Alfresco · SaraAspery · Jan 9, 2025 · Jan 9, 2025 · Jan 9, 2025 · Jan 9, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -111,7 +111,7 @@ jobs:
           mkdir temp-dir-for-sast
           bash ./scripts/ci/remove-sast-exclusions.sh ./packaging/war/target/alfresco.war temp-dir-for-sast/reduced.war
       - name: "Run SAST Scan"
-        uses: veracode/[email protected].16
+        uses: veracode/[email protected].17
         with:
           vid: ${{ secrets.VERACODE_API_ID }}
           vkey: ${{ secrets.VERACODE_API_KEY }}
@@ -124,6 +124,7 @@ jobs:
           summary_output_file: results.json
           summary_display: true
           baseline_file: baseline.json
+#          include: alfresco*
       - name: Upload scan result
         if: success() || failure()
         run: zip readable_output.zip results.json

diff --git a/.secrets.baseline b/.secrets.baseline
@@ -133,21 +133,21 @@
         "filename": ".github/workflows/ci.yml",
         "hashed_secret": "b86dc2f033a63f2b7b9e7d270ab806d2910d7572",
         "is_verified": false,
-        "line_number": 299
+        "line_number": 300
       },
       {
         "type": "Secret Keyword",
         "filename": ".github/workflows/ci.yml",
         "hashed_secret": "1bfb0e20f886150ba59b853bcd49dea893e00966",
         "is_verified": false,
-        "line_number": 374
+        "line_number": 375
       },
       {
         "type": "Secret Keyword",
         "filename": ".github/workflows/ci.yml",
         "hashed_secret": "128f14373ccfaff49e3664045d3a11b50cbb7b39",
         "is_verified": false,
-        "line_number": 908
+        "line_number": 909
       }
     ],
     ".github/workflows/master_release.yml": [
@@ -1888,5 +1888,5 @@
       }
     ]
   },
-  "generated_at": "2024-12-19T08:58:42Z"
+  "generated_at": "2025-01-09T16:50:02Z"
 }
diff --git a/pom.xml b/pom.xml
@@ -58,7 +58,7 @@
 
         <dependency.aspectj.version>1.9.22.1</dependency.aspectj.version>
         <dependency.spring.version>6.1.14</dependency.spring.version>
-        <dependency.spring-security.version>6.3.4</dependency.spring-security.version>
+        <dependency.spring-security.version>6.4.1</dependency.spring-security.version>
         <dependency.antlr.version>3.5.3</dependency.antlr.version>
         <dependency.jackson.version>2.17.2</dependency.jackson.version>
         <dependency.cxf.version>4.0.5</dependency.cxf.version>

diff --git a/scripts/ci/SAST-exclusion-list.txt b/scripts/ci/SAST-exclusion-list.txt
@@ -1 +1 @@
-spring-security*
+anything