monolith
Used in:
components
- OverviewOverview
- VersionsVersions
- DependentsDependents
- DependenciesDependencies
<dependency>
<groupId>org.semoss</groupId>
<artifactId>monolith</artifactId>
<version>5.3.0</version>
</dependency><?xml version="1.0" encoding="UTF-8"?>
<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.semoss</groupId>
<artifactId>monolith</artifactId>
<version>${ci.version}</version>
<packaging>war</packaging>
<name>Monolith</name>
<description>SEMOSS Monolith</description>
<url>http://semoss.org/</url>
<licenses>
<license>
<name>The Apache License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
<developers>
<developer>
<name>Group Mailbox</name>
<email>semoss@semoss.org</email>
<organization>SEMOSS</organization>
<organizationUrl>http://semoss.org/</organizationUrl>
</developer>
</developers>
<scm>
<connection>scm:git:git://github.com/SEMOSS/Monolith.git</connection>
<developerConnection>scm:git:ssh://github.com:SEMOSS/Monolith.git</developerConnection>
<url>https://github.com/SEMOSS/Monolith</url>
</scm>
<properties>
<ci.version>5.3.0</ci.version>
<project.build.sourceEncoding>cp1252</project.build.sourceEncoding>
<project.reporting.outputEncoding>cp1252</project.reporting.outputEncoding>
<openhtml.version>1.0.1</openhtml.version>
<maven.build.timestamp.format>yyyy-MM-dd HH:mm:ss</maven.build.timestamp.format>
<build.date>${maven.build.timestamp}</build.date>
</properties>
<!-- LEGACY
<distributionManagement><snapshotRepository><id>ossrh</id><url>https://oss.sonatype.org/content/repositories/snapshots</url></snapshotRepository><repository><id>ossrh</id><url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url></repository></distributionManagement>
-->
<reporting>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-project-info-reports-plugin</artifactId>
<version>3.4.5</version>
<reportSets>
<reportSet>
<reports>
<report>index</report>
<report>summary</report>
<report>dependency-info</report>
<report>dependencies</report>
<report>dependency-convergence</report>
</reports>
</reportSet>
</reportSets>
</plugin>
</plugins>
</reporting>
<build>
<sourceDirectory>src</sourceDirectory>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.14.0</version>
<configuration>
<source>21</source>
<target>21</target>
<encoding>cp1252</encoding>
</configuration>
</plugin>
<plugin>
<groupId>com.mycila</groupId>
<artifactId>license-maven-plugin</artifactId>
<version>4.3</version>
<configuration>
<header>src/license/header.txt</header>
<properties>
<year>2015</year>
<owner>Defense Health Agency (DHA)</owner>
</properties>
<includes>
<include>**/*.java</include>
</includes>
<headerDefinitions>
<headerDefinition>src/license/header-style.xml</headerDefinition>
</headerDefinitions>
<mapping>
<java>javadoc_style</java>
</mapping>
<useDefaultMapping>true</useDefaultMapping>
<strictCheck>true</strictCheck>
</configuration>
<executions>
<execution>
<id>format-headers</id>
<phase>process-sources</phase>
<goals>
<goal>format</goal>
</goals>
</execution>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.6.1</version>
<executions>
<execution>
<id>no-duplicate-declared-dependencies</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<banDuplicatePomDependencyVersions/>
<!-- <dependencyConvergence/> -->
</rules>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>3.6.0</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-antrun-plugin</artifactId>
<version>3.1.0</version>
<executions>
<execution>
<phase>process-resources</phase>
<goals>
<goal>run</goal>
</goals>
<configuration>
<target>
<mkdir dir="${project.build.outputDirectory}/META-INF/maven/${project.groupId}/${project.artifactId}"/>
<tstamp>
<format property="build.timestamp.utc" pattern="yyyy-MM-dd HH:mm:ss z" timezone="UTC" />
</tstamp>
<propertyfile file="${project.build.outputDirectory}/META-INF/maven/${project.groupId}/${project.artifactId}/pom.properties">
<entry key="groupId" value="${project.groupId}" />
<entry key="artifactId" value="${project.artifactId}" />
<entry key="version" value="${project.version}" />
<entry key="ci.version" value="${project.version}" />
<entry key="build.date" value="${build.timestamp.utc}" />
</propertyfile>
</target>
</configuration>
</execution>
<!-- this is so log4j can pick up the plugins working in eclipse -->
<execution>
<id>copy-semoss-resources</id>
<phase>process-resources</phase>
<goals>
<goal>run</goal>
</goals>
<configuration>
<target>
<mkdir dir="${project.build.outputDirectory}/META-INF/org/apache/logging/log4j/core/config/plugins"/>
<copy file="../Semoss/src/main/resources/META-INF/org/apache/logging/log4j/core/config/plugins/Log4j2Plugins.dat"
todir="${project.build.outputDirectory}/META-INF/org/apache/logging/log4j/core/config/plugins"
overwrite="true"
failonerror="false"/>
</target>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>dev</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<build>
<plugins>
