Skip to content

Commit 01e4f59

Browse files
renovate[bot]renovate[bot]
authored
Update dependency maven-wrapper to v3.3.4
1 parent 5206d47 commit 01e4f59

File tree

4 files changed

+14
-11
lines changed

4 files changed

+14
-11
lines changed

.mvn/wrapper/MavenWrapperDownloader.java

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@
3030
import java.util.concurrent.ThreadLocalRandom;
3131

3232
public final class MavenWrapperDownloader {
33-
private static final String WRAPPER_VERSION = "3.3.3";
33+
private static final String WRAPPER_VERSION = "3.3.4";
3434

3535
private static final boolean VERBOSE = Boolean.parseBoolean(System.getenv("MVNW_VERBOSE"));
3636

@@ -45,8 +45,11 @@ public static void main(String[] args) {
4545
try {
4646
log(" - Downloader started");
4747
final URL wrapperUrl = URI.create(args[0]).toURL();
48-
final String jarPath = args[1].replace("..", ""); // Sanitize path
49-
final Path wrapperJarPath = Paths.get(jarPath).toAbsolutePath().normalize();
48+
final Path baseDir = Paths.get(".").toAbsolutePath().normalize();
49+
final Path wrapperJarPath = baseDir.resolve(args[1]).normalize();
50+
if (!wrapperJarPath.startsWith(baseDir)) {
51+
throw new IOException("Invalid path: outside of allowed directory");
52+
}
5053
downloadFileFromURL(wrapperUrl, wrapperJarPath);
5154
log("Done");
5255
} catch (IOException e) {

.mvn/wrapper/maven-wrapper.properties

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1+
wrapperVersion=3.3.4
12
distributionType=source
23
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.11/apache-maven-3.9.11-bin.zip
3-
wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.3/maven-wrapper-3.3.3.jar
4-
wrapperVersion=3.3.3
4+
wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.4/maven-wrapper-3.3.4.jar

mvnw

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
# ----------------------------------------------------------------------------
2020

2121
# ----------------------------------------------------------------------------
22-
# Apache Maven Wrapper startup batch script, version 3.3.3
22+
# Apache Maven Wrapper startup batch script, version 3.3.4
2323
#
2424
# Required ENV vars:
2525
# ------------------
@@ -220,9 +220,9 @@ else
220220
log "Couldn't find $wrapperJarPath, downloading it ..."
221221

222222
if [ -n "$MVNW_REPOURL" ]; then
223-
wrapperUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.3.3/maven-wrapper-3.3.3.jar"
223+
wrapperUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.3.4/maven-wrapper-3.3.4.jar"
224224
else
225-
wrapperUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.3/maven-wrapper-3.3.3.jar"
225+
wrapperUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.4/maven-wrapper-3.3.4.jar"
226226
fi
227227
while IFS="=" read -r key value; do
228228
case "$key" in wrapperUrl)

mvnw.cmd

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
@REM ----------------------------------------------------------------------------
1919

2020
@REM ----------------------------------------------------------------------------
21-
@REM Apache Maven Wrapper startup batch script, version 3.3.3
21+
@REM Apache Maven Wrapper startup batch script, version 3.3.4
2222
@REM
2323
@REM Required ENV vars:
2424
@REM JAVA_HOME - location of a JDK home dir
@@ -119,7 +119,7 @@ SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
119119
set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
120120
set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
121121

122-
set WRAPPER_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.3/maven-wrapper-3.3.3.jar"
122+
set WRAPPER_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.4/maven-wrapper-3.3.4.jar"
123123

124124
FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
125125
IF "%%A"=="wrapperUrl" SET WRAPPER_URL=%%B
@@ -133,7 +133,7 @@ if exist %WRAPPER_JAR% (
133133
)
134134
) else (
135135
if not "%MVNW_REPOURL%" == "" (
136-
SET WRAPPER_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.3.3/maven-wrapper-3.3.3.jar"
136+
SET WRAPPER_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.3.4/maven-wrapper-3.3.4.jar"
137137
)
138138
if "%MVNW_VERBOSE%" == "true" (
139139
echo Couldn't find %WRAPPER_JAR%, downloading it ...

0 commit comments

Comments
 (0)