-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild.sbt
49 lines (45 loc) · 2.42 KB
/
build.sbt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
ThisBuild / organization := "com.intenthq"
ThisBuild / organizationName := "Intent HQ"
ThisBuild / organizationHomepage := Some(url("https://www.intenthq.com/"))
ThisBuild / homepage := Some(url("https://github.com/intenthq/action-processor-integrations"))
ThisBuild / developers := List(Developer("intenthq", "Intent HQ", null, url("https://www.intenthq.com/")))
ThisBuild / licenses := Seq(("MIT", url("http://opensource.org/licenses/MIT")))
ThisBuild / scalaVersion := "2.13.10"
ThisBuild / semanticdbEnabled := true
ThisBuild / semanticdbVersion := scalafixSemanticdb.revision
addCompilerPlugin("org.typelevel" % "kind-projector" % "0.13.2" cross CrossVersion.full)
lazy val root = (project in file("."))
.settings(
name := "action-processor-integrations",
Compile / packageDoc / mappings := Seq(),
Compile / packageSrc / mappings := Seq(),
testFrameworks += new TestFramework("weaver.framework.CatsEffect"),
scalafmtOnCompile := true,
Test / scalacOptions --= Seq("-Xfatal-warnings"),
libraryDependencies ++= Seq(
"co.fs2" %% "fs2-core" % "3.2.2",
"co.fs2" %% "fs2-io" % "3.2.2",
"com.google.crypto.tink" % "tink" % "1.6.1" excludeAll (
// excluded due to CVE in version used by tink 1.6.1 -> https://github.com/advisories/GHSA-wrvw-hg22-4m67
ExclusionRule(organization = "com.google.protobuf"),
),
"com.softwaremill.magnolia1_2" %% "magnolia" % "1.0.0-M7",
"de.siegmar" % "fastcsv" % "1.0.3",
"org.mapdb" % "mapdb" % "3.0.8",
"org.tpolecat" %% "doobie-core" % "1.0.0-RC5",
"org.tpolecat" %% "doobie-hikari" % "1.0.0-RC5",
"org.tpolecat" %% "doobie-postgres" % "1.0.0-RC5",
"org.postgresql" % "postgresql" % "42.4.3", // CVE-2022-41946, CVE-2022-31197
"com.google.code.gson" % "gson" % "2.8.9", // overridden because of a vulnerability
"com.disneystreaming" %% "weaver-cats" % "0.7.7" % Test,
"com.disneystreaming" %% "weaver-core" % "0.7.7" % Test,
"org.tpolecat" %% "doobie-h2" % "1.0.0-RC5" % Test,
"org.jetbrains.kotlin" % "kotlin-stdlib" % "1.6.0" // override to avoid CVE-2022-24329, CVE-2020-29582 vulnerabilities
),
/*
https://github.com/sbt/sbt/issues/3249#issuecomment-534757714
https://github.com/sbt/sbt/issues/3306
https://www.scala-sbt.org/1.x/docs/In-Process-Classloaders.html#In+process+class+loading
*/
Test / classLoaderLayeringStrategy := ClassLoaderLayeringStrategy.Flat
)