diff options
| author |   Michael Arrastia <MArrasti@amdocs.com> | 2018-05-03 18:09:26 +0100 |
|---|---|---|
| committer | Michael Arrastia <MArrasti@amdocs.com> | 2018-05-03 18:09:26 +0100 |
| commit | 42480c241e5882bd2e6002004e5013a0e1bd7429 (patch) | |
| tree | 1000103085ba7ad3d7b8fdb28b5a76aba6eca852 /champ-lib/champ-core | |
| parent | e8211d3d5ab9ef5fd9a66230a94b1739d9dfe64b (diff) | |
Address security vulnerabilities
This includes version upgrades for:
- logback-classic, logback-core
- commons-collections
- hadoop-common
- hbase-client: settled on version 1.0.2 as container would not start
with later versions
- httpclient
- netty, netty-all
- zookeeper
- jackson-core
Also should resolve presence of flux-examples.
Change-Id: Ifb55f5d6676a9971d1d9a46c695dc78eb1b99843
Issue-ID: AAI-1117
Signed-off-by: Michael Arrastia <MArrasti@amdocs.com>
Diffstat (limited to 'champ-lib/champ-core')
| -rw-r--r-- | champ-lib/champ-core/pom.xml | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/champ-lib/champ-core/pom.xml b/champ-lib/champ-core/pom.xml index dbbb2b7..ee65310 100644 --- a/champ-lib/champ-core/pom.xml +++ b/champ-lib/champ-core/pom.xml @@ -25,8 +25,8 @@ limitations under the License. <modelVersion>4.0.0</modelVersion> <parent> - <artifactId>champ-lib</artifactId> <groupId>org.onap.aai</groupId> + <artifactId>champ-lib</artifactId> <version>1.2.0-SNAPSHOT</version> </parent> @@ -37,17 +37,16 @@ limitations under the License. <dependency> <groupId>org.onap.aai.event-client</groupId> <artifactId>event-client-api</artifactId> - <version>${event.client.version}</version> </dependency> + <dependency> <groupId>org.onap.aai.event-client</groupId> <artifactId>event-client-dmaap</artifactId> - <version>${event.client.version}</version> </dependency> + <dependency> <groupId>org.onap.aai.event-client</groupId> <artifactId>event-client-kafka</artifactId> - <version>${event.client.version}</version> </dependency> <!-- Event Bus Library - END --> @@ -56,11 +55,13 @@ limitations under the License. <artifactId>groovy</artifactId> <version>2.4.12</version> </dependency> + <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> <version>2.5.3</version> </dependency> + <dependency> <groupId>org.apache.tinkerpop</groupId> <artifactId>gremlin-core</artifactId> @@ -77,17 +78,34 @@ limitations under the License. </exclusion> </exclusions> </dependency> + <dependency> <groupId>org.apache.tinkerpop</groupId> <artifactId>tinkergraph-gremlin</artifactId> <version>3.2.3</version> <optional>true</optional> </dependency> + <dependency> <groupId>com.google.code.gson</groupId> <artifactId>gson</artifactId> <version>2.8.2</version> </dependency> + + <dependency> + <groupId>org.apache.hbase</groupId> + <artifactId>hbase-client</artifactId> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + </exclusion> + <exclusion> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + </exclusion> + </exclusions> + </dependency> </dependencies> <build> @@ -111,7 +129,6 @@ limitations under the License. <skip>true</skip> </configuration> </plugin> - <!-- Uncomment to add a license header to source files <plugin> <groupId>com.mycila</groupId> <artifactId>license-maven-plugin</artifactId> @@ -132,17 +149,18 @@ limitations under the License. <include>**/*aaiconfig*.properties</include> <include>**/*titan*.properties</include> </includes> + <skipExistingHeaders>true</skipExistingHeaders> </configuration> <executions> <execution> <goals> - <goal>format</goal> + <!-- Set goal to "format" to auto update license headers --> + <goal>check</goal> </goals> <phase>process-sources</phase> </execution> </executions> </plugin> - --> </plugins> </build> </project> |