From 5b8db0b19cdc6a028d99c4f59c35525dc26bbff3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 7 Apr 2025 10:19:53 +0000
Subject: [PATCH 1/3] Bump the gradle-version-updates group across 1 directory
 with 13 updates

Bumps the gradle-version-updates group with 13 updates in the /hooks/persistence-defectdojo/hook directory:

| Package | From | To |
| --- | --- | --- |
| [org.junit:junit-bom](https://github.com/junit-team/junit5) | `5.11.4` | `5.12.1` |
| [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `6.2.3` | `6.2.5` |
| [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | `2.18.2` | `2.18.3` |
| [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.18.2` | `2.18.3` |
| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.18.2` | `2.18.3` |
| com.fasterxml.jackson.datatype:jackson-datatype-jsr310 | `2.18.2` | `2.18.3` |
| org.slf4j:slf4j-api | `2.0.16` | `2.0.17` |
| org.slf4j:slf4j-log4j12 | `2.0.16` | `2.0.17` |
| [org.mockito:mockito-core](https://github.com/mockito/mockito) | `5.15.2` | `5.17.0` |
| [org.mockito:mockito-junit-jupiter](https://github.com/mockito/mockito) | `5.15.2` | `5.17.0` |
| [uk.org.webcompere:system-stubs-jupiter](https://github.com/webcompere/system-stubs) | `2.1.7` | `2.1.8` |
| [io.freefair.lombok](https://github.com/freefair/gradle-plugins) | `8.12.1` | `8.13.1` |
| org.sonarqube | `6.0.1.5171` | `6.1.0.5360` |



Updates `org.junit:junit-bom` from 5.11.4 to 5.12.1
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.4...r5.12.1)

Updates `org.springframework:spring-web` from 6.2.3 to 6.2.5
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.3...v6.2.5)

Updates `com.fasterxml.jackson.core:jackson-core` from 2.18.2 to 2.18.3
- [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.18.2...jackson-core-2.18.3)

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.18.2 to 2.18.3
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.18.2 to 2.18.3
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.datatype:jackson-datatype-jsr310` from 2.18.2 to 2.18.3

Updates `org.slf4j:slf4j-api` from 2.0.16 to 2.0.17

Updates `org.slf4j:slf4j-log4j12` from 2.0.16 to 2.0.17

Updates `org.mockito:mockito-core` from 5.15.2 to 5.17.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.15.2...v5.17.0)

Updates `org.mockito:mockito-junit-jupiter` from 5.15.2 to 5.17.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.15.2...v5.17.0)

Updates `uk.org.webcompere:system-stubs-jupiter` from 2.1.7 to 2.1.8
- [Release notes](https://github.com/webcompere/system-stubs/releases)
- [Changelog](https://github.com/webcompere/system-stubs/blob/main/History.md)
- [Commits](https://github.com/webcompere/system-stubs/compare/system-stubs-parent-2.1.7...system-stubs-parent-2.1.8)

Updates `io.freefair.lombok` from 8.12.1 to 8.13.1
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.12.1...8.13.1)

Updates `org.sonarqube` from 6.0.1.5171 to 6.1.0.5360

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-version: 5.12.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-version-updates
- dependency-name: org.springframework:spring-web
  dependency-version: 6.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-version-updates
- dependency-name: com.fasterxml.jackson.core:jackson-core
  dependency-version: 2.18.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-version-updates
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-version: 2.18.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-version-updates
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.18.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-version-updates
- dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310
  dependency-version: 2.18.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-version-updates
- dependency-name: org.slf4j:slf4j-api
  dependency-version: 2.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-version-updates
- dependency-name: org.slf4j:slf4j-log4j12
  dependency-version: 2.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-version-updates
- dependency-name: org.mockito:mockito-core
  dependency-version: 5.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-version-updates
- dependency-name: org.mockito:mockito-junit-jupiter
  dependency-version: 5.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-version-updates
- dependency-name: uk.org.webcompere:system-stubs-jupiter
  dependency-version: 2.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-version-updates
- dependency-name: io.freefair.lombok
  dependency-version: 8.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-version-updates
- dependency-name: org.sonarqube
  dependency-version: 6.1.0.5360
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .../persistence-defectdojo/hook/build.gradle  | 26 +++++++++----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle
index 6a28ce3fe8..1bc7a1a2d7 100644
--- a/hooks/persistence-defectdojo/hook/build.gradle
+++ b/hooks/persistence-defectdojo/hook/build.gradle
@@ -4,11 +4,11 @@
 
 plugins {
   id "java"
-  id "io.freefair.lombok" version "8.12.1"
+  id "io.freefair.lombok" version "8.13.1"
   // https://github.com/ben-manes/gradle-versions-plugin
   // Run: ./gradlew dependencyUpdates -Drevision=release
   id "com.github.ben-manes.versions" version "0.52.0"
-  id "org.sonarqube" version "6.0.1.5171"
+  id "org.sonarqube" version "6.1.0.5360"
 }
 
