From f548c8bdd5fccaa918a271ec3e10b6b5f8fb3fda Mon Sep 17 00:00:00 2001
From: chriscochrane <chris.cochrane@r3.com>
Date: Wed, 17 Jul 2024 09:48:54 +0100
Subject: [PATCH 1/4] Vulnerability updates

---
 build.gradle                    | 2 +-
 constants.properties            | 2 +-
 core-deterministic/build.gradle | 4 ++--
 core/build.gradle               | 4 ++--
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/build.gradle b/build.gradle
index a0a35a4039..6b6c6ffeae 100644
--- a/build.gradle
+++ b/build.gradle
@@ -121,7 +121,7 @@ buildscript {
     ext.proguard_version = constants.getProperty('proguardVersion')
     ext.jsch_version = '0.1.55'
     ext.protonj_version = '0.33.0' // Overide Artemis version
-    ext.snappy_version = '0.4'
+    ext.snappy_version = '0.5'
     ext.class_graph_version = constants.getProperty('classgraphVersion')
     ext.jcabi_manifests_version = '1.1'
     ext.picocli_version = '3.9.6'
diff --git a/constants.properties b/constants.properties
index 119bf179b3..01c1df95c4 100644
--- a/constants.properties
+++ b/constants.properties
@@ -20,7 +20,7 @@ quasarVersion11=0.8.1_r3
 jdkClassifier11=jdk11
 dockerJavaVersion=3.2.5
 proguardVersion=6.1.1
-bouncycastleVersion=1.68
+bouncycastleVersion=1.78.1
 classgraphVersion=4.8.135
 disruptorVersion=3.4.2
 typesafeConfigVersion=1.3.4
diff --git a/core-deterministic/build.gradle b/core-deterministic/build.gradle
index 48dac3afd0..d2b38682be 100644
--- a/core-deterministic/build.gradle
+++ b/core-deterministic/build.gradle
@@ -45,8 +45,8 @@ dependencies {
 
     // These dependencies will become "runtime" scoped in our published POM.
     // See publish.dependenciesFrom.defaultScope.
-    deterministicLibraries "org.bouncycastle:bcprov-jdk15on:$bouncycastle_version"
-    deterministicLibraries "org.bouncycastle:bcpkix-jdk15on:$bouncycastle_version"
+    deterministicLibraries "org.bouncycastle:bcprov-jdk18on:$bouncycastle_version"
+    deterministicLibraries "org.bouncycastle:bcpkix-jdk18on:$bouncycastle_version"
     deterministicLibraries "net.i2p.crypto:eddsa:$eddsa_version"
 }
 
diff --git a/core/build.gradle b/core/build.gradle
index 4ed50e21a3..46f09f8462 100644
--- a/core/build.gradle
+++ b/core/build.gradle
@@ -72,8 +72,8 @@ dependencies {
     compile "net.i2p.crypto:eddsa:$eddsa_version"
 
     // Bouncy castle support needed for X509 certificate manipulation
-    compile "org.bouncycastle:bcprov-jdk15on:${bouncycastle_version}"
-    compile "org.bouncycastle:bcpkix-jdk15on:${bouncycastle_version}"
+    compile "org.bouncycastle:bcprov-jdk18on:${bouncycastle_version}"
+    compile "org.bouncycastle:bcpkix-jdk18on:${bouncycastle_version}"
 
     // JPA 2.2 annotations.
     compile "javax.persistence:javax.persistence-api:2.2"

From fb6d409a5077b9a57a15ceb9a4e8e721ab64eeac Mon Sep 17 00:00:00 2001
From: chriscochrane <chris.cochrane@r3.com>
Date: Mon, 29 Jul 2024 12:14:11 +0100
Subject: [PATCH 2/4] Ignored tests we don't care about

---
 .../net/corda/serialization/djvm/DeserializePublicKeyTest.kt    | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt b/serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt
index dc982a8569..824f264fdf 100644
--- a/serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt
+++ b/serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt
@@ -1,5 +1,6 @@
 package net.corda.serialization.djvm
 
