Resolve some vulnerabilities (#145)

.github/workflows/scala-release.yaml

@@ -11,7 +11,7 @@ jobs:
       - uses: actions/setup-java@v3
         with:
           distribution: temurin
-          java-version: 8
+          java-version: 17
           cache: sbt
 
       - name: release

.github/workflows/scala-style.yaml

@@ -14,7 +14,7 @@ jobs:
       - uses: actions/setup-java@v3
         with:
           distribution: temurin
-          java-version: 8
+          java-version: 17
           cache: sbt
 
       - name: Verify

.github/workflows/scala-unit-tests.yaml

@@ -17,7 +17,7 @@ jobs:
       - uses: actions/setup-java@v3
         with:
           distribution: temurin
-          java-version: 8
+          java-version: 17
           cache: sbt
 
       - name: Build and Test

build.sbt

@@ -2,9 +2,9 @@ import com.sksamuel.scapegoat.sbt.ScapegoatSbtPlugin.autoImport._
 
 inThisBuild(
   Seq(
-    scalaVersion := scala211,
+    scalaVersion := scala212,
     organization := "it.agilelab",
-    version := "1.8.0-SNAPSHOT",
+    version := "1.9.0-SNAPSHOT",
     scapegoatVersion := "1.4.15",
     RepositoriesSupport.allResolvers,
     WarningAsErrorsSupport.enableWarningAsErrors,
@@ -43,5 +43,4 @@ lazy val root = (project in file("."))
   )
 
 lazy val scala212 = "2.12.16"
-lazy val scala211 = "2.11.12"
-lazy val supportedScalaVersions = List(scala212, scala211)
+lazy val supportedScalaVersions = List(scala212)

project/Dependencies.scala

@@ -8,12 +8,12 @@ trait Dependencies {
     "org.slf4j" % "slf4j-simple" % "1.7.26",
     "org.rogach" %% "scallop" % "3.5.1",
     "com.typesafe" % "config" % "1.2.1",
-    "org.scalaz" %% "scalaz-core" % "7.3.2",
-    "com.github.pureconfig" %% "pureconfig" % "0.12.1",
+    "org.scalaz" %% "scalaz-core" % "7.3.8",
+    "com.github.pureconfig" %% "pureconfig" % "0.14.0",
     "org.locationtech.jts" % "jts-core" % "1.19.0",
     "org.locationtech.jts.io" % "jts-io-common" % "1.19.0",
-    "org.geotools" % "gt-shapefile" % "27.0" exclude ("com.vividsolutions", "jts"),
-    "org.geotools" % "gt-metadata" % "27.0" exclude ("com.vividsolutions", "jts"),
+    "org.geotools" % "gt-shapefile" % "31.5" exclude ("com.vividsolutions", "jts-core"),
+    "org.geotools" % "gt-metadata" % "31.5" exclude ("com.vividsolutions", "jt-cores"),
     "com.graphhopper" % "graphhopper-core" % "0.11.0" exclude ("com.vividsolutions", "jts-core"),
     "com.graphhopper" % "graphhopper-reader-osm" % "0.11.0" exclude ("com.vividsolutions", "jts-core"),
     "com.graphhopper" % "graphhopper-map-matching-core" % "0.11.0-4" exclude ("com.vividsolutions", "jts-core"),

project/plugins.sbt

@@ -2,3 +2,4 @@ addSbtPlugin("org.scoverage" % "sbt-scoverage" % "2.0.0")
 addSbtPlugin("com.sksamuel.scapegoat" % "sbt-scapegoat" % "1.1.1")
 addSbtPlugin("org.scalameta" % "sbt-scalafmt" % "2.4.6")
 addSbtPlugin("com.github.sbt" % "sbt-ci-release" % "1.5.10")
+addSbtPlugin("net.vonbuchholtz" % "sbt-dependency-check" % "5.1.0")

src/main/scala/it/agilelab/gis/domain/loader/OSMAdministrativeBoundariesLoader.scala

@@ -5,7 +5,7 @@ import it.agilelab.gis.core.loader.Loader
 import it.agilelab.gis.domain.managers.{ CountrySettings, GeocodePathManager }
 import it.agilelab.gis.domain.models.OSMBoundary
 import org.locationtech.jts.geom.Geometry
-import org.opengis.feature.simple.SimpleFeature
+import org.geotools.api.feature.simple.SimpleFeature
 
 import java.io.File
 import scala.util.Try

src/main/scala/it/agilelab/gis/domain/loader/OSMPostalCodeLoader.scala

@@ -3,7 +3,7 @@ package it.agilelab.gis.domain.loader
 import it.agilelab.gis.core.loader.Loader
 import it.agilelab.gis.domain.models.OSMBoundary
 import org.locationtech.jts.geom.Geometry
-import org.opengis.feature.simple.SimpleFeature
+import org.geotools.api.feature.simple.SimpleFeature
 
 case class OSMPostalCodeLoader() extends Loader[OSMBoundary] {
 

src/main/scala/it/agilelab/gis/domain/loader/ShapeFileReader.scala

@@ -13,7 +13,7 @@ import org.locationtech.jts.geom.{
   Point,
   Polygon
 }
-import org.opengis.feature.simple._
+import org.geotools.api.feature.simple._
 
