- using as project dependencies was bringing it to code level, which
is unecessary
- sonar needs to have specific core and compat versions
- uplifted to 3.9.11 to fix cves
Issue-ID: POLICY-5413
Change-Id: I480ee086ee9225de029f6a1a252de3248c42d275
Signed-off-by: adheli.tavares <adheli.tavares@est.tech>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>${version.sonar}</version>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven</groupId>
+ <artifactId>maven-core</artifactId>
+ <version>3.9.11</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.maven</groupId>
+ <artifactId>maven-compat</artifactId>
+ <version>3.9.11</version>
+ </dependency>
+ </dependencies>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
</snapshotRepository>
</distributionManagement>
- <dependencies>
- <dependency>
- <groupId>org.apache.maven</groupId>
- <artifactId>maven-core</artifactId>
- <version>3.9.10</version>
- </dependency>
- <dependency>
- <groupId>org.apache.maven</groupId>
- <artifactId>maven-compat</artifactId>
- <version>3.9.10</version>
- </dependency>
- </dependencies>
-
<build>
<pluginManagement>
<plugins>
Code Review / policy / parent.git / commitdiff