From 0d0b4a80fb10e97b091397154c54c2a28deab843 Mon Sep 17 00:00:00 2001 From: "Tuncay Tunc (ZF Friedrichshafen AG)" Date: Mon, 24 Apr 2023 15:30:29 +0200 Subject: [PATCH] Move centralize dependencies constrains to allprojects block. --- build.gradle.kts | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/build.gradle.kts b/build.gradle.kts index d3079176c..f0ca42f83 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -56,6 +56,15 @@ allprojects { // this is used to counter version conflicts between the JUnit version pulled in by the plugin, // and the one expected by IntelliJ testImplementation(platform("org.junit:junit-bom:5.9.2")) + + constraints { + implementation("org.yaml:snakeyaml:2.0") { + because("version 1.33 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471.") + } + implementation("net.minidev:json-smart:2.4.10") { + because("version 2.4.8 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1370.") + } + } } // configure which version of the annotation processor to use. defaults to the same version as the plugin @@ -159,14 +168,3 @@ subprojects { } } } - -dependencies { - constraints { - implementation("org.yaml:snakeyaml:2.0") { - because("version 1.33 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471.") - } - implementation("net.minidev:json-smart:2.4.10") { - because("version 2.4.8 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1370.") - } - } -}