From 1f7a7fa3767fb1bf6e00eddff616dc48172bccd0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 12 Jan 2024 14:35:52 +0000
Subject: [PATCH] fix: pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-1035561
- https://snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-1296075
- https://snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-2841508
- https://snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-32369
- https://snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-32412
---
 pom.xml | 44 ++++++++++++++++++++++----------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/pom.xml b/pom.xml
index 15293a0ac..47897fc22 100644
--- a/pom.xml
+++ b/pom.xml
@@ -321,39 +321,39 @@
                                 <!-- windows build -->
                                 <copy todir="${dist.base}/windows">
                                     <fileset dir="${project.basedir}">
-                                        <include name="config/**" />
-                                        <include name="LICENSE*" />
+                                        <include name="config/**"/>
+                                        <include name="LICENSE*"/>
                                     </fileset>
                                     <fileset dir="${project.basedir}/target">
-                                        <include name="semux.exe" />
+                                        <include name="semux.exe"/>
                                     </fileset>
                                 </copy>
-                                <copy file="${project.basedir}/misc/launch4j/semux.l4j.ini" tofile="${dist.base}/windows/semux.l4j.ini" />
-                                <fixcrlf srcdir="${dist.base}/windows" includes="**/*.ini" eol="dos" eof="asis" />
-                                <fixcrlf srcdir="${dist.base}/windows" includes="config/*" eol="dos" eof="asis" />
-                                <fixcrlf srcdir="${dist.base}/windows" includes="LICENSE*" eol="dos" eof="asis" />
+                                <copy file="${project.basedir}/misc/launch4j/semux.l4j.ini" tofile="${dist.base}/windows/semux.l4j.ini"/>
+                                <fixcrlf srcdir="${dist.base}/windows" includes="**/*.ini" eol="dos" eof="asis"/>
+                                <fixcrlf srcdir="${dist.base}/windows" includes="config/*" eol="dos" eof="asis"/>
+                                <fixcrlf srcdir="${dist.base}/windows" includes="LICENSE*" eol="dos" eof="asis"/>
 
                                 <!-- linux build (executable jar) -->
                                 <copy todir="${dist.base}/linux">
                                     <fileset dir="${project.basedir}">
-                                        <include name="config/**" />
-                                        <include name="LICENSE*" />
+                                        <include name="config/**"/>
+                                        <include name="LICENSE*"/>
                                     </fileset>
                                 </copy>
-                                <copy file="${project.basedir}/src/main/resources/org/semux/gui/splash.png" todir="${dist.base}/linux/resources" />
-                                <copy file="${project.basedir}/target/semux-${project.version}-shaded.jar" tofile="${dist.base}/linux/semux.jar" />
-                                <copy file="${project.basedir}/scripts/semux-cli.sh" tofile="${dist.base}/linux/semux-cli.sh" />
-                                <copy file="${project.basedir}/scripts/semux-gui.sh" tofile="${dist.base}/linux/semux-gui.sh" />
-                                <chmod file="${dist.base}/linux/semux.jar" perm="755" />
-                                <chmod file="${dist.base}/linux/semux*.sh" perm="755" />
+                                <copy file="${project.basedir}/src/main/resources/org/semux/gui/splash.png" todir="${dist.base}/linux/resources"/>
+                                <copy file="${project.basedir}/target/semux-${project.version}-shaded.jar" tofile="${dist.base}/linux/semux.jar"/>
+                                <copy file="${project.basedir}/scripts/semux-cli.sh" tofile="${dist.base}/linux/semux-cli.sh"/>
+                                <copy file="${project.basedir}/scripts/semux-gui.sh" tofile="${dist.base}/linux/semux-gui.sh"/>
+                                <chmod file="${dist.base}/linux/semux.jar" perm="755"/>
+                                <chmod file="${dist.base}/linux/semux*.sh" perm="755"/>
 
                                 <!-- macos build -->
                                 <!-- use fat jar because .app bundle is not production ready -->
                                 <copy todir="${dist.base}/macos">
-                                    <fileset dir="${dist.base}/linux"></fileset>
+                                    <fileset dir="${dist.base}/linux"/>
                                 </copy>
-                                <chmod file="${dist.base}/macos/semux.jar" perm="755" />
-                                <chmod file="${dist.base}/macos/semux*.sh" perm="755" />
+                                <chmod file="${dist.base}/macos/semux.jar" perm="755"/>
+                                <chmod file="${dist.base}/macos/semux*.sh" perm="755"/>
                             </target>
                         </configuration>
                         <goals>
@@ -395,7 +395,7 @@
                     <instrumentation>
                         <ignoreTrivial>true</ignoreTrivial>
                     </instrumentation>
-                    <check />
+                    <check/>
                 </configuration>
             </plugin>
 
@@ -474,7 +474,7 @@
                         <configuration>
                             <skip>false</skip>
                             <rules>
-                                <DependencyConvergence />
+                                <DependencyConvergence/>
                                 <digestRule implementation="uk.co.froot.maven.enforcer.DigestRule">
                                     <!-- Create a snapshot to build the list of URNs below -->
                                     <buildSnapshot>false</buildSnapshot>
@@ -602,7 +602,7 @@
                                         </goals>
                                     </pluginExecutionFilter>
                                     <action>
-                                        <ignore></ignore>
+                                        <ignore/>
                                     </action>
                                 </pluginExecution>
                             </pluginExecutions>
@@ -661,7 +661,7 @@
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcprov-jdk15on</artifactId>
-            <version>1.59</version>
+            <version>1.69</version>
         </dependency>
 
         <!-- LevelDB -->