-dependencies/starter-web/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-dependencies/test/build.gradle b/grails-dependencies/test/build.gradle index 17301eab91d..c8554c8013f 100644 --- a/grails-dependencies/test/build.gradle +++ b/grails-dependencies/test/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-domain-class/build.gradle b/grails-domain-class/build.gradle index 64016a6fee7..e63d12c4936 100644 --- a/grails-domain-class/build.gradle +++ b/grails-domain-class/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-encoder/build.gradle b/grails-encoder/build.gradle index 5cb654cd2f1..04a00a4e9c9 100644 --- a/grails-encoder/build.gradle +++ b/grails-encoder/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/compat/build.gradle b/grails-events/compat/build.gradle index 859b1f005a0..509b6332598 100644 --- a/grails-events/compat/build.gradle +++ b/grails-events/compat/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/core/build.gradle b/grails-events/core/build.gradle index 0c68efd5606..77cb9ee24ee 100644 --- a/grails-events/core/build.gradle +++ b/grails-events/core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/gpars/build.gradle b/grails-events/gpars/build.gradle index ad365eceee4..ddb9929a8ec 100644 --- a/grails-events/gpars/build.gradle +++ b/grails-events/gpars/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/plugin/build.gradle b/grails-events/plugin/build.gradle index bd69e5ebb68..800aa51c48b 100644 --- a/grails-events/plugin/build.gradle +++ b/grails-events/plugin/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/rxjava/build.gradle b/grails-events/rxjava/build.gradle index 312477fefae..b42e91631fe 100644 --- a/grails-events/rxjava/build.gradle +++ b/grails-events/rxjava/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/rxjava2/build.gradle b/grails-events/rxjava2/build.gradle index 5a107dd9241..c50775cfeaa 100644 --- a/grails-events/rxjava2/build.gradle +++ b/grails-events/rxjava2/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/rxjava3/build.gradle b/grails-events/rxjava3/build.gradle index efca93c18dd..933e56af507 100644 --- a/grails-events/rxjava3/build.gradle +++ b/grails-events/rxjava3/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/spring/build.gradle b/grails-events/spring/build.gradle index c568f926238..5c67fb2df0e 100644 --- a/grails-events/spring/build.gradle +++ b/grails-events/spring/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/transforms/build.gradle b/grails-events/transforms/build.gradle index 778980c0951..1102766e4d6 100644 --- a/grails-events/transforms/build.gradle +++ b/grails-events/transforms/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-fields/build.gradle b/grails-fields/build.gradle index 1ed72931b9b..db758074712 100644 --- a/grails-fields/build.gradle +++ b/grails-fields/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-forge/gradle.properties b/grails-forge/gradle.properties index e0adeeda0be..65c636dd929 100644 --- a/grails-forge/gradle.properties +++ b/grails-forge/gradle.properties @@ -29,7 +29,7 @@ antVersion=1.10.15 antlr4Version=4.8-1!! asciidoctorGradleJvmVersion=4.0.4 cglibVersion=3.3.0 -commonsCompressVersion=1.27.1 +commonsCompressVersion=1.28.0 gradleSdkvendorPluginVersion=3.0.0 groovyVersion=3.0.25 jacksonDatabindVersion=2.18.3 diff --git a/grails-geb/build.gradle b/grails-geb/build.gradle index 22f6a9253e3..8367d3490f1 100644 --- a/grails-geb/build.gradle +++ b/grails-geb/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gradle/model/build.gradle b/grails-gradle/model/build.gradle index 76e45ba9fd4..de0741a3354 100644 --- a/grails-gradle/model/build.gradle +++ b/grails-gradle/model/build.gradle @@ -48,6 +48,10 @@ dependencies { compileOnly 'org.codehaus.groovy:groovy' compileOnly 'org.codehaus.groovy:groovy-xml' + // Use explicit ASM instead of groovyjarjarasm to support Java 17+ class files (major version 61+). + // api scope is required so Groovy's type checker can resolve ASM references when compiling dependents. + api 'org.ow2.asm:asm' + testImplementation 'org.codehaus.groovy:groovy-test-junit5' testImplementation 'org.junit.jupiter:junit-jupiter-api' testImplementation 'org.junit.platform:junit-platform-runner' diff --git a/grails-gradle/model/src/main/groovy/org/grails/io/support/MainClassFinder.groovy b/grails-gradle/model/src/main/groovy/org/grails/io/support/MainClassFinder.groovy index 