Merge branch 'develop' into feature/text-exercises/highlight-selected…

…-result

.gitignore

@@ -219,4 +219,3 @@ data-exports/
 # Supporting scripts config
 ##############################
 /supporting_scripts/**/*.ini
-/supporting_scripts/analysis-of-endpoint-connections/build/**/*

build.gradle

@@ -20,7 +20,7 @@ plugins {
     id "com.github.ben-manes.versions" version "0.51.0"
     id "com.github.andygoossens.modernizer" version "${modernizer_plugin_version}"
     id "com.gorylenko.gradle-git-properties" version "2.4.2"
-    id "org.owasp.dependencycheck" version "11.1.0"
+    id "org.owasp.dependencycheck" version "11.1.1"
     id "com.adarshr.test-logger" version "4.0.0"
 }
 
@@ -96,9 +96,10 @@ spotless {
             @Override
             String apply(String s, File file) throws Exception {
                 if (s =~ /\nimport .*\*;/) {
-                    throw new AssertionError("Do not use wildcard imports. spotlessApply cannot resolve this issue.\n" +
+                    throw new IllegalArgumentException("Do not use wildcard imports. spotlessApply cannot resolve this issue.\n" +
                         "The following file violates this rule: " + file.getName())
                 }
+                return s // Ensure a value is returned after processing
             }
         }))
     }
@@ -180,13 +181,13 @@ jacocoTestCoverageVerification {
                 counter = "INSTRUCTION"
                 value = "COVEREDRATIO"
                 // TODO: in the future the following value should become higher than 0.92
-                minimum = 0.895
+                minimum = 0.892
             }
             limit {
                 counter = "CLASS"
                 value = "MISSEDCOUNT"
                 // TODO: in the future the following value should become less than 10
-                maximum = 60
+                maximum = 65
             }
         }
     }
@@ -212,28 +213,19 @@ repositories {
     maven {
         url "https://build.shibboleth.net/maven/releases"
     }
-    // required for latest jgit 7.0.0 dependency
-    // TODO: remove this when jgit is available in the official maven repository
-    maven {
-        url "https://repo.eclipse.org/content/repositories/jgit-releases"
-    }
 }
 
 ext["jackson.version"] = fasterxml_version
 ext["junit-jupiter.version"] = junit_version
 
-ext { qDoxVersionReusable = "com.thoughtworks.qdox:qdox:2.1.0" }
-ext { springBootStarterWeb = "org.springframework.boot:spring-boot-starter-web:${spring_boot_version}" }
-
 dependencies {
 
     // Note: jenkins-client is not well maintained and includes dependencies to libraries with critical security issues (e.g. CVE-2020-10683 for dom4j@1.6.1)
     //    implementation "com.offbytwo.jenkins:jenkins-client:0.3.8"
     implementation files("libs/jenkins-client-0.4.1.jar")
     // The following 4 dependencies are explicitly integrated as transitive dependencies of jenkins-client-0.4.0.jar
-    // NOTE: we cannot upgrade to the latest version for org.apache.httpcomponents because of exceptions in Docker Java
-    implementation "org.apache.httpcomponents.client5:httpclient5:5.3.1"    // also used by Docker Java
-    implementation "org.apache.httpcomponents.core5:httpcore5:5.2.5"
+    implementation "org.apache.httpcomponents.client5:httpclient5:5.4.1"
+    implementation "org.apache.httpcomponents.core5:httpcore5:5.3.1"
     implementation "org.apache.httpcomponents:httpmime:4.5.14"
     implementation("org.dom4j:dom4j:2.1.4") {
         // Note: avoid org.xml.sax.SAXNotRecognizedException: unrecognized feature http://xml.org/sax/features/external-general-entities
@@ -246,7 +238,7 @@ dependencies {
         exclude module: "jaxb-api"
     }
 
-    implementation "org.gitlab4j:gitlab4j-api:6.0.0-rc.6"
+    implementation "org.gitlab4j:gitlab4j-api:6.0.0-rc.7"
 
     implementation "de.jplag:jplag:${jplag_version}"
 
