From 3e6c21b6adb4b414b01973955c2e377d0cd8a435 Mon Sep 17 00:00:00 2001
From: Twan Goosen <twan@clarin.eu>
Date: Thu, 16 Dec 2021 15:25:28 +0100
Subject: [PATCH 1/3] bumped several dependencies, including log4j to resolve
 log4shell vulnerability

---
 pom.xml                                                  | 9 +++++----
 .../java/nl/mpi/oai/harvester/control/Configuration.java | 2 --
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/pom.xml b/pom.xml
index a88fa5f..e0cdef7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -71,12 +71,12 @@
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.13.3</version>
+            <version>2.16.0</version>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>log4j-over-slf4j</artifactId>
-            <version>1.7.30</version>
+            <version>1.7.32</version>
         </dependency>
 
         <dependency>
@@ -101,7 +101,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.13.1</version>
+            <version>4.13.2</version>
             <scope>test</scope>
         </dependency>
 
@@ -121,6 +121,7 @@
             <groupId>org.mockito</groupId>
             <artifactId>mockito-core</artifactId>
             <version>3.4.6</version>
+            <scope>test</scope>
         </dependency>
   
 
@@ -146,7 +147,7 @@
         <dependency>
             <groupId>com.google.guava</groupId>
             <artifactId>guava</artifactId>
-            <version>29.0-jre</version>
+            <version>31.0.1-jre</version>
         </dependency>
     
         <!-- for java 11 -->
diff --git a/src/main/java/nl/mpi/oai/harvester/control/Configuration.java b/src/main/java/nl/mpi/oai/harvester/control/Configuration.java
index 99fcade..3831970 100644
--- a/src/main/java/nl/mpi/oai/harvester/control/Configuration.java
+++ b/src/main/java/nl/mpi/oai/harvester/control/Configuration.java
@@ -40,8 +40,6 @@
 import javax.xml.xpath.XPathExpressionException;
 import javax.xml.xpath.XPathFactory;
 
-import static org.mockito.Mockito.reset;
-
 import java.io.BufferedWriter;
 import java.io.FileWriter;
 import java.io.IOException;

From ee0c5bbc720756b2268a9049bbfe370947979e19 Mon Sep 17 00:00:00 2001
From: Twan Goosen <twan@clarin.eu>
Date: Thu, 16 Dec 2021 15:28:18 +0100
Subject: [PATCH 2/3] upgraded json-path to resolve vulnerability

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index e0cdef7..76321a7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -135,7 +135,7 @@
         <dependency>
             <groupId>com.jayway.jsonpath</groupId>
             <artifactId>json-path</artifactId>
-            <version>2.4.0</version>
+            <version>2.6.0</version>
         </dependency>
 
         <dependency>

From a3d4dd414ea005b9f51b49c5830c767a513dd2b5 Mon Sep 17 00:00:00 2001
From: Twan Goosen <twan@clarin.eu>
Date: Thu, 16 Dec 2021 15:29:23 +0100
Subject: [PATCH 3/3] version to 1.2.1

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 76321a7..65ab6d7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
     <groupId>nl.mpi</groupId>
     <artifactId>oai-harvest-manager</artifactId>
     <packaging>jar</packaging>
-    <version>1.2.0</version>
+    <version>1.2.1</version>
     <name>OAI Harvest Manager</name>
     <description>This application manages OAI-PMH harvesting workflows</description>