 group = "io.securecodebox"
@@ -24,22 +24,22 @@ repositories {
 dependencies {
   implementation group: "io.securecodebox", name: "defectdojo-client", version: "2.0.1"
   implementation group: "io.kubernetes", name: "client-java", version: "20.0.1"
-  implementation group: "org.springframework", name: "spring-web", version: "6.2.3"
-  implementation group: "com.fasterxml.jackson.core", name: "jackson-core", version: "2.18.2"
-  implementation group: "com.fasterxml.jackson.core", name: "jackson-annotations", version: "2.18.2"
-  implementation group: "com.fasterxml.jackson.core", name: "jackson-databind", version: "2.18.2"
-  implementation group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jsr310", version: "2.18.2"
-  implementation group: "org.slf4j", name: "slf4j-api", version: "2.0.16"
-  implementation group: "org.slf4j", name: "slf4j-log4j12", version: "2.0.16"
+  implementation group: "org.springframework", name: "spring-web", version: "6.2.5"
+  implementation group: "com.fasterxml.jackson.core", name: "jackson-core", version: "2.18.3"
+  implementation group: "com.fasterxml.jackson.core", name: "jackson-annotations", version: "2.18.3"
+  implementation group: "com.fasterxml.jackson.core", name: "jackson-databind", version: "2.18.3"
+  implementation group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jsr310", version: "2.18.3"
+  implementation group: "org.slf4j", name: "slf4j-api", version: "2.0.17"
+  implementation group: "org.slf4j", name: "slf4j-log4j12", version: "2.0.17"
   // If I try to notate this like the others (with separate strings) I got errors. No idea why sh... Gradle
   // want it like this. It is the official documented example:
   // https://github.com/junit-team/junit5-samples/blob/r5.10.0/junit5-jupiter-starter-gradle/build.gradle
-  testImplementation(platform("org.junit:junit-bom:5.11.4"))
+  testImplementation(platform("org.junit:junit-bom:5.12.1"))
   testImplementation("org.junit.jupiter:junit-jupiter")
-  testImplementation group: "org.mockito", name: "mockito-core", version: "5.15.2"
-  testImplementation group: "org.mockito", name: "mockito-junit-jupiter", version: "5.15.2"
+  testImplementation group: "org.mockito", name: "mockito-core", version: "5.17.0"
+  testImplementation group: "org.mockito", name: "mockito-junit-jupiter", version: "5.17.0"
   testImplementation group: 'org.hamcrest', name: 'java-hamcrest', version: '2.0.0.0'
-  testImplementation group: 'uk.org.webcompere', name: 'system-stubs-jupiter', version: '2.1.7'
+  testImplementation group: 'uk.org.webcompere', name: 'system-stubs-jupiter', version: '2.1.8'
 }
 
 java {

From ab6408fb545ae9979809db4f905fc46016ce6d05 Mon Sep 17 00:00:00 2001
From: Sven Strittmatter <sven.strittmatter@iteratec.com>
Date: Tue, 15 Apr 2025 13:50:21 +0200
Subject: [PATCH 2/3] Show All Warnings For Gradle Builds In CI Pipeline

Signed-off-by: Sven Strittmatter <sven.strittmatter@iteratec.com>
---
 .github/workflows/ci.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 59a0e7e16b..4834f4562c 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -170,7 +170,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         working-directory: hooks/${{ matrix.unit }}/hook
-        run: ./gradlew build --info
+        run: ./gradlew build --info --warning-mode all
 
   # ---- Build Stage ----
 

From 4c1453a580b7cf2524a766a93bf4ae1e888b004b Mon Sep 17 00:00:00 2001
From: Sven Strittmatter <sven.strittmatter@iteratec.com>
Date: Wed, 28 May 2025 16:57:44 +0200
Subject: [PATCH 3/3] Explicitly declare JUnit as the test framework

This fixes another Gradle deprecation warning about automatic
test framework loading.

Signed-off-by: Sven Strittmatter <sven.strittmatter@iteratec.com>
---
 hooks/persistence-defectdojo/hook/build.gradle | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle
index 1bc7a1a2d7..32bcb7a39f 100644
--- a/hooks/persistence-defectdojo/hook/build.gradle
+++ b/hooks/persistence-defectdojo/hook/build.gradle
@@ -40,6 +40,8 @@ dependencies {
   testImplementation group: "org.mockito", name: "mockito-junit-jupiter", version: "5.17.0"
   testImplementation group: 'org.hamcrest', name: 'java-hamcrest', version: '2.0.0.0'
   testImplementation group: 'uk.org.webcompere', name: 'system-stubs-jupiter', version: '2.1.8'
+  testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine")
+  testRuntimeOnly("org.junit.platform:junit-platform-launcher")
 }
 
 java {