Age | Commit message (Collapse) | Author | Files | Lines |
|
https://spring.io/security/cve-2023-20883 by upgrading spring to 3.1.0+
Issue-ID: CCSDK-3921
Change-Id: I5fd8d252982aeea81cad0e31a5fd2fc1befff5b3
Signed-off-by: JohnKeeney <john.keeney@est.tech>
|
|
org.springframework.boot.* 3.0.3 -> 3.0.6
CVE-2023-28867
CVE-2023-20873
CVE-2023-1370
CVE-2022-4492
org.springframework.* 6.0.4 -> 6.0.8
CVE-2023-20863
CVE-2023-20861
ch.qos.logback.* 1.4.5 -> 1.4.7
Issue-ID: CCSDK-3841
Change-Id: I857c4f60977c31271c85da3a933c7cb12ed125bd
Signed-off-by: JohnKeeney <john.keeney@est.tech>
|
|
Changes in earlier commit were made directly to a generated pom file
and thus were lost at compile time. This change makes the changes
to the template and properties files used to generate that pom
Issue-ID: CCSDK-3813
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ieb3bacfe29d7834bdc049023a2beefbf39d87ab1
|
|
Version 1.25.0 of grpc does not support Apple silicon, causing local
builds to fail on newer Macbooks. This is resolved in verson 1.29.0
Issue-ID: CCSDK-3860
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ib76fba09bfd965d115d2697536f7aefef7ed5ff7
|
|
Issue-ID: CCSDK-3813
Change-Id: If23fa807187520ae62091fc2e4156d25b71e8ff3
Signed-off-by: JohnKeeney <john.keeney@est.tech>
|
|
Update dependencies to work with Java 17
Issue-ID: CCSDK-3813
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I89ac86cf45da8a36a8032607bc203f10f2faab01
|
|
jackson-bom -> 2.13.4.2 (via spring-boot-starter:jar:2.6.11) to address CVE-2020-36518 & CVE-2022-42003 & CVE-2022-42004
log4j -> 2.17.2
Issue-ID: CCSDK-3618
Change-Id: Ic1660b18ebc2f9519bcbd5f767a0f22d2a1dd0db
Signed-off-by: JohnKeeney <john.keeney@est.tech>
|
|
Roll master branch numbers to London release numbering
Change-Id: I192be24a3ad662f9a8bc902249c5122d62d5e47e
Issue-ID: CCSDK-3779
Signed-off-by: Timoney, Dan (dt5972) <dtimoney@att.com>
|
|
Update kotlin versions in springboot 2.5 and 2.6 parent poms
Change-Id: I9ff9ee224795de252225cc0517bd40b4802b6a7f
Issue-ID: CCSDK-3771
Signed-off-by: Timoney, Dan (dt5972) <dtimoney@att.com>
|
|
Change-Id: I409979c2bdd7e2e5a36b036be1c04a30116367e9
Signed-off-by: JohnKeeney <john.keeney@est.tech>
Issue-ID: CCSDK-3618
|
|
Update versions to address issues in local Sulfur testing
Issue-ID: CCSDK-3691
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I886ec094c589cc2888a05e7e9d30f99748d27209
|
|
Update springboot 2.6.6 -> 2.6.8
Update spring version 5.3.16 -> 5.3.18
Addresses CVE-2022-24823
Issue-ID: CCSDK-3581
Change-Id: I1546a5f812aacd5843a85fa48f5718ad0901b15b
Signed-off-by: JohnKeeney <john.keeney@est.tech>
|
|
Issue-ID: CCSDK-3629
Signed-off-by: Singal, Kapil (ks220y) <ks220y@att.com>
Change-Id: I0d0bb47e55a1f27131795e609e38c0952e763856
|
|
To address Security Issue CVE-2022-22965
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
Change-Id: Id719b9dc33d774b0d6516cc63ab7830d45deb27a
Signed-off-by: JohnKeeney <john.keeney@est.tech>
Issue-ID: CCSDK-3629
|
|
Update CCSDK versions in parent poms to align with Kohn release
Issue-ID: CCSDK-3641
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I665ae25005548bb3924695f9a5e30950282c8bee
|
|
Remove nordix repository declaration. Instead, the standard onap-public
repo should be used to resolve nordix version of liquibase.
