From 8ff7e0528da854667b4e8c99251b699d81913ae6 Mon Sep 17 00:00:00 2001
From: mfd2007 <58845044+mfd2007@users.noreply.github.com>
Date: Thu, 20 Nov 2025 17:27:00 +0100
Subject: [PATCH 1/2] chore: update dependencies
---
pom.xml | 40 +++++++++++++++++++++++-----------------
1 file changed, 23 insertions(+), 17 deletions(-)
diff --git a/pom.xml b/pom.xml
index 08204fa7..ffb4f2e2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -11,33 +11,32 @@
https://github.com/secvisogram/csaf-cms-backend
- 18
+ 25
nothing-to-exclude
- 3.3.9
- 0.7.0
- 2.7.10
+ 3.6.3
+ 1.0.3
+ 2.9.1
3.3.9
- 4.8.2.0
- 3.3.1
- 0.8.11
- 3.2.4
- 0.5.4
- 2.2.21
- 2.2.21
- 1.11.0
+ 4.9.8.1
+ 3.6.0
+ 0.8.14
+ 0.10.12
+ 2.2.40
+ 2.2.40
+ 1.14.0
2.5.0
3.1.0
0.4.16
- 23.0.3
- 24.0.0
- 4.8.4
+ 25.0.1
+ 25.0.1
+ 4.9.8
org.springframework.boot
spring-boot-starter-parent
- 3.2.4
+ 3.5.7
@@ -74,7 +73,7 @@
org.cyclonedx
cyclonedx-maven-plugin
- ${plugin.version.cyclonedx}
+
package
@@ -206,11 +205,13 @@
org.graalvm.js
js
+ pom
${dependency.version.org.graalvm.js}
org.graalvm.js
js-scriptengine
+ pom
${dependency.version.org.graalvm.js-scriptengine}
@@ -262,6 +263,11 @@
junit-jupiter
test
+
+ org.springframework.boot
+ spring-boot-configuration-processor
+ true
+
From 42e0c1e3a47de07aef414d4e45fa577275c417a5 Mon Sep 17 00:00:00 2001
From: mfd2007 <58845044+mfd2007@users.noreply.github.com>
Date: Thu, 20 Nov 2025 17:27:55 +0100
Subject: [PATCH 2/2] chore: change deprecated feature, remove unused imports
---
.../json/IntegerVersioning.java | 7 +-
.../csaf_cms_backend/rest/MainController.java | 1 -
.../response/AdvisoryInformationResponse.java | 1 -
.../service/AbstractCliToolService.java | 2 +-
.../validator/ValidatorServiceClient.java | 2 +
.../json/AdvisoryWrapperTest.java | 7 --
.../JavascriptExporterNoLogoTest.java | 3 -
.../mustache/JavascriptExporterTest.java | 2 -
.../rest/AdvisoryControllerTest.java | 6 +-
.../AdvisoryServiceExportNoLogoTest.java | 18 +++--
.../service/AdvisoryServiceTest.java | 78 ++++++++++++-------
11 files changed, 69 insertions(+), 58 deletions(-)
diff --git a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/json/IntegerVersioning.java b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/json/IntegerVersioning.java
index 1855d5a8..d46644bc 100644
--- a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/json/IntegerVersioning.java
+++ b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/json/IntegerVersioning.java
@@ -2,16 +2,11 @@
import de.bsi.secvisogram.csaf_cms_backend.service.PatchType;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
@SuppressFBWarnings(value = "MS_EXPOSE_REP", justification = "Class has no internal state")
public class IntegerVersioning implements Versioning {
- private static final Logger LOG = LoggerFactory.getLogger(IntegerVersioning.class);
-
- private static final IntegerVersioning DEFAULT_INSTANCE = new IntegerVersioning();
+ private static final IntegerVersioning DEFAULT_INSTANCE = new IntegerVersioning();
public static IntegerVersioning getDefault() {
return DEFAULT_INSTANCE;
diff --git a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/rest/MainController.java b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/rest/MainController.java
index 2dc71997..dc8215da 100644
--- a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/rest/MainController.java
+++ b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/rest/MainController.java
@@ -7,7 +7,6 @@
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
-import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
diff --git a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/rest/response/AdvisoryInformationResponse.java b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/rest/response/AdvisoryInformationResponse.java
index 4533f0ab..c41f7765 100644
--- a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/rest/response/AdvisoryInformationResponse.java
+++ b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/rest/response/AdvisoryInformationResponse.java
@@ -1,6 +1,5 @@
package de.bsi.secvisogram.csaf_cms_backend.rest.response;
-import com.fasterxml.jackson.annotation.JsonIgnore;