10e93542513..797c4e13f4e 100644 --- a/grails-gradle/model/src/main/groovy/org/grails/io/support/MainClassFinder.groovy +++ b/grails-gradle/model/src/main/groovy/org/grails/io/support/MainClassFinder.groovy @@ -24,11 +24,11 @@ import java.util.concurrent.ConcurrentHashMap import groovy.transform.CompileStatic -import groovyjarjarasm.asm.ClassReader -import groovyjarjarasm.asm.ClassVisitor -import groovyjarjarasm.asm.MethodVisitor -import groovyjarjarasm.asm.Opcodes -import groovyjarjarasm.asm.Type +import org.objectweb.asm.ClassReader +import org.objectweb.asm.ClassVisitor +import org.objectweb.asm.MethodVisitor +import org.objectweb.asm.Opcodes +import org.objectweb.asm.Type import grails.util.BuildSettings diff --git a/grails-gsp/core/build.gradle b/grails-gsp/core/build.gradle index e55a044be70..0622e83d44d 100644 --- a/grails-gsp/core/build.gradle +++ b/grails-gsp/core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-layout/build.gradle b/grails-gsp/grails-layout/build.gradle index 32eb8c13c35..d3c86c42b76 100644 --- a/grails-gsp/grails-layout/build.gradle +++ b/grails-gsp/grails-layout/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-sitemesh3/build.gradle b/grails-gsp/grails-sitemesh3/build.gradle index 84fc041967a..8c46fda4a60 100644 --- a/grails-gsp/grails-sitemesh3/build.gradle +++ b/grails-gsp/grails-sitemesh3/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-taglib/build.gradle b/grails-gsp/grails-taglib/build.gradle index 55c91cfe45a..4dae8b1eed2 100644 --- a/grails-gsp/grails-taglib/build.gradle +++ b/grails-gsp/grails-taglib/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-web-gsp-taglib/build.gradle b/grails-gsp/grails-web-gsp-taglib/build.gradle index 869592160cd..cb74fc9bbdf 100644 --- a/grails-gsp/grails-web-gsp-taglib/build.gradle +++ b/grails-gsp/grails-web-gsp-taglib/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-web-gsp/build.gradle b/grails-gsp/grails-web-gsp/build.gradle index f9df4c2edd1..acaa9787b5b 100644 --- a/grails-gsp/grails-web-gsp/build.gradle +++ b/grails-gsp/grails-web-gsp/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-web-jsp/build.gradle b/grails-gsp/grails-web-jsp/build.gradle index 77760958190..dded152454f 100644 --- a/grails-gsp/grails-web-jsp/build.gradle +++ b/grails-gsp/grails-web-jsp/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-web-taglib/build.gradle b/grails-gsp/grails-web-taglib/build.gradle index a69196b1140..f2ee5003726 100644 --- a/grails-gsp/grails-web-taglib/build.gradle +++ b/grails-gsp/grails-web-taglib/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/plugin/build.gradle b/grails-gsp/plugin/build.gradle index 767a130825b..19fca66d3e7 100644 --- a/grails-gsp/plugin/build.gradle +++ b/grails-gsp/plugin/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-i18n/build.gradle b/grails-i18n/build.gradle index 4ef4fa48b5a..5073745a32d 100644 --- a/grails-i18n/build.gradle +++ b/grails-i18n/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-interceptors/build.gradle b/grails-interceptors/build.gradle index 8d7806a80b9..2b66bbe082d 100644 --- a/grails-interceptors/build.gradle +++ b/grails-interceptors/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-logging/build.gradle b/grails-logging/build.gradle index 4925b3cd928..7a6c536e185 100644 --- a/grails-logging/build.gradle +++ b/grails-logging/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-mimetypes/build.gradle b/grails-mimetypes/build.gradle index e315c0a354b..d9ccfbd1ae3 100644 --- a/grails-mimetypes/build.gradle +++ b/grails-mimetypes/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-rest-transforms/build.gradle b/grails-rest-transforms/build.gradle index 66866262d2e..0d56921af4b 100644 --- a/grails-rest-transforms/build.gradle +++ b/grails-rest-transforms/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-scaffolding/build.gradle b/grails-scaffolding/build.gradle index fad0812a90b..9409a2efa72 100644 --- a/grails-scaffolding/build.gradle +++ b/grails-scaffolding/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-services/build.gradle b/grails-services/build.gradle index 963ca7642d3..a1679ec8285 100644 --- a/grails-services/build.gradle +++ b/grails-services/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-shell-cli/build.gradle b/grails-shell-cli/build.gradle index f2da812af0a..235806694dd 100644 --- a/grails-shell-cli/build.gradle +++ b/grails-shell-cli/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-spring/build.gradle b/grails-spring/build.gradle index 043dd683e5f..757547a2c1a 100644 --- a/grails-spring/build.gradle +++ b/grails-spring/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-test-core/build.gradle b/grails-test-core/build.gradle index ef3e32d6426..f2a76689947 100644 --- a/grails-test-core/build.gradle +++ b/grails-test-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-test-examples/app1/build.gradle b/grails-test-examples/app1/build.gradle index 1076caa2e38..194599ddbe2 100644 --- a/grails-test-examples/app1/build.gradle +++ b/grails-test-examples/app1/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/app2/build.gradle b/grails-test-examples/app2/build.gradle index d0cfa927b37..4f3fc4e6ea2 100644 --- a/grails-test-examples/app2/build.gradle +++ b/grails-test-examples/app2/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/app3/build.gradle b/grails-test-examples/app3/build.gradle index 7f0d993c37a..ccfb022a714 100644 --- a/grails-test-examples/app3/build.gradle +++ b/grails-test-examples/app3/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/async-events-pubsub-demo/build.gradle b/grails-test-examples/async-events-pubsub-demo/build.gradle index 7bda0478bb4..d1bd69e1491 100644 --- a/grails-test-examples/async-events-pubsub-demo/build.gradle +++ b/grails-test-examples/async-events-pubsub-demo/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = rootProject.version diff --git a/grails-test-examples/cache/build.gradle b/grails-test-examples/cache/build.gradle index ae8b3a4531b..19be5bbb9bd 100644 --- a/grails-test-examples/cache/build.gradle +++ b/grails-test-examples/cache/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/config-report/build.gradle b/grails-test-examples/config-report/build.gradle index b141104ee46..e774e37d795 100644 --- a/grails-test-examples/config-report/build.gradle +++ b/grails-test-examples/config-report/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/database-cleanup/build.gradle b/grails-test-examples/database-cleanup/build.gradle index 2b5f1119d4d..6f22929d537 100644 --- a/grails-test-examples/database-cleanup/build.gradle +++ b/grails-test-examples/database-cleanup/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/datasources/build.gradle b/grails-test-examples/datasources/build.gradle index b8c928826ed..35d4c25f8d4 100644 --- a/grails-test-examples/datasources/build.gradle +++ b/grails-test-examples/datasources/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/demo33/build.gradle b/grails-test-examples/demo33/build.gradle index bb76c83be0d..cddc13dec49 100644 --- a/grails-test-examples/demo33/build.gradle +++ b/grails-test-examples/demo33/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.example.grails' diff --git a/grails-test-examples/exploded/build.gradle b/grails-test-examples/exploded/build.gradle index 6ba321b9c42..c027985b173 100644 --- a/grails-test-examples/exploded/build.gradle +++ b/grails-test-examples/exploded/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/external-configuration/build.gradle b/grails-test-examples/external-configuration/build.gradle index 93a078c5940..c6d30f6c11d 100644 --- a/grails-test-examples/external-configuration/build.gradle +++ b/grails-test-examples/external-configuration/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'groovy' diff --git a/grails-test-examples/geb-gebconfig/build.gradle b/grails-test-examples/geb-gebconfig/build.gradle index 478f62245e5..d9e16f1df4a 100644 --- a/grails-test-examples/geb-gebconfig/build.gradle +++ b/grails-test-examples/geb-gebconfig/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'org.apache.grails.gradle.grails-web' diff --git a/grails-test-examples/geb/build.gradle b/grails-test-examples/geb/build.gradle index 6e2a650fe30..fa4508b3054 100644 --- a/grails-test-examples/geb/build.gradle +++ b/grails-test-examples/geb/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'org.apache.grails.gradle.grails-web' diff --git a/grails-test-examples/gorm/build.gradle b/grails-test-examples/gorm/build.gradle index 5fc38241f3a..23489ba8cf3 100644 --- a/grails-test-examples/gorm/build.gradle +++ b/grails-test-examples/gorm/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/gsp-layout/build.gradle b/grails-test-examples/gsp-layout/build.gradle index 9f129c0d79c..7748a63eaa7 100644 --- a/grails-test-examples/gsp-layout/build.gradle +++ b/grails-test-examples/gsp-layout/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.0.1' diff --git a/grails-test-examples/gsp-sitemesh3/build.gradle b/grails-test-examples/gsp-sitemesh3/build.gradle index 6a0afc44682..3a0705ab3be 100644 --- a/grails-test-examples/gsp-sitemesh3/build.gradle +++ b/grails-test-examples/gsp-sitemesh3/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.0.1' diff --git a/grails-test-examples/gsp-spring-boot/app/build.gradle b/grails-test-examples/gsp-spring-boot/app/build.gradle index c3187fecfaf..82d4d040e9b 100644 --- a/grails-test-examples/gsp-spring-boot/app/build.gradle +++ b/grails-test-examples/gsp-spring-boot/app/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.springframework.boot' id 'io.spring.dependency-management' id "groovy" + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'org.apache.grails.gradle.grails-gsp' diff --git a/grails-test-examples/hibernate5/grails-data-service-multi-datasource/build.gradle b/grails-test-examples/hibernate5/grails-data-service-multi-datasource/build.gradle index 5e2f3187ed4..3bee0ecfae1 100644 --- a/grails-test-examples/hibernate5/grails-data-service-multi-datasource/build.gradle +++ b/grails-test-examples/hibernate5/grails-data-service-multi-datasource/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-data-service/build.gradle b/grails-test-examples/hibernate5/grails-data-service/build.gradle index 3c630f07511..9d370c683b6 100644 --- a/grails-test-examples/hibernate5/grails-data-service/build.gradle +++ b/grails-test-examples/hibernate5/grails-data-service/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.gradle.grails-gson' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-database-per-tenant/build.gradle b/grails-test-examples/hibernate5/grails-database-per-tenant/build.gradle index 85e53a201fd..d902788d6a0 100644 --- a/grails-test-examples/hibernate5/grails-database-per-tenant/build.gradle +++ b/grails-test-examples/hibernate5/grails-database-per-tenant/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-hibernate-groovy-proxy/build.gradle b/grails-test-examples/hibernate5/grails-hibernate-groovy-proxy/build.gradle index 34f33f0cfd5..e7b213edb6d 100644 --- a/grails-test-examples/hibernate5/grails-hibernate-groovy-proxy/build.gradle +++ b/grails-test-examples/hibernate5/grails-hibernate-groovy-proxy/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-hibernate/build.gradle b/grails-test-examples/hibernate5/grails-hibernate/build.gradle index 9233fc1f524..3a3aaf920a3 100644 --- a/grails-test-examples/hibernate5/grails-hibernate/build.gradle +++ b/grails-test-examples/hibernate5/grails-hibernate/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-multiple-datasources/build.gradle b/grails-test-examples/hibernate5/grails-multiple-datasources/build.gradle index de784dc9ad3..e59c19088f0 100644 --- a/grails-test-examples/hibernate5/grails-multiple-datasources/build.gradle +++ b/grails-test-examples/hibernate5/grails-multiple-datasources/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-multitenant-multi-datasource/build.gradle b/grails-test-examples/hibernate5/grails-multitenant-multi-datasource/build.gradle index 5e2f3187ed4..3bee0ecfae1 100644 --- a/grails-test-examples/hibernate5/grails-multitenant-multi-datasource/build.gradle +++ b/grails-test-examples/hibernate5/grails-multitenant-multi-datasource/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-partitioned-multi-tenancy/build.gradle b/grails-test-examples/hibernate5/grails-partitioned-multi-tenancy/build.gradle index 72a86f126fc..1053ffc33af 100644 --- a/grails-test-examples/hibernate5/grails-partitioned-multi-tenancy/build.gradle +++ b/grails-test-examples/hibernate5/grails-partitioned-multi-tenancy/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-schema-per-tenant/build.gradle b/grails-test-examples/hibernate5/grails-schema-per-tenant/build.gradle index 41a4c1a3ff2..6c9f1d0ecb2 100644 --- a/grails-test-examples/hibernate5/grails-schema-per-tenant/build.gradle +++ b/grails-test-examples/hibernate5/grails-schema-per-tenant/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/issue450/build.gradle b/grails-test-examples/hibernate5/issue450/build.gradle index ac80fabbf89..58fe2061409 100644 --- a/grails-test-examples/hibernate5/issue450/build.gradle +++ b/grails-test-examples/hibernate5/issue450/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/spring-boot-hibernate/build.gradle