plugins {
id 'org.springframework.boot' version '2.7.18'
id 'io.spring.dependency-management' version '1.1.4'
id 'java'
}
java {
group = 'eu.openaire.urls_controller'
version = '2.7.0-SNAPSHOT'
sourceCompatibility = JavaVersion . VERSION_1_8
}
repositories {
mavenCentral ( )
maven {
name "madgik"
url "https://repo.madgik.di.uoa.gr/content/repositories/thirdparty/"
}
}
ext {
hadoopVersion = '3.4.0'
}
dependencies {
runtimeOnly "org.springframework.boot:spring-boot-devtools"
implementation "org.springframework.boot:spring-boot-starter-web"
implementation ( "org.springframework.boot:spring-boot-starter-security" )
implementation ( "org.springframework.boot:spring-boot-starter-jdbc" )
implementation ( "org.springframework.boot:spring-boot-configuration-processor" )
implementation ( "org.springframework.boot:spring-boot-starter-actuator" )
implementation ( "org.springframework.boot:spring-boot-starter-aop" )
implementation ( "org.springframework.security:spring-security-core" )
implementation ( "org.springframework.security:spring-security-web" )
implementation ( "org.springframework.security:spring-security-config" )
//implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: '0.11.5' // Use this in case we use auth-tokens later on.
// Enable the validation annotations.
//implementation group: 'jakarta.validation', name: 'jakarta.validation-api', version: '3.0.2'
// https://mvnrepository.com/artifact/com.google.guava/guava
implementation group: 'com.google.guava' , name: 'guava' , version: '33.0.0-jre'
// https://mvnrepository.com/artifact/org.apache.commons/commons-lang3
implementation group: 'org.apache.commons' , name: 'commons-lang3' , version: '3.14.0'
// https://mvnrepository.com/artifact/org.apache.commons/commons-compress
implementation ( "org.apache.commons:commons-compress:1.26.1" ) {
exclude group: 'com.github.luben' , module: 'zstd-jni'
}
implementation 'com.github.luben:zstd-jni:1.5.5-11' // Even though this is part of the above dependency, the Apache commons rarely updates it, while the zstd team makes improvements very often.
implementation 'io.minio:minio:8.5.9'
// https://mvnrepository.com/artifact/com.cloudera.impala/jdbc
implementation ( "com.cloudera.impala:jdbc:2.5.31" ) {
exclude group: 'org.apache.hive' , module: 'hive-exec'
exclude group: 'com.twitter' , module: 'parquet-hadoop-bundle'
exclude group: 'org.apache.parquet' , module: 'parquet-avro'
exclude group: 'org.apache.avro' , module: 'avro'
exclude group: 'org.slf4j' , module: 'slf4j-log4j12'
exclude group: 'org.apache.derby' , module: 'derby'
exclude group: 'org.eclipse.jetty.aggregate' , module: 'jetty-all'
exclude group: 'ch.qos.log4j' , module: 'log4j'
exclude group: 'ch.qos.log4j' , module: 'apache-log4j-extras'
// Vulnerable dependencies:
exclude group: 'log4j' , module: 'log4j'
exclude group: 'org.apache.ant' , module: 'ant'
exclude group: 'org.apache.thrift' , module: 'libthrift' // This is an older version (we add the updated one later).
exclude group: 'org.apache.hive' , module: 'hive-metastore'
// Avoid excluding 'org.apache.hive:hive-service', as this is needed and unfortunately, even adding a newer version separately, it introducing other vulnerable dependencies.
}
// https://mvnrepository.com/artifact/org.apache.parquet/parquet-avro
implementation ( 'org.apache.parquet:parquet-avro:1.13.1' )
// https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-common
implementation ( "org.apache.hadoop:hadoop-common:$hadoopVersion" ) {
exclude group: 'org.apache.parquet' , module: 'parquet-avro'
exclude group: 'org.apache.avro' , module: 'avro'
exclude group: 'org.slf4j' , module: 'slf4j-api'
exclude group: 'org.slf4j' , module: 'slf4j-reload4j'
exclude group: 'ch.qos.reload4j' , module: 'reload4j'
// Vulnerable dependencies:
exclude group: 'com.google.protobuf' , module: 'protobuf-java'
exclude group: 'org.codehaus.jackson' , module: 'jackson-core-asl'
exclude group: 'org.codehaus.jackson' , module: 'jackson-mapper-asl'
exclude group: 'com.fasterxml.woodstox' , module: 'woodstox-core'
//exclude group: 'commons-collections', module: 'commons-collections' // This dependency is required in order for the program to run without errors. It is discontinued.
}
// https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-mapreduce-client-core
implementation ( "org.apache.hadoop:hadoop-mapreduce-client-core:$hadoopVersion" ) {
exclude group: 'org.apache.parquet' , module: 'parquet-avro'
exclude group: 'org.apache.avro' , module: 'avro'
exclude group: 'org.slf4j' , module: 'slf4j-api'
exclude group: 'org.slf4j' , module: 'slf4j-reload4j'
exclude group: 'ch.qos.reload4j' , module: 'reload4j'
// Vulnerable dependencies:
exclude group: 'com.google.protobuf' , module: 'protobuf-java'
exclude group: 'io.netty' , module: 'netty'
}
// Add back some updated version of the needed dependencies.
implementation 'org.apache.thrift:libthrift:0.17.0' // Newer versions (>=0.18.X) are not compatible with JAVA 8.
implementation 'com.fasterxml.woodstox:woodstox-core:6.6.2'
// https://mvnrepository.com/artifact/org.json/json
implementation 'org.json:json:20240303' // This is used only in "ParquetFileUtils.createRemoteParquetDirectories()". TODO - Replace it with "gson".
// https://mvnrepository.com/artifact/com.google.code.gson/gson
implementation 'com.google.code.gson:gson:2.10.1'
// https://mvnrepository.com/artifact/io.micrometer/micrometer-registry-prometheus
runtimeOnly 'io.micrometer:micrometer-registry-prometheus:1.12.4'
testImplementation 'org.springframework.security:spring-security-test'
testImplementation "org.springframework.boot:spring-boot-starter-test"
}
configurations . implementation {
exclude group: 'com.twitter' , module: 'parquet-hadoop-bundle'
}
// Set increased lower and upper limits for the java-execution.
tasks . withType ( JavaExec ) . configureEach {
jvmArgs = [ '-Xms512m' , '-Xmx8g' ]
}
test {
useJUnitPlatform ( )
}