diff --git a/help.md b/help.md
index 37e22d2..921347d 100644
--- a/help.md
+++ b/help.md
@@ -73,7 +73,8 @@ If the scan gating doesn't appear to occur as expected, confirm that the vulnera
# Version History
-* 1.2.1 - Update dependencies
+* 1.2.2 - Update dependencies
+* 1.2.1 - Excluding unnecessary dependencies
* 1.2.0 - Add proxy connection. Add server logs debugging.
* 1.1.2 - Update dependencies
* 1.1.1 - Add new regions to InsightAppSec Region dropdown. Use search endpoint to retrieve scan-configs.
diff --git a/manifest.json b/manifest.json
index 9b5fc48..bbe7a1c 100644
--- a/manifest.json
+++ b/manifest.json
@@ -21,13 +21,18 @@
"sourceUrl": "https://github.com/rapid7/insightappsec-bamboo-plugin",
"licenseUrl": "https://github.com/rapid7/insightappsec-bamboo-plugin/blob/master/LICENSE"
},
- "version": "1.2.1",
+ "version": "1.2.2",
"versionHistory": [
{
- "version": "1.2.1",
+ "version": "1.2.2",
"date": "",
"changes": "Update dependencies."
},
+ {
+ "version": "1.2.1",
+ "date": "",
+ "changes": "Excluding unnecessary dependencies."
+ },
{
"version": "1.2.0",
"date": "",
diff --git a/pom.xml b/pom.xml
index 28b7490..b5335fb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
4.0.0
com.rapid7.ias.bamboo
insightappsec-bamboo-plugin
- 1.2.1
+ 1.2.2
https://github.com/rapid7/insightappsec-bamboo-plugin
@@ -41,6 +41,8 @@
1.8.0
2.8.9
1.2.17-atlassian-18
+ 3.12.0
+ 2.21.1
@@ -94,13 +96,17 @@
org.apache.activemq
activemq-openwire-legacy
+
+ log4j
+ log4j
+
org.apache.commons
commons-lang3
- 3.12.0
+ ${commons-lang3.version}
@@ -132,9 +138,9 @@
- log4j
- log4j
- ${log4j.version}
+ org.apache.logging.log4j
+ log4j-core
+ ${apache-logging.version}
diff --git a/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecHelper.java b/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecHelper.java
index bf9349b..eec894d 100644
--- a/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecHelper.java
+++ b/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecHelper.java
@@ -20,7 +20,7 @@
public class InsightAppSecHelper {
- private String USER_AGENT = "r7:insightappsec-bamboo/1.2.1";
+ private String USER_AGENT = "r7:insightappsec-bamboo/1.2.2";
private String SCAN_CONFIG_QUERY = "scanconfig.app.id='%1$s' && scanconfig.name='%2$s'";
private UtilityLogger logger;
diff --git a/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecScanTask.java b/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecScanTask.java
index 16d715a..100ae33 100644
--- a/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecScanTask.java
+++ b/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecScanTask.java
@@ -5,7 +5,12 @@
import com.atlassian.bamboo.plan.artifact.ArtifactDefinitionContextImpl;
import com.atlassian.bamboo.plan.artifact.ArtifactPublishingResult;
import com.atlassian.bamboo.security.SecureToken;
-import com.atlassian.bamboo.task.*;
+import com.atlassian.bamboo.task.CommonTaskContext;
+import com.atlassian.bamboo.task.CommonTaskType;
+import com.atlassian.bamboo.task.TaskContext;
+import com.atlassian.bamboo.task.TaskException;
+import com.atlassian.bamboo.task.TaskResult;
+import com.atlassian.bamboo.task.TaskResultBuilder;
import com.atlassian.bamboo.util.Narrow;
import com.atlassian.plugin.spring.scanner.annotation.component.Scanned;
import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
@@ -16,9 +21,10 @@
import com.rapid7.ias.client.model.ResourceApp;
import com.rapid7.ias.client.model.ResourceScanConfig;
import com.rapid7.ias.client.model.ResourceVulnerability;
+import org.apache.logging.log4j.LogManager;
import org.jetbrains.annotations.NotNull;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.Logger;
import java.io.File;
import java.util.*;
@@ -27,7 +33,7 @@
@Scanned
public class InsightAppSecScanTask implements CommonTaskType, IasConstants {
private UtilityLogger logger;
- private static final Logger log = Logger.getLogger(InsightAppSecScanTask.class);
+ private static final Logger log = LogManager.getLogger(InsightAppSecScanTask.class);
private String region;
private String appName;
@@ -234,4 +240,4 @@ private void publishArtifacts(TaskContext taskContext, String name, File directo
taskContext.getBuildContext().getArtifactContext().addPublishingResult(result);
}
-}
\ No newline at end of file
+}
diff --git a/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecScanTaskConfigurator.java b/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecScanTaskConfigurator.java
index 360688d..bf31bd0 100644
--- a/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecScanTaskConfigurator.java
+++ b/src/main/java/com/rapid7/ias/bamboo/impl/InsightAppSecScanTaskConfigurator.java
@@ -13,6 +13,7 @@
import static com.atlassian.bamboo.credentials.UsernamePasswordCredentialType.CFG_PASSWORD;
import com.rapid7.ias.client.ApiClient;
+import org.apache.logging.log4j.LogManager;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
@@ -21,7 +22,7 @@
import com.rapid7.ias.client.model.ResourceScanConfig;
import org.apache.commons.lang.StringUtils;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.Logger;
import java.util.Hashtable;
import java.util.Map;
@@ -98,7 +99,7 @@ public Map generateTaskConfigMap(@NotNull ActionParametersMap par
@Override
public void validate(@NotNull ActionParametersMap params,
@NotNull ErrorCollection errorCollection) {
- Logger log = Logger.getLogger(InsightAppSecScanTaskConfigurator.class);
+ Logger log = LogManager.getLogger(InsightAppSecScanTaskConfigurator.class);
UtilityLogger logger = new UtilityLogger(log);
super.validate(params, errorCollection);
@@ -218,4 +219,4 @@ public void populateContextForEdit(@NotNull final Map context,Tas
context.put(VULN_QUERY, config.get(VULN_QUERY));
context.put(DEBUGGING, config.get(DEBUGGING));
}
-}
\ No newline at end of file
+}
diff --git a/src/main/java/com/rapid7/ias/bamboo/util/UtilityLogger.java b/src/main/java/com/rapid7/ias/bamboo/util/UtilityLogger.java
index 33243db..9a37da9 100644
--- a/src/main/java/com/rapid7/ias/bamboo/util/UtilityLogger.java
+++ b/src/main/java/com/rapid7/ias/bamboo/util/UtilityLogger.java
@@ -1,7 +1,7 @@
package com.rapid7.ias.bamboo.util;
import com.atlassian.bamboo.build.logger.BuildLogger;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.Logger;
public class UtilityLogger {
@@ -30,4 +30,4 @@ public void error(String message) {
logger.error(message);
if (this.buildLogger != null) buildLogger.addErrorLogEntry(message);
}
-}
\ No newline at end of file
+}