b/grails-test-examples/hibernate5/spring-boot-hibernate/build.gradle index 5cee818132b..2697b327f6e 100644 --- a/grails-test-examples/hibernate5/spring-boot-hibernate/build.gradle +++ b/grails-test-examples/hibernate5/spring-boot-hibernate/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.springframework.boot' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/standalone-hibernate/build.gradle b/grails-test-examples/hibernate5/standalone-hibernate/build.gradle index d091bf09ebf..72bc7183c73 100644 --- a/grails-test-examples/hibernate5/standalone-hibernate/build.gradle +++ b/grails-test-examples/hibernate5/standalone-hibernate/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.0.1' diff --git a/grails-test-examples/hyphenated/build.gradle b/grails-test-examples/hyphenated/build.gradle index 87589bf3c32..21665138e5d 100644 --- a/grails-test-examples/hyphenated/build.gradle +++ b/grails-test-examples/hyphenated/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-11102/build.gradle b/grails-test-examples/issue-11102/build.gradle index 9b54a066204..d151bfaa66f 100644 --- a/grails-test-examples/issue-11102/build.gradle +++ b/grails-test-examples/issue-11102/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-11767/build.gradle b/grails-test-examples/issue-11767/build.gradle index 04eaca91d64..9f94c4f5ec3 100644 --- a/grails-test-examples/issue-11767/build.gradle +++ b/grails-test-examples/issue-11767/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-15228/build.gradle b/grails-test-examples/issue-15228/build.gradle index f7da23ca681..a0a90f4c274 100644 --- a/grails-test-examples/issue-15228/build.gradle +++ b/grails-test-examples/issue-15228/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-698-domain-save-npe/build.gradle b/grails-test-examples/issue-698-domain-save-npe/build.gradle index 4d5c9916c2e..a578eba075d 100644 --- a/grails-test-examples/issue-698-domain-save-npe/build.gradle +++ b/grails-test-examples/issue-698-domain-save-npe/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-views-182/build.gradle b/grails-test-examples/issue-views-182/build.gradle index fc9043e92be..02916cebb20 100644 --- a/grails-test-examples/issue-views-182/build.gradle +++ b/grails-test-examples/issue-views-182/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/mongodb/base/build.gradle b/grails-test-examples/mongodb/base/build.gradle index 1b9bf51b226..66209e3a308 100644 --- a/grails-test-examples/mongodb/base/build.gradle +++ b/grails-test-examples/mongodb/base/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/mongodb/database-per-tenant/build.gradle b/grails-test-examples/mongodb/database-per-tenant/build.gradle index 66e4530bea4..ceba24861ba 100644 --- a/grails-test-examples/mongodb/database-per-tenant/build.gradle +++ b/grails-test-examples/mongodb/database-per-tenant/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/mongodb/gson-templates/build.gradle b/grails-test-examples/mongodb/gson-templates/build.gradle index 8732c62a557..6bc5590dc73 100644 --- a/grails-test-examples/mongodb/gson-templates/build.gradle +++ b/grails-test-examples/mongodb/gson-templates/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/mongodb/hibernate5/build.gradle b/grails-test-examples/mongodb/hibernate5/build.gradle index 0622d6258e1..46bfb9be565 100644 --- a/grails-test-examples/mongodb/hibernate5/build.gradle +++ b/grails-test-examples/mongodb/hibernate5/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/mongodb/springboot/build.gradle b/grails-test-examples/mongodb/springboot/build.gradle index 5855d0b24e0..23f60721a6f 100644 --- a/grails-test-examples/mongodb/springboot/build.gradle +++ b/grails-test-examples/mongodb/springboot/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'groovy' diff --git a/grails-test-examples/mongodb/test-data-service/build.gradle b/grails-test-examples/mongodb/test-data-service/build.gradle index 3b10e49d9ad..3fd572c225d 100644 --- a/grails-test-examples/mongodb/test-data-service/build.gradle +++ b/grails-test-examples/mongodb/test-data-service/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/namespaces/build.gradle b/grails-test-examples/namespaces/build.gradle index 99da2a0e3b6..0a570e506c4 100644 --- a/grails-test-examples/namespaces/build.gradle +++ b/grails-test-examples/namespaces/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/plugins/exploded/build.gradle