diff --git a/.github/workflows/owasp-dependency-check.yml b/.github/workflows/owasp-dependency-check.yml
index 48fa381..04d6cf1 100644
--- a/.github/workflows/owasp-dependency-check.yml
+++ b/.github/workflows/owasp-dependency-check.yml
@@ -9,7 +9,7 @@ on :
jobs :
owaspDependencyCheck :
runs-on : ubuntu-latest
- timeout-minutes : 10
+ timeout-minutes : 30
steps :
- name : Checkout
diff --git a/build.gradle.kts b/build.gradle.kts
index 75fc80a..ba29e75 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -1,13 +1,13 @@
// Top-level build file where you can add configuration options common to all sub-projects/modules.
plugins {
- id("com.android.application") version "8.1.1" apply false
- id("com.android.library") version "8.1.1" apply false
+ id("com.android.application") version "8.2.0" apply false
+ id("com.android.library") version "8.2.0" apply false
id("org.jetbrains.kotlin.android") version Version.kotlin apply false
- id("org.jetbrains.dokka") version "1.9.0" apply false
- id("com.google.gms.google-services") version "4.3.15" apply false
- id("org.jetbrains.kotlinx.kover") version "0.7.3" apply false
- id("org.sonarqube") version "4.3.1.3277" apply true
- id("io.gitlab.arturbosch.detekt") version "1.23.1" apply false
+ id("org.jetbrains.dokka") version "1.9.10" apply false
+ id("com.google.gms.google-services") version "4.4.0" apply false
+ id("org.jetbrains.kotlinx.kover") version "0.7.5" apply false
+ id("org.sonarqube") version "4.4.1.3373" apply true
+ id("io.gitlab.arturbosch.detekt") version "1.23.4" apply false
}
buildscript {
@@ -25,6 +25,7 @@ allprojects {
force("org.bouncycastle:bcprov-jdk18on:1.76")
force("org.json:json:20230618")
force("com.google.guava:guava:32.1.2-jre")
+ force("androidx.room:room-runtime:${Version.room}")
}
}
}
diff --git a/buildSrc/build.gradle.kts b/buildSrc/build.gradle.kts
index 685bc9b..9c1828f 100644
--- a/buildSrc/build.gradle.kts
+++ b/buildSrc/build.gradle.kts
@@ -13,6 +13,6 @@ repositories {
}
dependencies {
- implementation("com.diffplug.spotless:spotless-plugin-gradle:6.21.0")
- implementation("org.owasp:dependency-check-gradle:8.4.0")
+ implementation("com.diffplug.spotless:spotless-plugin-gradle:6.23.3")
+ implementation("org.owasp:dependency-check-gradle:9.0.3")
}
diff --git a/buildSrc/src/main/java/Version.kt b/buildSrc/src/main/java/Version.kt
index a15478e..1aa468d 100644
--- a/buildSrc/src/main/java/Version.kt
+++ b/buildSrc/src/main/java/Version.kt
@@ -2,14 +2,14 @@
* Version variables
*/
object Version {
- const val kotlin = "1.9.10"
- const val kotlinSerialization = "1.6.0"
+ const val kotlin = "1.9.21"
+ const val kotlinSerialization = "1.6.2"
const val coroutine = "1.7.3"
- const val room = "2.5.2"
+ const val room = "2.6.1"
const val extJunit = "1.1.5"
const val archLifecycleVersion = "2.6.2"
- const val compose = "1.5.1"
- const val composeCompiler = "1.5.3"
+ const val compose = "1.5.4"
+ const val composeCompiler = "1.5.6"
const val devicesAuthenticator = "0.0.15"
const val devicesCore = "0.0.15"
const val devicesStorage = "0.0.15"
diff --git a/config/owasp-suppression.xml b/config/owasp-suppression.xml
index e994d7d..568b27e 100644
--- a/config/owasp-suppression.xml
+++ b/config/owasp-suppression.xml
@@ -5,7 +5,8 @@
file name: kotlinx-coroutines-play-services-1.6.4.jar
]]>
- ^pkg:maven/org\.jetbrains\.kotlinx/kotlinx\-coroutines\-play\-services@.*$
+ ^pkg:maven/org\.jetbrains\.kotlinx/kotlinx\-coroutines\-play\-services@.*$
+
CVE-2020-22475
@@ -22,7 +23,8 @@
file name: kotlinx-coroutines-play-services-1.6.4.jar
]]>
- ^pkg:maven/org\.jetbrains\.kotlinx/kotlinx\-coroutines\-play\-services@.*$
+ ^pkg:maven/org\.jetbrains\.kotlinx/kotlinx\-coroutines\-play\-services@.*$
+
CVE-2022-39349
@@ -30,7 +32,67 @@
file name: datastore-preferences-core-1.0.0.jar
]]>
- ^pkg:maven/org\.jetbrains\.kotlinx/kotlinx\-coroutines\-play\-services@.*$
+ ^pkg:maven/org\.jetbrains\.kotlinx/kotlinx\-coroutines\-play\-services@.*$
+
CVE-2022-39349
+
+
+ ^pkg:maven/androidx\.sqlite/sqlite\-framework@.*$
+ CVE-2019-19646
+ CVE-2018-20346
+ CVE-2015-6607
+ CVE-2018-20505
+ CVE-2019-19645
+ CVE-2020-11656
+ CVE-2020-11655
+ CVE-2016-6153
+ CVE-2022-35737
+ CVE-2020-13631
+ CVE-2020-13434
+ CVE-2020-13632
+ CVE-2020-15358
+ CVE-2020-13435
+ CVE-2015-3717
+ CVE-2020-13630
+ CVE-2018-8740
+ CVE-2017-10989
+ CVE-2018-20506
+ CVE-2015-3416
+ CVE-2015-3415
+ CVE-2015-3414
+ CVE-2015-5895
+
+
+
+ ^pkg:maven/androidx\.sqlite/sqlite@.*$
+ CVE-2019-19646
+ CVE-2018-20346
+ CVE-2015-6607
+ CVE-2018-20505
+ CVE-2019-19645
+ CVE-2020-11656
+ CVE-2020-11655
+ CVE-2016-6153
+ CVE-2022-35737
+ CVE-2020-13631
+ CVE-2020-13434