Issue-ID: CCSDK-3612
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: If24d111330f49dee28855d81ab9a7f6917776957
|
|
Update dependencies for springboot 2.5.10
Issue-ID: CCSDK-3585
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Iaef2b462dcc687d6e8b4b44ba33f278f4eccd3a1
|
|
Add explicit dependencies on log4j-core and log4j-api to override
derived version and force 2.17.1
Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I9e8ebbaaaccad59735236810ad25c9b50ef84322
|
|
Upgrade to log4j2 version 2.17.1 to correct log4shell vulnerability
Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I61a3fdd9854a1beee70abed1fd8542cdf664756a
|
|
Update log4j2 to version 2.16.0 to address new variant of log4shell
Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I28d4e9657db054edeb4788946c36bd1476fbdf55
|
|
Update log4j version to address known vulnerability
Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ie0840a7f45257092c93bd5dbb23d197a1de491b0
|
|
Fix range so that snapshots are included
Issue-ID: CCSDK-3470
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I8a3f59b59d0c9d347a259fa093470371fb169902
|
|
Update versions of dependencies for Jakarta
Issue-ID: CCSDK-3470
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Iff421b002fd2e6e2f1063667026278d09b9a3e77
|
|
Due to issues in range expansion, version of ccsdk/sli should be set
to static value 1.3.1 for Istanbul
Issue-ID: CCSDK-3444
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I3ab63166ae51000e58206b795d3dd96f86240e76
|
|
Update to use APL licensed liquibase distribution provided by CPS project
Issue-ID: CCSDK-3423
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ibd5f543f693160e5aed27c2fb4bac4b531f1c557
|
|
Upgrade third party packages to address security vulnerabilities.
Provide new parent pom for spring boot 2.5, which is not
backward compatible with spring boot 2.3
Issue-ID: CCSDK-3415
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Iffbfffb6709aeec48c35dd604b9293fb3af34a10
|
|
maven-assembly-plugin seems to exclude snapshots when resolving
ranges unless the range explicitly includes a snapshot. Updated
ranges to end in snapshot release to work around this issue.
Issue-ID: CCSDK-3387
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I443da915e792e153eea55fdb9dc763b68471bb3c
|
|
Update to latest version of spring boot 2.3
Issue-ID: CCSDK-3291
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ie475c749fa9e8b58cae2aadbde0e8e9b40790f4d
|
|
Update parent poms to specify CCSDK repo versions using ranges
Issue-ID: CCSDK-3387
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ibe503fd109559e36d40fba90feb58dea9d1919ab
|
|
Update mariadb-java-client to version 2.7.3 to resolve exception
thrown when installed in OSGi container.
Issue-ID: CCSDK-3373
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ib58e562940eae995233d54a196d77bdb5a5dcbd1
|
|
Issue-ID: CCSDK-3364
Signed-off-by: Singal, Kapil (ks220y) <ks220y@att.com>
Change-Id: I66bf18c08711974b3161ca356ef2a44b20d5534a
|
|
Issue-ID: CCSDK-3329
Signed-off-by: Singal, Kapil (ks220y) <ks220y@att.com>
Change-Id: If9ac73ec5f0ad8a2bd0b09ed4a17731cb357d900
|
|
Issue-ID: CCSDK-3298
Signed-off-by: Singal, Kapil (ks220y) <ks220y@att.com>
Change-Id: I8798f0cfa7b0042628f508ca851a42d76a5f7b21
|
|
to version 1.6.9
Issue-ID: LOG-1242
Signed-off-by: Claudio D. Gasparini <claudio.gasparini@intl.att.com>
Change-Id: I6a288d7d91b193581ca0d87a9dd06381fa79a45d
|
|
Fixed incorrect specifications of antlr version. Also, updated oparent
pom.xml to use latest released oparent
Change-Id: Iaa18032d89bd86916bc7739a71598ab495333795
Issue-ID: CCSDK-3231
Signed-off-by: Dan Timoney <dtimoney@att.com>
|
|
Updated properties in parent pom to use correct values for Istanbul
Change-Id: I9a6d5048a855c152003b2e314eb58ceeb9503b17
Issue-ID: CCSDK-3190
Signed-off-by: Dan Timoney <dtimoney@att.com>
|
|
migrate parents to aluminium-sr0
Change-Id: Iafc8f9bdefe7fb3593166bb067210cc944d65561
Issue-ID: CCSDK-3012
Signed-off-by: Michael DÜrre <michael.duerre@highstreet-technologies.com>
|
|
Issue-ID: CCSDK-3126
Signed-off-by: Singal, Kapil (ks220y) <ks220y@att.com>
Change-Id: I5c89ab63f58084808038e58b413bf51c29bcb93b
|
|
It will avoid scenario where few child modules have artifacts created in nexus and some are missing
Issue-ID: CCSDK-3126
Signed-off-by: Singal, Kapil (ks220y) <ks220y@att.com>
Change-Id: I153719d9125213dc20b646d3fdfb31c8546ad49f
|
|
This reverts upgrade to OpenDaylight Aluminum
(commit b6288f99fbfcc73f115511696f98111ca32b8d2f.)
