Resolve Dependabot alert for commons-lang3 v3.17.0

marcphilipp · marcphilipp · commit c81499c22f54 · 2025-10-14T17:14:36.000+02:00
diff --git a/gradle/plugins/backward-compatibility/src/main/kotlin/junitbuild.backward-compatibility.gradle.kts b/gradle/plugins/backward-compatibility/src/main/kotlin/junitbuild.backward-compatibility.gradle.kts
@@ -26,6 +26,14 @@ val roseauClasspath = configurations.resolvable("roseauClasspath") {
 }
 dependencies {
 	roseauDependencies(dependencyFromLibs("roseau-cli"))
+	constraints {
+		roseauDependencies("org.apache.commons:commons-lang3") {
+			version {
+				require("3.18.0")
+			}
+			because("Workaround for CVE-2025-48924")
+		}
+	}
 }
 
 val extension = extensions.create<BackwardCompatibilityChecksExtension>("backwardCompatibilityChecks").apply {

Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,14 @@ val roseauClasspath = configurations.resolvable("roseauClasspath") {`
`26`	`26`	`}`
`27`	`27`	`dependencies {`
`28`	`28`	`roseauDependencies(dependencyFromLibs("roseau-cli"))`
	`29`	`+ constraints {`
	`30`	`+ roseauDependencies("org.apache.commons:commons-lang3") {`
	`31`	`+ version {`
	`32`	`+ require("3.18.0")`
	`33`	`+ }`
	`34`	`+ because("Workaround for CVE-2025-48924")`
	`35`	`+ }`
	`36`	`+ }`
`29`	`37`	`}`
`30`	`38`
`31`	`39`	`val extension = extensions.create<BackwardCompatibilityChecksExtension>("backwardCompatibilityChecks").apply {`