b/grails-test-examples/plugins/exploded/build.gradle index c1fd4732c48..a05202eba0e 100644 --- a/grails-test-examples/plugins/exploded/build.gradle +++ b/grails-test-examples/plugins/exploded/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/issue-11767/build.gradle b/grails-test-examples/plugins/issue-11767/build.gradle index cbd4fb2f86a..c22071fbecb 100644 --- a/grails-test-examples/plugins/issue-11767/build.gradle +++ b/grails-test-examples/plugins/issue-11767/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/issue11005/build.gradle b/grails-test-examples/plugins/issue11005/build.gradle index 4b08b455f5b..26065256a08 100644 --- a/grails-test-examples/plugins/issue11005/build.gradle +++ b/grails-test-examples/plugins/issue11005/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'org.apache.grails.gradle.grails-plugin' diff --git a/grails-test-examples/plugins/loadafter/build.gradle b/grails-test-examples/plugins/loadafter/build.gradle index f9ef09f690d..c5a37fa0ebe 100644 --- a/grails-test-examples/plugins/loadafter/build.gradle +++ b/grails-test-examples/plugins/loadafter/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/loadfirst/build.gradle b/grails-test-examples/plugins/loadfirst/build.gradle index ef3ddc7dd2d..e89ca5e93db 100644 --- a/grails-test-examples/plugins/loadfirst/build.gradle +++ b/grails-test-examples/plugins/loadfirst/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/loadsecond/build.gradle b/grails-test-examples/plugins/loadsecond/build.gradle index 52239603e69..083e93c515e 100644 --- a/grails-test-examples/plugins/loadsecond/build.gradle +++ b/grails-test-examples/plugins/loadsecond/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/scaffolding-fields/build.gradle b/grails-test-examples/scaffolding-fields/build.gradle index 3afbfc6fcc1..1e422fbb6f9 100644 --- a/grails-test-examples/scaffolding-fields/build.gradle +++ b/grails-test-examples/scaffolding-fields/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/scaffolding/build.gradle b/grails-test-examples/scaffolding/build.gradle index 1828650189c..2f6f9880f27 100644 --- a/grails-test-examples/scaffolding/build.gradle +++ b/grails-test-examples/scaffolding/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.gradle.grails-web' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = "0.0.1" diff --git a/grails-test-examples/views-functional-tests-plugin/build.gradle b/grails-test-examples/views-functional-tests-plugin/build.gradle index 5f203e3eee6..3c8e011f329 100644 --- a/grails-test-examples/views-functional-tests-plugin/build.gradle +++ b/grails-test-examples/views-functional-tests-plugin/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-plugin' id 'org.apache.grails.gradle.grails-gson' } diff --git a/grails-test-examples/views-functional-tests/build.gradle b/grails-test-examples/views-functional-tests/build.gradle index 6f744bcaf13..d06a9c9e39d 100644 --- a/grails-test-examples/views-functional-tests/build.gradle +++ b/grails-test-examples/views-functional-tests/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.gradle.grails-web' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = "0.0.1" diff --git a/grails-test-suite-base/build.gradle b/grails-test-suite-base/build.gradle index 23bef4896ba..8357bb80745 100644 --- a/grails-test-suite-base/build.gradle +++ b/grails-test-suite-base/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-test-suite-persistence/build.gradle b/grails-test-suite-persistence/build.gradle index ce251297fc1..1436a920eb1 100644 --- a/grails-test-suite-persistence/build.gradle +++ b/grails-test-suite-persistence/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-suite-uber/build.gradle b/grails-test-suite-uber/build.gradle index 019ff129a0b..69ba5251337 100644 --- a/grails-test-suite-uber/build.gradle +++ b/grails-test-suite-uber/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-suite-web/build.gradle b/grails-test-suite-web/build.gradle index 8f2d856bfa9..1d4fb80bdfe 100644 --- a/grails-test-suite-web/build.gradle +++ b/grails-test-suite-web/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-testing-support-core/build.gradle b/grails-testing-support-core/build.gradle index cb9b9f5d3fe..6cc271a7d38 100644 --- a/grails-testing-support-core/build.gradle +++ b/grails-testing-support-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-datamapping/build.gradle