SCANJLIB-275 Update dependencies

Author: henryju

its/it-tests/pom.xml

@@ -1,4 +1,5 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <parent>
     <groupId>org.sonarsource.scanner.lib</groupId>
@@ -27,18 +28,8 @@
     <dependency>
       <groupId>org.sonarsource.orchestrator</groupId>
       <artifactId>sonar-orchestrator-junit4</artifactId>
-      <version>5.1.0.2254</version>
+      <version>5.6.2.2625</version>
       <scope>test</scope>
-      <exclusions>
-        <exclusion>
-          <groupId>ch.qos.logback</groupId>
-          <artifactId>logback-classic</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>ch.qos.logback</groupId>
-          <artifactId>logback-core</artifactId>
-        </exclusion>
-      </exclusions>
     </dependency>
 
     <dependency>
@@ -49,8 +40,8 @@
       <exclusions>
         <!-- Will be embedded in jar-with-dependency -->
         <exclusion>
-          <groupId>${project.groupId}</groupId>
-          <artifactId>sonar-scanner-java-library</artifactId>
+          <groupId>*</groupId>
+          <artifactId>*</artifactId>
         </exclusion>
       </exclusions>
     </dependency>
@@ -65,7 +56,7 @@
       <version>1.13.1</version>
       <scope>test</scope>
     </dependency>
-    
+
     <!-- Logging -->
     <dependency>
       <groupId>ch.qos.logback</groupId>
@@ -79,7 +70,7 @@
       <version>${logback.version}</version>
       <scope>test</scope>
     </dependency>
-    
+
     <!-- SSL tests -->
     <dependency>
       <groupId>org.eclipse.jetty</groupId>

its/it-tests/src/test/java/com/sonar/scanner/lib/it/SSLTest.java

@@ -184,7 +184,7 @@ public void simple_analysis_with_server_and_client_certificate() throws Exceptio
     BuildResult buildResult = scanner.executeSimpleProject(project("js-sample"), "https://localhost:" + httpsPort);
 
     assertThat(buildResult.getLastStatus()).isNotZero();
-    assertThat(buildResult.getLogs()).contains("None of the TrustManagers trust this certificate chain");
+    assertThat(buildResult.getLogs()).contains("The certificate chain is not trusted");
 
     Path clientTruststore = Paths.get(SSLTest.class.getResource(KEYSTORE_CLIENT_WITH_CA_KEYTOOL).toURI()).toAbsolutePath();
     assertThat(clientTruststore).exists();
@@ -210,7 +210,7 @@ public void simple_analysis_with_server_and_without_client_certificate_is_failin
     BuildResult buildResult = scanner.executeSimpleProject(project("js-sample"), "https://localhost:" + httpsPort);
 
     assertThat(buildResult.getLastStatus()).isNotZero();
-    assertThat(buildResult.getLogs()).contains("None of the TrustManagers trust this certificate chain");
+    assertThat(buildResult.getLogs()).contains("The certificate chain is not trusted");
 
     Path clientTruststore = Paths.get(SSLTest.class.getResource(KEYSTORE_CLIENT_WITH_CA_KEYTOOL).toURI()).toAbsolutePath();
     assertThat(clientTruststore).exists();
@@ -248,7 +248,7 @@ public void simple_analysis_with_server_certificate(String clientTrustStore, Str
 
     BuildResult buildResult = scanner.executeSimpleProject(project("js-sample"), "https://localhost:" + httpsPort);
     assertThat(buildResult.getLastStatus()).isNotZero();
-    assertThat(buildResult.getLogs()).contains("None of the TrustManagers trust this certificate chain");
+    assertThat(buildResult.getLogs()).contains("The certificate chain is not trusted");
 
     Path clientTruststore = Paths.get(SSLTest.class.getResource(clientTrustStore).toURI()).toAbsolutePath();
     assertThat(clientTruststore).exists();

lib/pom.xml

@@ -26,7 +26,7 @@
     </dependency>
     <dependency>
       <groupId>com.squareup.okhttp3</groupId>
-      <artifactId>okhttp</artifactId>
+      <artifactId>okhttp-jvm</artifactId>
     </dependency>
     <dependency>
       <groupId>com.squareup.okhttp3</groupId>
@@ -67,12 +67,12 @@
     <dependency>
       <groupId>io.github.hakky54</groupId>
       <artifactId>sslcontext-kickstart</artifactId>
-      <version>8.3.6</version>
+      <version>9.1.0</version>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.78.1</version>
+      <version>1.81</version>
     </dependency>
 
     <!-- unit tests -->
@@ -105,7 +105,7 @@
     <dependency>
       <groupId>org.wiremock</groupId>
       <artifactId>wiremock-standalone</artifactId>
-      <version>3.9.2</version>
+      <version>3.13.1</version>
       <scope>test</scope>
     </dependency>
     <dependency>

pom.xml

@@ -53,8 +53,8 @@
 
     <!-- used for deployment to SonarSource Artifactory -->
     <gitRepositoryName>sonar-scanner-java-library</gitRepositoryName>
-    <okhttp.version>4.12.0</okhttp.version>
-    <mockito.version>5.14.2</mockito.version>
+    <okhttp.version>5.1.0</okhttp.version>
+    <mockito.version>5.18.0</mockito.version>
   </properties>
 
   <dependencyManagement>
@@ -67,7 +67,7 @@
       <dependency>
         <groupId>commons-io</groupId>
         <artifactId>commons-io</artifactId>
-        <version>2.16.1</version>
+        <version>2.19.0</version>
       </dependency>
       <dependency>
         <groupId>org.apache.commons</groupId>
@@ -76,7 +76,7 @@
       </dependency>
       <dependency>
         <groupId>com.squareup.okhttp3</groupId>
-        <artifactId>okhttp</artifactId>
+        <artifactId>okhttp-jvm</artifactId>
         <version>${okhttp.version}</version>
       </dependency>
       <dependency>
@@ -92,7 +92,7 @@
       <dependency>
         <groupId>com.google.code.gson</groupId>
         <artifactId>gson</artifactId>
-        <version>2.11.0</version>
+        <version>2.13.1</version>
       </dependency>
       <dependency>
         <groupId>com.google.code.findbugs</groupId>
@@ -102,7 +102,7 @@
 			<dependency>
 				<groupId>org.junit</groupId>
 				<artifactId>junit-bom</artifactId>
-				<version>5.11.3</version>
+				<version>5.13.3</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
@@ -119,12 +119,12 @@
       <dependency>
         <groupId>org.assertj</groupId>
         <artifactId>assertj-core</artifactId>
-        <version>3.26.3</version>
+        <version>3.27.3</version>
       </dependency>
       <dependency>
         <groupId>commons-codec</groupId>
         <artifactId>commons-codec</artifactId>
-        <version>1.17.1</version>
+        <version>1.18.0</version>
       </dependency>
     </dependencies>
   </dependencyManagement>