import de.bsi.secvisogram.csaf_cms_backend.model.WorkflowState;
import io.swagger.v3.oas.annotations.media.Schema;
import java.util.Collections;
diff --git a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/service/AbstractCliToolService.java b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/service/AbstractCliToolService.java
index d8cb4deb..22c462c9 100644
--- a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/service/AbstractCliToolService.java
+++ b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/service/AbstractCliToolService.java
@@ -1,8 +1,8 @@
package de.bsi.secvisogram.csaf_cms_backend.service;
-import com.oracle.truffle.js.runtime.SuppressFBWarnings;
import de.bsi.secvisogram.csaf_cms_backend.exception.CsafException;
import de.bsi.secvisogram.csaf_cms_backend.exception.CsafExceptionKey;
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
diff --git a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/validator/ValidatorServiceClient.java b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/validator/ValidatorServiceClient.java
index 6731856a..24ec9ae6 100644
--- a/src/main/java/de/bsi/secvisogram/csaf_cms_backend/validator/ValidatorServiceClient.java
+++ b/src/main/java/de/bsi/secvisogram/csaf_cms_backend/validator/ValidatorServiceClient.java
@@ -13,6 +13,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
@@ -21,6 +22,7 @@
import org.springframework.web.reactive.function.client.WebClientRequestException;
import org.springframework.web.reactive.function.client.WebClientResponseException;
+@Configuration
public class ValidatorServiceClient {
private static final Logger LOG = LoggerFactory.getLogger(ValidatorServiceClient.class);
diff --git a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/json/AdvisoryWrapperTest.java b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/json/AdvisoryWrapperTest.java
index 082f8830..fdc7368b 100644
--- a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/json/AdvisoryWrapperTest.java
+++ b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/json/AdvisoryWrapperTest.java
@@ -28,14 +28,7 @@
import java.time.LocalDate;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
-import java.time.temporal.ChronoField;
-import java.time.temporal.Temporal;
-import java.time.temporal.TemporalAccessor;
-import java.time.temporal.TemporalField;
-import java.time.temporal.TemporalUnit;
-import java.time.temporal.ValueRange;
import java.util.ArrayList;
-import java.util.Date;
import java.util.List;
import java.util.stream.Stream;
import org.junit.jupiter.api.Test;
diff --git a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/mustache/JavascriptExporterNoLogoTest.java b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/mustache/JavascriptExporterNoLogoTest.java
index af2bde5c..8ede7c10 100644
--- a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/mustache/JavascriptExporterNoLogoTest.java
+++ b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/mustache/JavascriptExporterNoLogoTest.java
@@ -1,8 +1,5 @@
package de.bsi.secvisogram.csaf_cms_backend.mustache;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.equalToCompressingWhiteSpace;
-
import java.io.IOException;
import org.junit.jupiter.api.Assertions;
diff --git a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/mustache/JavascriptExporterTest.java b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/mustache/JavascriptExporterTest.java
index b0a250eb..1115e004 100644
--- a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/mustache/JavascriptExporterTest.java
+++ b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/mustache/JavascriptExporterTest.java
@@ -3,14 +3,12 @@
import static de.bsi.secvisogram.csaf_cms_backend.mustache.JavascriptExporter.determineMediaTypeOfLogo;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
-import static org.hamcrest.Matchers.equalToCompressingWhiteSpace;
import static org.hamcrest.Matchers.is;
import static org.junit.jupiter.api.Assertions.assertThrows;
import java.io.IOException;
import java.nio.file.Path;
-import de.bsi.secvisogram.csaf_cms_backend.CouchDBExtension;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