b/grails-testing-support-datamapping/build.gradle index 0c030921982..eb143e2d9be 100755 --- a/grails-testing-support-datamapping/build.gradle +++ b/grails-testing-support-datamapping/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-dbcleanup-core/build.gradle b/grails-testing-support-dbcleanup-core/build.gradle index 7368f6dee10..66c2c9bf51d 100644 --- a/grails-testing-support-dbcleanup-core/build.gradle +++ b/grails-testing-support-dbcleanup-core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-dbcleanup-h2/build.gradle b/grails-testing-support-dbcleanup-h2/build.gradle index c12e761a303..62eb14c0003 100644 --- a/grails-testing-support-dbcleanup-h2/build.gradle +++ b/grails-testing-support-dbcleanup-h2/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-dbcleanup-postgresql/build.gradle b/grails-testing-support-dbcleanup-postgresql/build.gradle index 3644ad14619..1519ebfb98b 100644 --- a/grails-testing-support-dbcleanup-postgresql/build.gradle +++ b/grails-testing-support-dbcleanup-postgresql/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-http-client/build.gradle b/grails-testing-support-http-client/build.gradle index 7800604564a..1df05ce371f 100644 --- a/grails-testing-support-http-client/build.gradle +++ b/grails-testing-support-http-client/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-mongodb/build.gradle b/grails-testing-support-mongodb/build.gradle index 7b5ff0cc627..284c686c7f1 100644 --- a/grails-testing-support-mongodb/build.gradle +++ b/grails-testing-support-mongodb/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-views-gson/build.gradle b/grails-testing-support-views-gson/build.gradle index 7bfcc80cfec..af5724db596 100644 --- a/grails-testing-support-views-gson/build.gradle +++ b/grails-testing-support-views-gson/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-web/build.gradle b/grails-testing-support-web/build.gradle index 385b7bca5da..16d44cb335d 100755 --- a/grails-testing-support-web/build.gradle +++ b/grails-testing-support-web/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-url-mappings/build.gradle b/grails-url-mappings/build.gradle index 845319ece17..5312b5787bc 100644 --- a/grails-url-mappings/build.gradle +++ b/grails-url-mappings/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-validation/build.gradle b/grails-validation/build.gradle index c129d0695fd..960c6661424 100644 --- a/grails-validation/build.gradle +++ b/grails-validation/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-views-core/build.gradle b/grails-views-core/build.gradle index 3da0370d06d..5d820f3a0e8 100644 --- a/grails-views-core/build.gradle +++ b/grails-views-core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-views-gson/build.gradle b/grails-views-gson/build.gradle index c0781804d2e..8cec626096d 100644 --- a/grails-views-gson/build.gradle +++ b/grails-views-gson/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-views-markup/build.gradle b/grails-views-markup/build.gradle index 6d6bc3da1bd..cb432d6ba8e 100644 --- a/grails-views-markup/build.gradle +++ b/grails-views-markup/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-boot/build.gradle b/grails-web-boot/build.gradle index 77f660cc131..70218bfab21 100644 --- a/grails-web-boot/build.gradle +++ b/grails-web-boot/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-common/build.gradle b/grails-web-common/build.gradle index c8db0f99343..c0b8b9d301c 100644 --- a/grails-web-common/build.gradle +++ b/grails-web-common/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-core/build.gradle b/grails-web-core/build.gradle index 5399ca4a2c5..50d79ebf7a8 100644 --- a/grails-web-core/build.gradle +++ b/grails-web-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-databinding/build.gradle b/grails-web-databinding/build.gradle index 770a12a4f7f..f94614fdc0f 100644 --- a/grails-web-databinding/build.gradle +++ b/grails-web-databinding/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-mvc/build.gradle b/grails-web-mvc/build.gradle index 286f151768d..dfaace63d46 100644 --- a/grails-web-mvc/build.gradle +++ b/grails-web-mvc/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-url-mappings/build.gradle b/grails-web-url-mappings/build.gradle index 86d74125325..69db6e4dacf 100644 --- a/grails-web-url-mappings/build.gradle +++ b/grails-web-url-mappings/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' }