<!-- https://mvnrepository.com/artifact/org.apache.maven.plugins/maven-war-plugin -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>3.4.0</version>
<configuration>
<webXml>WebContent/WEB-INF/web.xml</webXml>
<failOnMissingWebXml>true</failOnMissingWebXml>
<attachClasses>true</attachClasses>
<warSourceDirectory>${basedir}/WebContent</warSourceDirectory>
<warSourceIncludes>
accountLocked/**,
error/**,
login/**,
logout/**,
noUserFail/**,
saml2/**,
samlLogin/**,
samlSPLogin/**,
sessionCounterFail/**,
setAdmin/**,
share/**,
startUpFail/**,
</warSourceIncludes>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>deploy</id>
<!-- note that this only works for jdk [1.8,) -->
<!-- however, the following would enable this profile, -->
<!-- and we want to stick with dev unless -P deploy is given
explicitly -->
<!--activation><jdk>[1.8,)</jdk></activation-->
<!-- disabling javadoc lint - ideally should clean up javadocs -->
<!-- see https://stackoverflow.com/a/16743137/9612364 -->
<properties>
<javadoc.opts>-Xdoclint:none</javadoc.opts>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>3.4.0</version>
<configuration>
<webXml>WebContent/WEB-INF/web.xml</webXml>
<failOnMissingWebXml>true</failOnMissingWebXml>
<attachClasses>true</attachClasses>
<warSourceDirectory>${basedir}/WebContent</warSourceDirectory>
<warSourceIncludes>
accountLocked/**,
error/**,
login/**,
logout/**,
noUserFail/**,
saml2/**,
samlLogin/**,
samlSPLogin/**,
sessionCounterFail/**,
setAdmin/**,
share/**,
startUpFail/**,
</warSourceIncludes>
<packagingExcludes>
%regex[WEB-INF/lib/(?!semoss-${ci.version}).*.jar]
</packagingExcludes>
</configuration>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<version>2.5.3</version>
<configuration>
<descriptor>libraries.xml</descriptor>
</configuration>
<executions>
<execution>
<id>create-archive</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- LEGACY
<plugin><groupId>org.sonatype.plugins</groupId><artifactId>nexus-staging-maven-plugin</artifactId><version>1.6.7</version><extensions>true</extensions><configuration><serverId>ossrh</serverId><nexusUrl>https://oss.sonatype.org/</nexusUrl><autoReleaseAfterClose>false</autoReleaseAfterClose></configuration></plugin>
-->
<!-- LEGACY
<plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-gpg-plugin</artifactId><version>1.5</version><executions><execution><id>sign-artifacts</id><phase>verify</phase><goals><goal>sign</goal></goals><configuration><gpgArguments><arg>loopback</arg></gpgArguments></configuration></execution></executions></plugin>
-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>3.2.8</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
<configuration>
<bestPractices>true</bestPractices>
<executable>gpg</executable>
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
<!-- disabling javadoc lint - ideally should
clean up javadocs -->
<configuration>
<additionalparam>${javadoc.opts}</additionalparam>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.sonatype.central</groupId>
<artifactId>central-publishing-maven-plugin</artifactId>
<version>0.8.0</version>
<extensions>true</extensions>
<configuration>
<publishingServerId>central</publishingServerId>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
<repositories>
<repository>
<id>repo1</id>
<name>Maven Repository Switchboard</name>
<layout>default</layout>
<url>https://repo.maven.apache.org/maven2</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<name>Central Portal Snapshots</name>
<id>central-portal-snapshots</id>
<url>https://central.sonatype.com/repository/maven-snapshots/</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
<repository>
<id>3rdPartyJARs</id>
<name>Maven repository</name>
<url>https://maven.semoss.org/repository/3rdPartyJARs</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
<!-- repository for Apache Storm -->
<!-- <repository><id>clojars.org</id><url>http://clojars.org/repo</url></repository> -->
<repository>
<id>redshift</id>
<url>https://s3.amazonaws.com/redshift-maven-repository/release</url>
</repository>
</repositories>
<dependencyManagement>
<dependencies>
<!-- GHSA-2m67-wjpj-xhg9 / CVE-2026-29062: force transitive tools.jackson.core (Jackson 3.x) from mcp-json-jackson3 up to fixed version -->
<dependency>
<groupId>tools.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>3.1.1</version>
</dependency>
<dependency>
<groupId>tools.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>3.1.1</version>
</dependency>
<!-- CVE force: CVE-2025-12183/CVE-2025-66566 - override transitive org.lz4:lz4-java version (1.8.0) -->
<dependency>
<groupId>org.lz4</groupId>
<artifactId>lz4-java</artifactId>
<version>1.8.1</version>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.semoss</groupId>
<artifactId>semoss</artifactId>
<version>${ci.version}</version>
<classifier>shaded-dependencies</classifier>
<exclusions>
<exclusion>
<groupId>com.amazon.athena</groupId>
<artifactId>athena-jdbc-uber</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-catalina -->
