diff --git a/.classpath b/.classpath
index bf5450a9d..0181995b0 100644
--- a/.classpath
+++ b/.classpath
@@ -9,18 +9,18 @@
-
+
-
-
-
+
+
+
-
-
-
+
+
+
@@ -72,7 +72,7 @@
-
+
@@ -80,7 +80,7 @@
-
+
@@ -94,8 +94,8 @@
-
-
+
+
diff --git a/build.moxie b/build.moxie
index 31dba4a71..057c1c9d3 100644
--- a/build.moxie
+++ b/build.moxie
@@ -106,7 +106,7 @@ repositories: central, eclipse-snapshots, eclipse, gitblit
# Convenience properties for dependencies
properties: {
jetty.version : 9.4.49.v20220914
- slf4j.version : 1.7.29
+ slf4j.version : 1.7.36
wicket.version : 1.4.22
lucene.version : 5.5.2
jgit.version : 4.11.9.201909030838-r
@@ -115,7 +115,7 @@ properties: {
selenium.version : 2.28.0
wikitext.version : 1.4
sshd.version: 1.7.0
- mina.version: 2.0.21
+ mina.version: 2.0.25
guice.version : 5.1.0
# Gitblit maintains a fork of guice-servlet
guice-servlet.version : 5.1.0-gb2
@@ -135,11 +135,11 @@ properties: {
dependencies:
- compile 'com.google.inject:guice:${guice.version}' :war :fedclient
- compile 'com.google.inject.extensions:guice-servlet:${guice-servlet.version}' :war
-- compile 'com.google.guava:guava:31.1-jre' :war :fedclient
+- compile 'com.google.guava:guava:32.1.3-jre' :war :fedclient
- compile 'com.intellij:annotations:12.0' :war
-- compile 'log4j:log4j:1.2.17' :war :fedclient :manager
+- compile 'ch.qos.reload4j:reload4j:1.2.25' :war :fedclient :manager
- compile 'org.slf4j:slf4j-api:${slf4j.version}' :war :fedclient :manager
-- compile 'org.slf4j:slf4j-log4j12:${slf4j.version}' :war :fedclient :manager
+- compile 'org.slf4j:slf4j-reload4j:${slf4j.version}' :war :fedclient :manager
- compile 'com.sun.mail:javax.mail:1.5.6' :war
- compile 'javax.servlet:javax.servlet-api:3.1.0' :fedclient
- compile 'org.eclipse.jetty:jetty-servlet:${jetty.version}' @jar
@@ -180,7 +180,7 @@ dependencies:
- compile 'com.unboundid:unboundid-ldapsdk:2.3.8' :war
- compile 'org.apache.ivy:ivy:2.2.0' :war
- compile 'com.toedter:jcalendar:1.3.2' :authority
-- compile 'org.apache.commons:commons-compress:1.22' :war
+- compile 'org.apache.commons:commons-compress:1.24.0' :war
- compile 'commons-io:commons-io:2.11.0' :war
- compile 'com.force.api:force-partner-api:24.0.0' :war
- compile 'org.freemarker:freemarker:2.3.22' :war
@@ -190,8 +190,8 @@ dependencies:
- compile 'commons-codec:commons-codec:1.9' :war
- compile 'redis.clients:jedis:2.6.2' :war
- compile 'ro.fortsoft.pf4j:pf4j:0.9.0' :war
-- compile 'org.apache.tika:tika-core:1.5' :war
-- compile 'org.jsoup:jsoup:1.7.3' :war
+- compile 'org.apache.tika:tika-core:1.28.5' :war
+- compile 'org.jsoup:jsoup:1.16.2' :war
- compile 'com.sun.activation:javax.activation:1.2.0' :war :manager :fedclient
- test 'junit:junit:4.12'
# Dependencies for Selenium web page testing
diff --git a/gitblit.iml b/gitblit.iml
index 4f83701c0..0761644b7 100644
--- a/gitblit.iml
+++ b/gitblit.iml
@@ -48,13 +48,13 @@
-
+
-
+
-
+
@@ -90,35 +90,35 @@
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
@@ -145,35 +145,35 @@
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
@@ -737,13 +737,13 @@
-
+
-
+
-
+
@@ -823,13 +823,13 @@
-
+
-
+
-
+
@@ -977,24 +977,24 @@
-
+
-
+
-
+
-
+
-
+
-
+
diff --git a/src/main/java/com/gitblit/utils/JSoupXssFilter.java b/src/main/java/com/gitblit/utils/JSoupXssFilter.java
index aec22411a..f2702813b 100644
--- a/src/main/java/com/gitblit/utils/JSoupXssFilter.java
+++ b/src/main/java/com/gitblit/utils/JSoupXssFilter.java
@@ -18,7 +18,7 @@
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.safety.Cleaner;
-import org.jsoup.safety.Whitelist;
+import org.jsoup.safety.Safelist;
import com.google.inject.Inject;
import com.google.inject.Singleton;
@@ -38,7 +38,7 @@ public class JSoupXssFilter implements XssFilter {
@Inject
public JSoupXssFilter() {
- none = new Cleaner(Whitelist.none());
+ none = new Cleaner(Safelist.none());
relaxed = new Cleaner(getRelaxedWhiteList());
}
@@ -64,8 +64,8 @@ protected String clean(String input, Cleaner cleaner) {
* https://github.com/github/markup/tree/master#html-sanitization
* @return a loose HTML whitelist
*/
- protected Whitelist getRelaxedWhiteList() {
- return new Whitelist()
+ protected Safelist getRelaxedWhiteList() {
+ return new Safelist()
.addTags(
"a", "b", "blockquote", "br", "caption", "cite", "code", "col",
"colgroup", "dd", "del", "div", "dl", "dt", "em", "h1", "h2", "h3", "h4", "h5", "h6", "hr",