994e1b3ca1
NullX Finding 2: unbounded size param allowed full table scan. Added spring-boot-starter-validation, @Validated on the controller, @Min(1) @Max(100) on the size param, and ConstraintViolationException → 400 in GlobalExceptionHandler. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
235 lines
6.5 KiB
XML
235 lines
6.5 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
|
|
<modelVersion>4.0.0</modelVersion>
|
|
<parent>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-parent</artifactId>
|
|
<version>4.0.0</version>
|
|
<relativePath/> <!-- lookup parent from repository -->
|
|
</parent>
|
|
<groupId>org.raddatz</groupId>
|
|
<artifactId>familienarchiv</artifactId>
|
|
<version>0.0.1-SNAPSHOT</version>
|
|
<name>Familienarchiv</name>
|
|
<description>Backend für das Familenarchiv</description>
|
|
<url/>
|
|
<licenses>
|
|
<license/>
|
|
</licenses>
|
|
<developers>
|
|
<developer/>
|
|
</developers>
|
|
<scm>
|
|
<connection/>
|
|
<developerConnection/>
|
|
<tag/>
|
|
<url/>
|
|
</scm>
|
|
<properties>
|
|
<java.version>21</java.version>
|
|
</properties>
|
|
<dependencies>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-actuator</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-validation</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-jpa</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-jdbc</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-security</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-webmvc</artifactId>
|
|
<exclusions>
|
|
<exclusion>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-tomcat</artifactId>
|
|
</exclusion>
|
|
</exclusions>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.postgresql</groupId>
|
|
<artifactId>postgresql</artifactId>
|
|
<scope>runtime</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-jetty</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-testcontainers</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.testcontainers</groupId>
|
|
<artifactId>testcontainers-postgresql</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-actuator-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-jpa-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-jdbc-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-security-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-webmvc-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<!-- Excel Bearbeitung (Apache POI) -->
|
|
<dependency>
|
|
<groupId>org.apache.poi</groupId>
|
|
<artifactId>poi</artifactId>
|
|
<version>5.5.0</version> <!-- Aktuellste Version -->
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.poi</groupId>
|
|
<artifactId>poi-ooxml</artifactId>
|
|
<version>5.5.0</version>
|
|
</dependency>
|
|
|
|
<!-- S3 Support für MinIO (AWS SDK v2) -->
|
|
<dependency>
|
|
<groupId>software.amazon.awssdk</groupId>
|
|
<artifactId>s3</artifactId>
|
|
<version>2.29.0</version> <!-- Oder aktuellste Stable -->
|
|
</dependency>
|
|
<!-- Nötig für AWS SDK v2 Authentifizierung -->
|
|
<dependency>
|
|
<groupId>software.amazon.awssdk</groupId>
|
|
<artifactId>auth</artifactId>
|
|
<version>2.29.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.projectlombok</groupId>
|
|
<artifactId>lombok</artifactId>
|
|
<optional>true</optional>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-mail</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.flywaydb</groupId>
|
|
<artifactId>flyway-core</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.flywaydb</groupId>
|
|
<artifactId>flyway-database-postgresql</artifactId>
|
|
</dependency>
|
|
|
|
<!-- OpenAPI / Swagger UI — enabled only in the dev Spring profile -->
|
|
<dependency>
|
|
<groupId>org.springdoc</groupId>
|
|
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
|
|
<version>3.0.2</version>
|
|
</dependency>
|
|
</dependencies>
|
|
|
|
|
|
<profiles>
|
|
<profile>
|
|
<id>dev</id>
|
|
<activation>
|
|
<activeByDefault>true</activeByDefault>
|
|
</activation>
|
|
<properties>
|
|
<spring.profiles.active>dev,e2e</spring.profiles.active>
|
|
</properties>
|
|
</profile>
|
|
<profile>
|
|
<id>prod</id>
|
|
<properties>
|
|
<spring.profiles.active></spring.profiles.active>
|
|
</properties>
|
|
</profile>
|
|
</profiles>
|
|
|
|
<build>
|
|
<plugins>
|
|
<plugin>
|
|
<groupId>org.jacoco</groupId>
|
|
<artifactId>jacoco-maven-plugin</artifactId>
|
|
<version>0.8.12</version>
|
|
<configuration>
|
|
<excludes>
|
|
<exclude>**/dto/**</exclude>
|
|
<exclude>**/config/**</exclude>
|
|
<exclude>**/exception/ErrorCode*</exclude>
|
|
<exclude>**/model/**</exclude>
|
|
</excludes>
|
|
</configuration>
|
|
<executions>
|
|
<execution>
|
|
<id>prepare-agent</id>
|
|
<goals><goal>prepare-agent</goal></goals>
|
|
</execution>
|
|
<execution>
|
|
<id>report</id>
|
|
<phase>verify</phase>
|
|
<goals><goal>report</goal></goals>
|
|
</execution>
|
|
<!-- Gate: baseline 89.4% overall / service 90.2% / controller 80.0% -->
|
|
<execution>
|
|
<id>check</id>
|
|
<phase>verify</phase>
|
|
<goals><goal>check</goal></goals>
|
|
<configuration>
|
|
<rules>
|
|
<rule>
|
|
<element>BUNDLE</element>
|
|
<limits>
|
|
<limit>
|
|
<counter>BRANCH</counter>
|
|
<value>COVEREDRATIO</value>
|
|
<minimum>0.88</minimum>
|
|
</limit>
|
|
</limits>
|
|
</rule>
|
|
</rules>
|
|
</configuration>
|
|
</execution>
|
|
</executions>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-maven-plugin</artifactId>
|
|
<configuration>
|
|
<profiles>
|
|
<profile>${spring.profiles.active}</profile>
|
|
</profiles>
|
|
</configuration>
|
|
</plugin>
|
|
</plugins>
|
|
</build>
|
|
|
|
</project>
|