<!-- this is the primary tomcat specific jar -->
<dependency>
<groupId>org.apache.tomcat</groupId>
<artifactId>tomcat-catalina</artifactId>
<version>9.0.117</version>
</dependency>
<!-- https://mvnrepository.com/artifact/javax.websocket/javax.websocket-api -->
<dependency>
<groupId>javax.websocket</groupId>
<artifactId>javax.websocket-api</artifactId>
<version>1.1</version>
<scope>provided</scope>
</dependency>
<!-- https://mvnrepository.com/artifact/jakarta.activation/jakarta.activation-api -->
<dependency>
<groupId>jakarta.activation</groupId>
<artifactId>jakarta.activation-api</artifactId>
<version>1.2.2</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-core -->
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-core</artifactId>
<version>4.7.10.Final</version>
<exclusions>
<exclusion>
<groupId>org.reactivestreams</groupId>
<artifactId>reactive-streams</artifactId>
</exclusion>
<exclusion>
<groupId>org.ow2.asm</groupId>
<artifactId>asm</artifactId>
</exclusion>
<exclusion>
<groupId>jakarta.activation</groupId>
<artifactId>jakarta.activation-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-jaxb-provider -->
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jaxb-provider</artifactId>
<version>4.7.10.Final</version>
</dependency>
<!-- SAML ONE JAR -->
<!-- https://mvnrepository.com/artifact/org.openidentityplatform.openam/openam-federation-library -->
<dependency>
<groupId>org.openidentityplatform.openam</groupId>
<artifactId>openam-federation-library</artifactId>
<version>15.2.2</version>
<exclusions>
<exclusion>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
<exclusion>
<groupId>org.json</groupId>
<artifactId>json</artifactId>
</exclusion>
<exclusion>
<groupId>jakarta.activation</groupId>
<artifactId>jakarta.activation-api</artifactId>
</exclusion>
<exclusion>
<groupId>com.fasterxml.woodstox</groupId>
<artifactId>woodstox-core</artifactId>
</exclusion>
<exclusion>
<artifactId>commons-logging</artifactId>
<groupId>commons-logging</groupId>
</exclusion>
<exclusion>
<groupId>org.glassfish</groupId>
<artifactId>jakarta.json</artifactId>
</exclusion>
<exclusion>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
</exclusion>
<exclusion>
<groupId>com.sun.xml.rpc</groupId>
<artifactId>jaxrpc-impl</artifactId>
</exclusion>
<exclusion>
<groupId>org.javassist</groupId>
<artifactId>javassist</artifactId>
</exclusion>
<exclusion>
<groupId>org.codehaus.woodstox</groupId>
<artifactId>stax2-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.ow2.asm</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>com.sun.mail</groupId>
<artifactId>jakarta.mail</artifactId>
</exclusion>
<exclusion>
<groupId>org.owasp.esapi</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.openidentityplatform.commons.i18n-framework</groupId>
<artifactId>slf4j</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>4.0.4</version>
</dependency>
<!-- adding updated jar to deal with exclusion w/ vulnerability -->
<!-- https://mvnrepository.com/artifact/com.fasterxml.woodstox/woodstox-core -->
<dependency>
<groupId>com.fasterxml.woodstox</groupId>
<artifactId>woodstox-core</artifactId>
<version>5.4.0</version>
</dependency>
<!-- https://mvnrepository.com/artifact/javax.activation/activation -->
<!-- required for openam compilation without com.sum.mail -->
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>1.1.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.sun.xml.rpc/jaxrpc-impl -->
<dependency>
<groupId>com.sun.xml.rpc</groupId>
<artifactId>jaxrpc-impl</artifactId>
<version>1.1.6</version>
<exclusions>
<exclusion>
<groupId>com.sun.mail</groupId>
<artifactId>jakarta.mail</artifactId>
</exclusion>
<exclusion>
<groupId>com.sun.xml.fastinfoset</groupId>
<artifactId>FastInfoset</artifactId>
</exclusion>
<exclusion>
<groupId>jakarta.xml.rpc</groupId>
<artifactId>jakarta.xml.rpc-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- https://mvnrepository.com/artifact/com.sun.xml.fastinfoset/FastInfoset -->
<dependency>
<groupId>com.sun.xml.fastinfoset</groupId>
<artifactId>FastInfoset</artifactId>
<version>1.2.18</version>
</dependency>
<!-- https://mvnrepository.com/artifact/jakarta.xml.rpc/jakarta.xml.rpc-api -->
<dependency>
<groupId>jakarta.xml.rpc</groupId>
<artifactId>jakarta.xml.rpc-api</artifactId>
<version>1.1.4</version>
<exclusions>
<exclusion>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcpkix-jdk18on -->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>1.78.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/joda-time/joda-time -->
<dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
<version>2.14.0</version>
<exclusions>
<exclusion>
<groupId>org.joda</groupId>
<artifactId>joda-convert</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- https://mvnrepository.com/artifact/com.mikesamuel/json-sanitizer -->
<dependency>
<groupId>com.mikesamuel</groupId>
<artifactId>json-sanitizer</artifactId>
<version>1.2.3</version>
</dependency>
</dependencies>
</project>