Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
5df7268
Blackduck scan fixes
yashmeet29 Jun 30, 2026
e1a137f
fixes
yashmeet29 Jul 1, 2026
2782979
Update pom.xml
PujaDeshmukh17 Jul 1, 2026
ab3477b
Update pom.xml
akgarg06 Jul 2, 2026
fb2ee29
pom update
akgarg06 Jul 2, 2026
58df2dd
Update blackduck.yml
akgarg06 Jul 2, 2026
dc218f1
update sdm version
akgarg06 Jul 2, 2026
ea05a9a
Update pom.xml
akgarg06 Jul 2, 2026
3dc2f66
Update blackduck.yml
akgarg06 Jul 2, 2026
e0d05c4
Update pom.xml
akgarg06 Jul 2, 2026
9fdd25a
Update pom.xml
akgarg06 Jul 2, 2026
d314841
pom update
akgarg06 Jul 2, 2026
a7f945d
Revert "pom update"
akgarg06 Jul 2, 2026
dd8ce8e
update pom.xml
Myna855-sap Jul 3, 2026
0fc8d9c
add nimbus-jose-jwt pin to single-tenant pom.xml
Myna855-sap Jul 4, 2026
9e0594e
update pom.xml
Myna855-sap Jul 6, 2026
311b7b1
Merge branch 'develop' into SDMEXT-blackduckScanFix-feature
Myna855-sap Jul 7, 2026
b05474c
Merge branch 'develop' into SDMEXT-blackduckScanFix-feature
Myna855-sap Jul 8, 2026
10783fd
Merge branch 'develop' into SDMEXT-blackduckScanFix-feature
Myna855-sap Jul 8, 2026
c45a14a
Update blackduck.yml
Myna855-sap Jul 8, 2026
e0c4b45
Update pom.xml
Myna855-sap Jul 8, 2026
11102bf
Merge branch 'develop' into SDMEXT-blackduckScanFix-feature
PujaDeshmukh17 Jul 9, 2026
89b0030
Update pom.xml
Myna855-sap Jul 9, 2026
e551d5f
Update pom.xml
Myna855-sap Jul 9, 2026
50a43be
Update pom.xml
Myna855-sap Jul 9, 2026
ad2ddcb
Update pom.xml
Myna855-sap Jul 9, 2026
2f8d784
Update pom.xml
Myna855-sap Jul 9, 2026
81b434e
Update SNAPSHOT to RC1
Myna855-sap Jul 9, 2026
97e9ea1
Replace Kotlin stdlib version pins with exclusions on sdm dependency
Myna855-sap Jul 10, 2026
6cd4220
Replace Kotlin stdlib version pins with exclusions across all app mod…
Myna855-sap Jul 10, 2026
25e41e4
Replace all dependencyManagement version pins with exclusions on dire…
Myna855-sap Jul 10, 2026
b37463b
adding exclusions
Myna855-sap Jul 10, 2026
76e90f5
Update pom.xml
Myna855-sap Jul 10, 2026
60bcc86
fix compilation failure - keep spring-security-web/config as version …
Myna855-sap Jul 10, 2026
312f4b2
Merge branch 'develop' into SDMEXT-blackduckScanFix-feature
Myna855-sap Jul 10, 2026
8f4fc33
fix compilation - revert tomcat-embed exclusions, keep as version pins
Myna855-sap Jul 10, 2026
01be066
Update pom.xml
Myna855-sap Jul 10, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion app/multi-tenant/central-space/cloud-cap-samples-java/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.2.6</version>
<version>3.5.16</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>

Expand Down Expand Up @@ -72,6 +72,15 @@
<version>4.0.0</version>
</dependency>

<!-- Security: fix Netty CVEs (BlackDuck) -->
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-bom</artifactId>
<version>4.2.15.Final</version>
<type>pom</type>
<scope>import</scope>
</dependency>

</dependencies>
</dependencyManagement>

Expand Down
109 changes: 109 additions & 0 deletions app/multi-tenant/central-space/cloud-cap-samples-java/srv/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,38 @@

<name>bookshop</name>


<dependencyManagement>
<dependencies>
<!-- Security fixes: force safe transitive versions -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>6.5.11</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>6.5.11</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>10.1.56</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-websocket</artifactId>
<version>10.1.56</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-el</artifactId>
<version>10.1.56</version>
</dependency>
</dependencies>
</dependencyManagement>