diff --git a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/rest/AdvisoryControllerTest.java b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/rest/AdvisoryControllerTest.java
index 4a7bbbc3..4635cd1f 100644
--- a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/rest/AdvisoryControllerTest.java
+++ b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/rest/AdvisoryControllerTest.java
@@ -52,11 +52,11 @@
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
-import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.bean.override.mockito.MockitoBean;
import org.springframework.test.web.servlet.MockMvc;
@WebMvcTest(AdvisoryController.class)
@@ -66,10 +66,10 @@ public class AdvisoryControllerTest {
@Autowired
private MockMvc mockMvc;
- @MockBean
+ @MockitoBean
private AdvisoryService advisoryService;
- @MockBean
+ @MockitoBean
private DocumentTemplateService templateService;
@Autowired
diff --git a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/service/AdvisoryServiceExportNoLogoTest.java b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/service/AdvisoryServiceExportNoLogoTest.java
index 1268fedd..157b70be 100644
--- a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/service/AdvisoryServiceExportNoLogoTest.java
+++ b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/service/AdvisoryServiceExportNoLogoTest.java
@@ -6,22 +6,24 @@
import static org.mockito.Mockito.doNothing;
import static org.mockito.Mockito.when;
-import de.bsi.secvisogram.csaf_cms_backend.CouchDBExtension;
-import de.bsi.secvisogram.csaf_cms_backend.config.CsafRoles;
-import de.bsi.secvisogram.csaf_cms_backend.exception.CsafException;
-import de.bsi.secvisogram.csaf_cms_backend.model.ExportFormat;
-import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.IOException;
import java.nio.file.Path;
+
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.bean.override.mockito.MockitoBean;
+
+import de.bsi.secvisogram.csaf_cms_backend.CouchDBExtension;
+import de.bsi.secvisogram.csaf_cms_backend.config.CsafRoles;
+import de.bsi.secvisogram.csaf_cms_backend.exception.CsafException;
+import de.bsi.secvisogram.csaf_cms_backend.model.ExportFormat;
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
/**
* Test for the Advisory service. The required CouchDB container is started in the CouchDBExtension.
@@ -36,10 +38,10 @@ public class AdvisoryServiceExportNoLogoTest {
@Autowired
private AdvisoryService advisoryService;
- @MockBean
+ @MockitoBean
private PandocService pandocService;
- @MockBean
+ @MockitoBean
private WeasyprintService weasyprintService;
diff --git a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/service/AdvisoryServiceTest.java b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/service/AdvisoryServiceTest.java
index 91250eb7..fa4619bc 100644
--- a/src/test/java/de/bsi/secvisogram/csaf_cms_backend/service/AdvisoryServiceTest.java
+++ b/src/test/java/de/bsi/secvisogram/csaf_cms_backend/service/AdvisoryServiceTest.java
@@ -1,6 +1,11 @@
package de.bsi.secvisogram.csaf_cms_backend.service;
-import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AdvisoryAuditTrailField.*;
+import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AdvisoryAuditTrailField.ADVISORY_ID;
+import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AdvisoryAuditTrailField.DIFF;
+import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AdvisoryAuditTrailField.DOC_VERSION;
+import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AdvisoryAuditTrailField.NEW_WORKFLOW_STATE;
+import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AdvisoryAuditTrailField.OLD_DOC_VERSION;
+import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AdvisoryAuditTrailField.OLD_WORKFLOW_STATE;
import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AuditTrailField.CHANGE_TYPE;
import static de.bsi.secvisogram.csaf_cms_backend.couchdb.AuditTrailField.CREATED_AT;
import static de.bsi.secvisogram.csaf_cms_backend.couchdb.CouchDBFilterCreator.expr2CouchDBFilter;
@@ -11,31 +16,16 @@
import static de.bsi.secvisogram.csaf_cms_backend.model.filter.OperatorExpression.equal;