Change-Id: I194efd26f792328f0ab79848664708715e94e240
Issue-ID: CCSDK-3012
Signed-off-by: Dan Timoney <dtimoney@att.com>
|
|
migrate parents to aluminium-sr0
Issue-ID: CCSDK-3012
Signed-off-by: Michael DÜrre <michael.duerre@highstreet-technologies.com>
Change-Id: I8c19abcfa4a0fbac629496835e4caf92aecd2459
Signed-off-by: Michael DÜrre <michael.duerre@highstreet-technologies.com>
|
|
Upgrade to 2.3.8.RELEASE to fix the security vulnerabilities.
Change-Id: I40c2702aca612f265cb4928f392ec4ec4f223aea
Issue-ID: CCSDK-3108
Signed-off-by: RehanRaza <muhammad.rehan.raza@est.tech>
|
|
Issue-ID: CCSDK-3001
Change-Id: I4ecb2261fcab912d0c1dbead6c532c86e872be60
Signed-off-by: Jozsef Csongvai <jozsef.csongvai@bell.ca>
|
|
Added missing dependencies needed in oparent and dependencies-bom
to allow oparent pom to be used in ccsdk/sli for code not
directly dependent on OpenDaylight. Also, updated to latest
springboot release and to latest released version of ONAP oparent
pom. Note: this change does NOT address changes to compile jars as
java 11. That change will come with the changes for ODL Aluminum.
Change-Id: I599bae0c32f5ced7eada956a0ed3b57f40461cd5
Issue-ID: CCSDK-3001
Signed-off-by: Dan Timoney <dtimoney@att.com>
|
|
Some version declarations were missing from CCSDK oparent, which
causes problems when moving repos to use CCSDK oparent pom instead
of ODL-based parents. Also, update version properies to latest CCSDK
master snapshot versions.
Change-Id: Ia9222da0f8720f981cfcd98aaeaafc68aedbcb92
Issue-ID: CCSDK-3001
Signed-off-by: Dan Timoney <dtimoney@att.com>
|
|
Issue-ID: CCSDK-2834
Signed-off-by: Singal, Kapil (ks220y) <ks220y@att.com>
Change-Id: Ib4b8e6ad8221fbd0e3834733d1fc0d8701816827
|
|
Roll master branch to initial Honolulu release version
Change-Id: I215dc2c5b3f0c817a653a43b9cf448b78caba1f8
Issue-ID: CCSDK-2742
Signed-off-by: Dan Timoney <dtimoney@att.com>
|
|
Issue-ID: CCSDK-2734
Signed-off-by: Singal, Kapil (ks220y) <ks220y@att.com>
Change-Id: I57964c912f17bf0c7dfe060a469affbf82486d35
|
|
maven-javadoc-plugin started to fail when using java 11 compiler. Some
issues are addressed in latest version of plugin (3.2.0), but it appears
some issues remain. To address this, we use the latest plugin version
and configure maven to continue if javadoc errors occur. Note: this issue
is currently causing verify builds to fail - thus, this is a blocking
issue.
Change-Id: I0a9882b4b93ea18b29e2d53d269cf70dda77a4d1
Issue-ID: CCSDK-2728
Signed-off-by: Dan Timoney <dtimoney@att.com>
|
|
Upgrade to latest springboot release (2.3.3.RELEASE)
Change-Id: I2aabcc0f258912f79ea6334ebec0ab342a2b066f
Issue-ID: CCSDK-2633
Signed-off-by: Dan Timoney <dtimoney@att.com>
|