@@ -268,7 +260,7 @@ dependencies {
     implementation "org.apache.lucene:lucene-queryparser:${lucene_version}"
     implementation "org.apache.lucene:lucene-core:${lucene_version}"
     implementation "org.apache.lucene:lucene-analyzers-common:${lucene_version}"
-    implementation "com.google.protobuf:protobuf-java:4.28.3"
+    implementation "com.google.protobuf:protobuf-java:4.29.0"
 
     // we have to override those values to use the latest version
     implementation "org.slf4j:jcl-over-slf4j:${slf4j_version}"
@@ -279,7 +271,7 @@ dependencies {
         }
     }
 
-    implementation "org.apache.logging.log4j:log4j-to-slf4j:2.24.1"
+    implementation "org.apache.logging.log4j:log4j-to-slf4j:2.24.2"
 
     // Note: spring-security-lti13 does not work with jakarta yet, so we built our own custom version and declare its transitive dependencies below
     // implementation "uk.ac.ox.ctl:spring-security-lti13:0.1.11"
@@ -299,7 +291,7 @@ dependencies {
     implementation "org.apache.sshd:sshd-sftp:${sshd_version}"
 
     // https://mvnrepository.com/artifact/net.sourceforge.plantuml/plantuml
-    implementation "net.sourceforge.plantuml:plantuml:1.2024.7"
+    implementation "net.sourceforge.plantuml:plantuml:1.2024.8"
     implementation "org.jasypt:jasypt:1.9.3"
     implementation "me.xdrop:fuzzywuzzy:1.4.0"
     implementation("org.yaml:snakeyaml") {
@@ -309,7 +301,7 @@ dependencies {
         }
     }
 
-    implementation qDoxVersionReusable
+    implementation "com.thoughtworks.qdox:qdox:2.2.0"
     implementation "io.sentry:sentry-logback:${sentry_version}"
     implementation "io.sentry:sentry-spring-boot-starter-jakarta:${sentry_version}"
 
@@ -327,24 +319,22 @@ dependencies {
     // required by Saml2
     implementation "org.apache.santuario:xmlsec:4.0.3"
 
-    implementation "org.jsoup:jsoup:1.18.1"
+    implementation "org.jsoup:jsoup:1.18.3"
     implementation "commons-codec:commons-codec:1.17.1"   // needed for spring security saml2
 
-    // TODO: decide if we want to use OpenAPI and Swagger v3
-//    implementation 'io.swagger.core.v3:swagger-annotations:2.2.23'
-//    implementation "org.springdoc:springdoc-openapi-ui:1.8.0"
-
     // use the latest version to avoid security vulnerabilities
-    implementation "org.springframework:spring-webmvc:6.1.14"
+    implementation "org.springframework:spring-webmvc:${spring_framework_version}"
 
     implementation "com.vdurmont:semver4j:3.1.0"
 
     implementation "com.github.docker-java:docker-java-core:${docker_java_version}"
-    implementation "com.github.docker-java:docker-java-transport-httpclient5:${docker_java_version}"
+    // Note: we explicitly use docker-java-transport-zerodep, because docker-java-transport-httpclient5 uses an outdated http5 version which is not compatible with Spring Boot >= 3.4.0
+    implementation "com.github.docker-java:docker-java-transport-zerodep:${docker_java_version}"
 
     // use newest version of commons-compress to avoid security issues through outdated dependencies
     implementation "org.apache.commons:commons-compress:1.27.1"
 
+
     // import JHipster dependencies BOM
     implementation platform("tech.jhipster:jhipster-dependencies:${jhipster_dependencies_version}")
 