+ CVE-2020-13632
+ CVE-2020-15358
+ CVE-2020-13435
+ CVE-2015-3717
+ CVE-2020-13630
+ CVE-2018-8740
+ CVE-2017-10989
+ CVE-2018-20506
+ CVE-2015-3416
+ CVE-2015-3415
+ CVE-2015-3414
+ CVE-2015-5895
+
+
diff --git a/devices-push/build.gradle.kts b/devices-push/build.gradle.kts
index 3675e8e..9ce3925 100644
--- a/devices-push/build.gradle.kts
+++ b/devices-push/build.gradle.kts
@@ -65,15 +65,15 @@ dependencies {
implementation("androidx.biometric:biometric:1.2.0-alpha05")
implementation("org.jetbrains.kotlin:kotlin-stdlib:${Version.kotlin}")
implementation("org.jetbrains.kotlinx:kotlinx-coroutines-android:${Version.coroutine}")
- implementation("androidx.core:core-ktx:1.10.1")
+ implementation("androidx.core:core-ktx:1.12.0")
implementation("io.jsonwebtoken:jjwt-api:0.11.5")
runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.5")
runtimeOnly("io.jsonwebtoken:jjwt-orgjson:0.11.5") {
exclude(group = "org.json", module = "json") // provided by Android natively
}
- implementation("com.squareup.okhttp3:okhttp:4.11.0")
+ implementation("com.squareup.okhttp3:okhttp:4.12.0")
- testImplementation("com.squareup.okhttp3:logging-interceptor:4.11.0")
+ testImplementation("com.squareup.okhttp3:logging-interceptor:4.12.0")
testImplementation("com.okta.devices:devices-fake-server:${Version.devicesFakeServer}")
testImplementation("androidx.arch.core:core-testing:2.2.0")
testImplementation("androidx.room:room-testing:${Version.room}")
@@ -81,8 +81,8 @@ dependencies {
testImplementation("org.jetbrains.kotlinx:kotlinx-coroutines-test:${Version.coroutine}")
testImplementation("junit:junit:4.13.2")
testImplementation("androidx.test.ext:junit-ktx:${Version.extJunit}")
- testImplementation("org.robolectric:robolectric:4.10.3")
- testImplementation("com.squareup.okhttp3:mockwebserver:4.11.0")
+ testImplementation("org.robolectric:robolectric:4.11.1")
+ testImplementation("com.squareup.okhttp3:mockwebserver:4.12.0")
testImplementation("io.mockk:mockk:1.13.7")
testImplementation("org.hamcrest:hamcrest-library:2.2")
testImplementation("org.jetbrains.kotlinx:kotlinx-serialization-json:${Version.kotlinSerialization}")
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
index c1962a7..7f93135 100644
Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index c30b486..1af9e09 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,7 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.3-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
networkTimeout=10000
+validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
diff --git a/gradlew b/gradlew
index aeb74cb..0adc8e1 100755
--- a/gradlew
+++ b/gradlew
@@ -83,7 +83,8 @@ done
# This is normally unused
# shellcheck disable=SC2034
APP_BASE_NAME=${0##*/}
-APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
# Use the maximum available, or set MAX_FD != -1 to use that value.
MAX_FD=maximum
@@ -130,10 +131,13 @@ location of your Java installation."
fi
else
JAVACMD=java
- which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+ if ! command -v java >/dev/null 2>&1
+ then
+ die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
+ fi
fi
# Increase the maximum file descriptors if we can.
diff --git a/push-sample-app/build.gradle.kts b/push-sample-app/build.gradle.kts
index f470a9e..162fb81 100644
--- a/push-sample-app/build.gradle.kts
+++ b/push-sample-app/build.gradle.kts
@@ -68,15 +68,15 @@ android {
dependencies {
implementation(project(":devices-push"))
- implementation(platform("com.okta.kotlin:bom:1.1.5"))
+ implementation(platform("com.okta.kotlin:bom:1.2.0"))
implementation("com.okta.kotlin:auth-foundation")
implementation("com.okta.kotlin:oauth2")
implementation("com.okta.kotlin:web-authentication-ui")
- implementation("androidx.core:core-ktx:1.10.1")
+ implementation("androidx.core:core-ktx:1.12.0")
implementation("androidx.appcompat:appcompat:1.6.1")
implementation("androidx.biometric:biometric:1.2.0-alpha05")
- implementation("androidx.activity:activity-compose:1.7.2")
+ implementation("androidx.activity:activity-compose:1.8.1")
implementation("androidx.lifecycle:lifecycle-viewmodel-compose:${Version.archLifecycleVersion}")
implementation("androidx.compose.material:material:${Version.compose}")
implementation("androidx.compose.ui:ui:${Version.compose}")
@@ -89,7 +89,7 @@ dependencies {
implementation("com.jakewharton.timber:timber:5.0.1")
// Firebase BoM
- implementation(platform("com.google.firebase:firebase-bom:32.2.3"))
+ implementation(platform("com.google.firebase:firebase-bom:32.7.0"))
implementation("com.google.firebase:firebase-messaging-ktx")
implementation("androidx.security:security-crypto-ktx:1.1.0-alpha06")
}