import static java.util.Comparator.comparing;
import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.*;
-import static org.junit.jupiter.api.Assertions.*;
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.startsWith;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.doNothing;
import static org.mockito.Mockito.when;
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.node.ObjectNode;
-import de.bsi.secvisogram.csaf_cms_backend.CouchDBExtension;
-import de.bsi.secvisogram.csaf_cms_backend.config.CsafRoles;
-import de.bsi.secvisogram.csaf_cms_backend.couchdb.*;
-import de.bsi.secvisogram.csaf_cms_backend.exception.CsafException;
-import de.bsi.secvisogram.csaf_cms_backend.json.AdvisoryWrapper;
-import de.bsi.secvisogram.csaf_cms_backend.json.ObjectType;
-import de.bsi.secvisogram.csaf_cms_backend.json.TrackingIdCounter;
-import de.bsi.secvisogram.csaf_cms_backend.model.ChangeType;
-import de.bsi.secvisogram.csaf_cms_backend.model.ExportFormat;
-import de.bsi.secvisogram.csaf_cms_backend.model.WorkflowState;
-import de.bsi.secvisogram.csaf_cms_backend.rest.request.CreateAdvisoryRequest;
-import de.bsi.secvisogram.csaf_cms_backend.rest.request.CreateCommentRequest;
-import de.bsi.secvisogram.csaf_cms_backend.rest.response.*;
-import de.bsi.secvisogram.csaf_cms_backend.validator.ValidatorServiceClient;
-import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -44,7 +34,14 @@
import java.time.Instant;
import java.time.format.DateTimeFormatter;
import java.time.temporal.ChronoUnit;
-import java.util.*;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.UUID;
+
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
@@ -54,7 +51,6 @@
import org.springframework.boot.info.BuildProperties;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.context.TestConfiguration;
-import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.context.annotation.Bean;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.TestingAuthenticationToken;
@@ -64,6 +60,36 @@
import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.bean.override.mockito.MockitoBean;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import de.bsi.secvisogram.csaf_cms_backend.CouchDBExtension;
+import de.bsi.secvisogram.csaf_cms_backend.config.CsafRoles;
+import de.bsi.secvisogram.csaf_cms_backend.couchdb.AdvisorySearchField;
+import de.bsi.secvisogram.csaf_cms_backend.couchdb.CouchDbField;
+import de.bsi.secvisogram.csaf_cms_backend.couchdb.DatabaseException;
+import de.bsi.secvisogram.csaf_cms_backend.couchdb.DbField;
+import de.bsi.secvisogram.csaf_cms_backend.couchdb.IdNotFoundException;
+import de.bsi.secvisogram.csaf_cms_backend.exception.CsafException;
+import de.bsi.secvisogram.csaf_cms_backend.json.AdvisoryWrapper;
+import de.bsi.secvisogram.csaf_cms_backend.json.ObjectType;
+import de.bsi.secvisogram.csaf_cms_backend.json.TrackingIdCounter;
+import de.bsi.secvisogram.csaf_cms_backend.model.ChangeType;
+import de.bsi.secvisogram.csaf_cms_backend.model.ExportFormat;
+import de.bsi.secvisogram.csaf_cms_backend.model.WorkflowState;
+import de.bsi.secvisogram.csaf_cms_backend.rest.request.CreateAdvisoryRequest;
+import de.bsi.secvisogram.csaf_cms_backend.rest.request.CreateCommentRequest;
+import de.bsi.secvisogram.csaf_cms_backend.rest.response.AdvisoryInformationResponse;
+import de.bsi.secvisogram.csaf_cms_backend.rest.response.AdvisoryResponse;
+import de.bsi.secvisogram.csaf_cms_backend.rest.response.AnswerInformationResponse;
+import de.bsi.secvisogram.csaf_cms_backend.rest.response.CommentInformationResponse;
+import de.bsi.secvisogram.csaf_cms_backend.rest.response.CommentResponse;
+import de.bsi.secvisogram.csaf_cms_backend.validator.ValidatorServiceClient;
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
/**
* Test for the Advisory service. The required CouchDB container is started in the CouchDBExtension.
@@ -83,10 +109,10 @@ public class AdvisoryServiceTest {
@Autowired
private AdvisoryService advisoryService;
- @MockBean
+ @MockitoBean
private PandocService pandocService;
- @MockBean
+ @MockitoBean
private WeasyprintService weasyprintService;