@@ -393,7 +383,7 @@ dependencies {
     implementation "org.springframework.boot:spring-boot-starter-aop:${spring_boot_version}"
     implementation "org.springframework.boot:spring-boot-starter-data-jpa:${spring_boot_version}"
     implementation "org.springframework.boot:spring-boot-starter-security:${spring_boot_version}"
-    implementation(springBootStarterWeb) {
+    implementation("org.springframework.boot:spring-boot-starter-web:${spring_boot_version}") {
         exclude module: "spring-boot-starter-undertow"
     }
     implementation "org.springframework.boot:spring-boot-starter-tomcat:${spring_boot_version}"
@@ -403,32 +393,26 @@ dependencies {
     implementation "org.springframework.boot:spring-boot-starter-oauth2-client:${spring_boot_version}"
 
     implementation "org.springframework.ldap:spring-ldap-core:3.2.8"
-    implementation "org.springframework.data:spring-data-ldap:3.3.5"
+    implementation "org.springframework.data:spring-data-ldap:3.4.0"
 
-    implementation("org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:4.1.3") {
+    implementation("org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:${spring_cloud_version}") {
         // NOTE: these modules contain security vulnerabilities and are not needed
         exclude module: "commons-jxpath"
         exclude module: "woodstox-core"
     }
-    implementation "org.springframework.cloud:spring-cloud-starter-config:4.1.3"
-    implementation "org.springframework.cloud:spring-cloud-commons:4.1.4"
+    implementation "org.springframework.cloud:spring-cloud-starter-config:${spring_cloud_version}"
+    implementation "org.springframework.cloud:spring-cloud-commons:${spring_cloud_version}"
 
+    implementation "io.netty:netty-all:4.1.115.Final"
     implementation "io.projectreactor.netty:reactor-netty:1.2.0"
-    implementation("io.netty:netty-common") {
-        version {
-            strictly netty_version
-        }
-    }
-
-    implementation "org.springframework:spring-messaging:6.1.14"
+    implementation "org.springframework:spring-messaging:${spring_framework_version}"
     implementation "org.springframework.retry:spring-retry:2.0.10"
 
     implementation "org.springframework.security:spring-security-config:${spring_security_version}"
     implementation "org.springframework.security:spring-security-data:${spring_security_version}"
     implementation "org.springframework.security:spring-security-core:${spring_security_version}"
     implementation "org.springframework.security:spring-security-oauth2-core:${spring_security_version}"
     implementation "org.springframework.security:spring-security-oauth2-client:${spring_security_version}"
-    implementation "org.springframework.security:spring-security-oauth2-resource-server:${spring_security_version}"
     // use newest version of nimbus-jose-jwt to avoid security issues through outdated dependencies
     implementation "com.nimbusds:nimbus-jose-jwt:9.47"
 
@@ -547,18 +531,10 @@ dependencies {
     testImplementation "org.gradle:gradle-tooling-api:8.11.1"
     testImplementation "org.apache.maven.surefire:surefire-report-parser:3.5.2"
     testImplementation "com.opencsv:opencsv:5.9"
-    testImplementation("io.zonky.test:embedded-database-spring-test:2.5.1") {
+    testImplementation("io.zonky.test:embedded-database-spring-test:2.6.0") {
         exclude group: "org.testcontainers", module: "mariadb"
         exclude group: "org.testcontainers", module: "mssqlserver"
     }
-    testImplementation "org.testcontainers:testcontainers:${testcontainer_version}"
-    testImplementation "org.testcontainers:mysql:${testcontainer_version}"
-    testImplementation "org.testcontainers:postgresql:${testcontainer_version}"
-    testImplementation "org.testcontainers:testcontainers:${testcontainer_version}"
-    testImplementation "org.testcontainers:junit-jupiter:${testcontainer_version}"
-    testImplementation "org.testcontainers:jdbc:${testcontainer_version}"
-    testImplementation "org.testcontainers:database-commons:${testcontainer_version}"
-
     testImplementation "com.tngtech.archunit:archunit:1.3.0"
     testImplementation("org.skyscreamer:jsonassert:1.5.3") {
         exclude module: "android-json"
@@ -634,7 +610,7 @@ tasks.withType(Test).configureEach {
 }
 
 wrapper {
-    gradleVersion = "8.11"
+    gradleVersion = "8.11.1"
 }
 
 tasks.register("stage") {