diff --git a/pom.xml b/pom.xml
index e91a78e..51fa163 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
org.springframework.boot
spring-boot-starter-parent
- 2.3.4.RELEASE
+ 2.3.5.RELEASE
@@ -27,20 +27,22 @@
UTF-8
UTF-8
- 3.6.0
11
+ 3.6.0
+ ${java.version}
+ ${java.version}
- 2.3.4.RELEASE
+ 2.3.5.RELEASE
Hoxton.SR8
2.2.4.RELEASE
- 3.8.1
- ${java.version}
- ${java.version}
+ 3.1.1
+ 3.8.1
+ 1.6.2
+ 6.0.2
0.14.1
3.10.3
- 6.0.2
3.0.5
2.11.2
0.9.12
@@ -63,8 +65,9 @@
org.apache.maven.plugins
maven-checkstyle-plugin
+ ${plugin.checkstyle.version}
- plugins/checkstyle.xml
+ ./tools/checkstyle.xml
target/**/*
UTF-8
true
@@ -92,7 +95,7 @@
org.owasp
dependency-check-maven
- ${dependency-check-maven.version}
+ ${plugin.owasp.version}
commons-logging
@@ -106,15 +109,14 @@
org.owasp
dependency-check-maven
- ${dependency-check-maven.version}
+ ${plugin.owasp.version}
-
+ ./tools/suppressed.xml
true
-
- test
+ validate
check
@@ -315,12 +317,19 @@
+
+
+ kr.motd.maven
+ os-maven-plugin
+ ${plugin.os-maven.version}
+
+
org.apache.maven.plugins
maven-compiler-plugin
- ${maven-compiler-plugin.version}
+ ${plugin.compiler.version}
org.sonarsource.scanner.maven
@@ -357,11 +366,6 @@
maven-dependency-plugin
3.1.2
-
- org.apache.maven.plugins
- maven-checkstyle-plugin
- 3.1.1
-
com.mycila
license-maven-plugin
@@ -422,9 +426,10 @@
-
+
**/*.adoc
+ **/*.md
**/*.sql
**/*.txt
**/*.yaml
diff --git a/plugins/LICENSE-MPL2.txt b/tools/LICENSE-MPL2.txt
similarity index 100%
rename from plugins/LICENSE-MPL2.txt
rename to tools/LICENSE-MPL2.txt
diff --git a/plugins/checkstyle.xml b/tools/checkstyle.xml
similarity index 100%
rename from plugins/checkstyle.xml
rename to tools/checkstyle.xml
diff --git a/tools/suppressions.xml b/tools/suppressions.xml
new file mode 100644
index 0000000..8ac24e6
--- /dev/null
+++ b/tools/suppressions.xml
@@ -0,0 +1,7 @@
+
+
+
+ see https://github.com/jeremylong/DependencyCheck/issues/1827>
+ CVE-2018-1258
+
+