 import java.io.File
 import java.net.URL

src/test/scala/it/agilelab/gis/core/GraphHopperSpec.scala

@@ -7,6 +7,7 @@ import it.agilelab.gis.domain.exceptions.RecoverableBrokenSequenceRouteError
 import it.agilelab.gis.domain.graphhopper._
 import org.scalatest._
 import org.scalatest.tagobjects.Slow
+import scala.jdk.CollectionConverters._
 
 import java.io.File
 import java.nio.file.{ Files, Paths }
@@ -77,7 +78,7 @@ class GraphHopperSpec
           roadType = Some("residential"),
           roadName = Some("Via Bassano Porrone"),
           speedLimit = Some(30),
-          linearDistance = Some(0.5240652051613223)
+          linearDistance = Some(0.5240652051613224)
         )),
       length = Some(0.0),
       time = Some(0),
@@ -246,7 +247,7 @@ class GraphHopperSpec
         |45.17262,9.04016,1619089411000
         |""".stripMargin
 
-    val points: Seq[GPSPoint] = trip.lines
+    val points: Seq[GPSPoint] = trip.lines.iterator().asScala
       .filter(_.nonEmpty)
       .map(_.split(","))
       .map(r => GPSPoint(r.head.toDouble, r(1).toDouble, None, r(2).toLong))
@@ -729,7 +730,7 @@ class GraphHopperSpec
       |40.74456 14.47613
       |""".stripMargin
 
-    val gpsPoints = points.lines
+    val gpsPoints = points.lines.iterator().asScala
       .filter(_.nonEmpty)
       .map(p => p.split(" "))
       .zipWithIndex
@@ -748,7 +749,7 @@ class GraphHopperSpec
                    |40.7445 14.47465
                    |""".stripMargin
 
-    val gpsPoints = points.lines
+    val gpsPoints = points.lines.iterator().asScala
       .filter(_.nonEmpty)
       .map(p => p.split(" "))
       .zipWithIndex
@@ -771,7 +772,7 @@ class GraphHopperSpec
         |43.67554 12.39515
         |""".stripMargin
 
-    val gpsPoints = points.lines
+    val gpsPoints = points.lines.iterator().asScala
       .filter(_.nonEmpty)
       .map(p => p.split(" "))
       .zipWithIndex
@@ -819,7 +820,7 @@ class GraphHopperSpec
     val points = """
       |45.75124, 45.7513, 45.75139, 45.75133, 45.75101, 45.75068, 45.75014, 45.74992, 45.75026, 45.75116, 45.7523, 45.75354, 45.75482, 45.75606, 45.75635, 45.75644, 45.75654, 45.75663, 45.75772, 45.75865, 45.75876, 45.7588, 45.75886, 45.75892, 45.75897, 45.75936, 45.76017, 45.7611, 45.76208, 45.763, 45.76391, 45.76518, 45.76633, 45.76753, 45.76785, 45.76797, 45.76908, 45.76927, 45.7692, 45.7692, 45.7692, 45.7692, 45.76919, 45.76918, 45.76918, 45.76918, 45.76916, 45.76916, 45.76916, 45.76917, 45.76918
       |9.05274, 9.05281, 9.05241, 9.05231, 9.05236, 9.05189, 9.05106, 9.05045, 9.05038, 9.05043, 9.05048, 9.05055, 9.05066, 9.05119, 9.05154, 9.0516, 9.05161, 9.05159, 9.05149, 9.05191, 9.05215, 9.05221, 9.05224, 9.05223, 9.0522, 9.05194, 9.05212, 9.05317, 9.05438, 9.05551, 9.05662, 9.05756, 9.05836, 9.05942, 9.05971, 9.05977, 9.06032, 9.06098, 9.06106, 9.06106, 9.06106, 9.06106, 9.06107, 9.06107, 9.06107, 9.06107, 9.06106, 9.06106, 9.06106, 9.06106, 9.06106
-      |""".stripMargin.lines
+      |""".stripMargin.lines.iterator().asScala
       .filter(_.nonEmpty)
       .map(l => l.split(","))
       .map(l => l.filter(_.nonEmpty).map(_.trim.toDouble))
@@ -1052,7 +1053,7 @@ class GraphHopperSpec
         |
         |""".stripMargin
 
-    val gpsPoints = points.lines
+    val gpsPoints = points.lines.iterator().asScala
       .filter(_.nonEmpty)
       .map(p => p.trim.split(" ").filter(_.trim.nonEmpty))
       .zipWithIndex
@@ -2222,7 +2223,7 @@ class GraphHopperSpec
   }
 
   private def csvToPoints(points: String): Seq[GPSPoint] =
-    points.stripMargin.lines
+    points.stripMargin.lines.iterator().asScala
       .map(_.trim)
       .filter(_.nonEmpty)
       .filterNot(_.startsWith("#")) // Commenting system for coordinates

src/test/scala/it/agilelab/gis/domain/loader/GeocodeManagerSpec.scala

@@ -150,7 +150,7 @@ class GeocodeManagerSpec extends FlatSpec with Matchers with EitherValues with B
         speedLimit = None,
         speedCategory = None,
         roadType = Some("residential"),
-        distance = Some(1.4465500367107154)
+        distance = Some(1.4465500367107156)
       )
 
     corsoSaccoEVanzettiActual should be(corsoSaccoEVanzettiExpected)