<!-- ACTUAL DEPENDENCIES -->
<dependencies>
<!-- CDS DEPENDENCIES -->
Expand All @@ -26,6 +58,16 @@
<groupId>com.sap.cds</groupId>
<artifactId>cds-adapter-odata-v4</artifactId>
<scope>runtime</scope>
<exclusions>
<exclusion>
<groupId>io.opentelemetry</groupId>
<artifactId>opentelemetry-api</artifactId>
</exclusion>
<exclusion>
<groupId>io.opentelemetry</groupId>
<artifactId>opentelemetry-context</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
Expand All @@ -36,11 +78,31 @@
<groupId>com.sap.cds</groupId>
<artifactId>cds-feature-mt</artifactId>
<version>4.3.0</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.sap.cds</groupId>
<artifactId>sdm</artifactId>
<version>1.10.1-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib</artifactId>
</exclusion>
<exclusion>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-jdk8</artifactId>
</exclusion>
<exclusion>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-jdk7</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.sap.cds</groupId>
Expand All @@ -55,6 +117,22 @@
<groupId>com.sap.cloud.security.xsuaa</groupId>
<artifactId>xsuaa-spring-boot-starter</artifactId>
</exclusion>
<exclusion>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-resource-server</artifactId>
</exclusion>
</exclusions>
</dependency>

Expand Down Expand Up @@ -84,6 +162,16 @@
<groupId>com.sap.cds</groupId>
<artifactId>cds-feature-remote-odata</artifactId>
<scope>runtime</scope>
<exclusions>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
Expand Down Expand Up @@ -112,6 +200,7 @@
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>2.4.240</version>
<scope>runtime</scope>
</dependency>

Expand Down Expand Up @@ -153,6 +242,16 @@
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-crypto</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
Expand All @@ -166,6 +265,16 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-autoconfigure</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>

Expand Down
11 changes: 10 additions & 1 deletion app/multi-tenant/personal-space/cloud-cap-samples-java/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.2.6</version>
<version>3.5.16</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>

Expand Down Expand Up @@ -72,6 +72,15 @@
<version>4.0.0</version>
</dependency>

<!-- Security: fix Netty CVEs (BlackDuck) -->
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-bom</artifactId>
<version>4.2.15.Final</version>
<type>pom</type>
<scope>import</scope>
</dependency>

</dependencies>
</dependencyManagement>

Expand Down
114 changes: 114 additions & 0 deletions app/multi-tenant/personal-space/cloud-cap-samples-java/srv/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,38 @@

<name>bookshop</name>


<dependencyManagement>
<dependencies>
<!-- Security fixes: force safe transitive versions -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>6.5.11</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>6.5.11</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>10.1.56</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-websocket</artifactId>
<version>10.1.56</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-el</artifactId>
<version>10.1.56</version>
</dependency>
</dependencies>
</dependencyManagement>

<!-- ACTUAL DEPENDENCIES -->
<dependencies>
<!-- CDS DEPENDENCIES -->
Expand All @@ -26,6 +58,16 @@
<groupId>com.sap.cds</groupId>
<artifactId>cds-adapter-odata-v4</artifactId>
<scope>runtime</scope>
<exclusions>
<exclusion>
<groupId>io.opentelemetry</groupId>
<artifactId>opentelemetry-api</artifactId>
</exclusion>
<exclusion>
<groupId>io.opentelemetry</groupId>
<artifactId>opentelemetry-context</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
Expand All @@ -36,12 +78,37 @@
<groupId>com.sap.cds</groupId>
<artifactId>cds-feature-mt</artifactId>
<version>4.3.0</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.sap.cds</groupId>
<artifactId>sdm</artifactId>
<version>1.0.0-RC1</version>
<exclusions>
<exclusion>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib</artifactId>
</exclusion>
<exclusion>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-jdk8</artifactId>
</exclusion>
<exclusion>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-jdk7</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>9.39.1</version>
</dependency>
<dependency>
<groupId>com.sap.cds</groupId>
<artifactId>cds-starter-cloudfoundry</artifactId>
Expand All @@ -55,6 +122,22 @@
<groupId>com.sap.cloud.security.xsuaa</groupId>
<artifactId>xsuaa-spring-boot-starter</artifactId>
</exclusion>
<exclusion>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-resource-server</artifactId>
</exclusion>
</exclusions>
</dependency>

Expand Down Expand Up @@ -84,6 +167,16 @@
<groupId>com.sap.cds</groupId>
<artifactId>cds-feature-remote-odata</artifactId>
<scope>runtime</scope>
<exclusions>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
Expand Down Expand Up @@ -112,6 +205,7 @@
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>2.4.240</version>
<scope>runtime</scope>
</dependency>

Expand Down Expand Up @@ -153,6 +247,16 @@
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-crypto</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
Expand All @@ -166,6 +270,16 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-autoconfigure</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>

Expand Down
Loading
Loading