1# Copyright 2021 Code Intelligence GmbH 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14 15load("@rules_jvm_external//:specs.bzl", "maven") 16 17JAZZER_API_VERSION = "0.11.0" 18JAZZER_API_COORDINATES = "com.code-intelligence:jazzer-api:%s" % JAZZER_API_VERSION 19 20# **WARNING**: These Maven dependencies have known vulnerabilities and are only used to test that 21# Jazzer finds these issues. DO NOT USE. 22MAVEN_ARTIFACTS = [ 23 "com.alibaba:fastjson:1.2.75", 24 "com.beust:klaxon:5.5", 25 "com.fasterxml.jackson.core:jackson-core:2.12.1", 26 "com.fasterxml.jackson.core:jackson-databind:2.12.1", 27 "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.12.1", 28 "com.github.jsqlparser:jsqlparser:4.4", # for SQL validation 29 "com.google.code.gson:gson:2.8.6", 30 "com.mikesamuel:json-sanitizer:1.2.1", 31 "com.unboundid:unboundid-ldapsdk:6.0.3", 32 "javax.el:javax.el-api:3.0.1-b06", 33 "javax.validation:validation-api:2.0.1.Final", 34 "javax.xml.bind:jaxb-api:2.3.1", 35 "junit:junit:4.12", 36 "org.apache.commons:commons-imaging:1.0-alpha2", 37 "org.glassfish:javax.el:3.0.1-b06", 38 "org.hibernate:hibernate-validator:5.2.4.Final", 39 "org.openjdk.jmh:jmh-core:1.34", 40 "org.openjdk.jmh:jmh-generator-annprocess:1.34", 41 maven.artifact("org.apache.logging.log4j", "log4j-api", "2.14.1", testonly = True), 42 maven.artifact("org.apache.logging.log4j", "log4j-core", "2.14.1", testonly = True), 43 maven.artifact("com.h2database", "h2", "2.1.212", testonly = True), 44] 45