From 2094c96fb84285bd89a5360e8d34e62e44479fe0 Mon Sep 17 00:00:00 2001
From: Thomas <thomas.musset@pasteur.fr>
Date: Thu, 6 Apr 2023 17:15:34 +0200
Subject: [PATCH] trying to force logback version to prevent vulnerabilities
 from xuggler

---
 pom.xml | 27 +++++++++++----------------
 1 file changed, 11 insertions(+), 16 deletions(-)

diff --git a/pom.xml b/pom.xml
index 5848f11..ff96876 100644
--- a/pom.xml
+++ b/pom.xml
@@ -55,11 +55,21 @@
 
     <!-- Project properties -->
     <properties>
-        <artifact-to-extract>com.xuggle.xuggler</artifact-to-extract>
+        <artifact-to-extract>logback-core,logback-classic,com.xuggle.xuggler</artifact-to-extract>
     </properties>
 
     <!-- List of project's dependencies -->
     <dependencies>
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-core</artifactId>
+            <version>1.4.6</version>
+        </dependency>
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-classic</artifactId>
+            <version>1.4.6</version>
+        </dependency>
         <dependency>
             <groupId>com.liferay</groupId>
             <artifactId>com.xuggle.xuggler</artifactId>
@@ -67,21 +77,6 @@
         </dependency>
     </dependencies>
 
-    <dependencyManagement>
-        <dependencies>
-            <dependency>
-                <groupId>ch.qos.logback</groupId>
-                <artifactId>logback-core</artifactId>
-                <version>1.4.6</version>
-            </dependency>
-            <dependency>
-                <groupId>ch.qos.logback</groupId>
-                <artifactId>logback-classic</artifactId>
-                <version>1.4.6</version>
-            </dependency>
-        </dependencies>
-    </dependencyManagement>
-
     <!-- Icy Maven repository (to find parent POM) -->
     <repositories>
         <repository>
-- 
GitLab