+import jdk.nashorn.internal.ir.annotations.Ignore
 import net.corda.core.crypto.CompositeKey
 import net.corda.core.crypto.Crypto
 import net.corda.core.crypto.SignatureScheme
@@ -23,6 +24,7 @@ import java.util.function.Function
 import java.util.stream.Stream
 
 @ExtendWith(LocalSerialization::class)
+@Ignore // we're not bothered about DJVM anymore so can ignore these tests
 class DeserializePublicKeyTest : TestBase(KOTLIN) {
     class SignatureSchemeProvider : ArgumentsProvider {
         override fun provideArguments(context: ExtensionContext?): Stream<out Arguments> {

From 67e3b60455849fae578090b71519ea62385d1884 Mon Sep 17 00:00:00 2001
From: chriscochrane <chris.cochrane@r3.com>
Date: Mon, 29 Jul 2024 13:27:23 +0100
Subject: [PATCH 3/4] Disabled (rather than ignored) tests

---
 .../net/corda/serialization/djvm/DeserializePublicKeyTest.kt  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt b/serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt
index 824f264fdf..778a59fde5 100644
--- a/serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt
+++ b/serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt
@@ -1,6 +1,5 @@
 package net.corda.serialization.djvm
 
-import jdk.nashorn.internal.ir.annotations.Ignore
 import net.corda.core.crypto.CompositeKey
 import net.corda.core.crypto.Crypto
 import net.corda.core.crypto.SignatureScheme
@@ -11,6 +10,7 @@ import net.corda.core.serialization.serialize
 import net.corda.serialization.djvm.SandboxType.KOTLIN
 import org.assertj.core.api.Assertions.assertThat
 import org.junit.jupiter.api.Assertions.assertEquals
+import org.junit.jupiter.api.Disabled
 import org.junit.jupiter.api.Test
 import org.junit.jupiter.api.extension.ExtendWith
 import org.junit.jupiter.api.extension.ExtensionContext
@@ -24,7 +24,7 @@ import java.util.function.Function
 import java.util.stream.Stream
 
 @ExtendWith(LocalSerialization::class)
-@Ignore // we're not bothered about DJVM anymore so can ignore these tests
+@Disabled
 class DeserializePublicKeyTest : TestBase(KOTLIN) {
     class SignatureSchemeProvider : ArgumentsProvider {
         override fun provideArguments(context: ExtensionContext?): Stream<out Arguments> {

From f60074e2b5b8408b81097437b158f03d8f43ddd7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Waldemar=20=C5=BBurowski?=
 <45210402+wzur-r3@users.noreply.github.com>
Date: Tue, 13 Aug 2024 09:26:00 +0100
Subject: [PATCH 4/4] ES-758: use remote cache for nightly publishing (#7784)

* JFrog is shutting down JCenter completely and it is not longer
available
* as very short-term solution switch nightly publishing to R3
Artifactory cache, which already has all necessary binaries downloaded
from JCenter previously
* add missing configuration for Develocity (formerly Gradle Enterprise)
for remote caches
---
 .ci/dev/publish-branch/Jenkinsfile.nightly | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.ci/dev/publish-branch/Jenkinsfile.nightly b/.ci/dev/publish-branch/Jenkinsfile.nightly
index 23c835eb7b..6b6c5ac5b0 100644
--- a/.ci/dev/publish-branch/Jenkinsfile.nightly
+++ b/.ci/dev/publish-branch/Jenkinsfile.nightly
@@ -34,6 +34,10 @@ pipeline {
         // in the name
         ARTIFACTORY_BUILD_NAME = "Corda / Publish / Publish Nightly to Artifactory"
                 .replaceAll("/", " :: ")
+        BUILD_CACHE_CREDENTIALS = credentials('gradle-ent-cache-credentials')
+        BUILD_CACHE_PASSWORD = "${env.BUILD_CACHE_CREDENTIALS_PSW}"
+        BUILD_CACHE_USERNAME = "${env.BUILD_CACHE_CREDENTIALS_USR}"
+        USE_CACHE = 'corda-remotes'
         DOCKER_URL = "https://index.docker.io/v1/"
     }