summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoanna Jeremicz <joanna.jeremicz@nokia.com>2019-11-19 07:47:26 +0100
committerJoanna Jeremicz <joanna.jeremicz@nokia.com>2019-11-22 10:08:32 +0100
commit489978b1ff839d3ea02b0e76b933afc55fdea1d3 (patch)
tree1b79793fde21efcc97738371c3b460333dcb1a28
parent73889b15a3b4de4b13bfdd8a219a263f6b4a8d2a (diff)
Fix HV-VES static code vulnerabilities
- Update kafka-clients version - Update SDK version - Update reactor-bom version Issue-ID: DCAEGEN2-1823 Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com> Change-Id: Ib2d49c46e2d1b58d5131b9af6fc27804d443da71
-rw-r--r--pom.xml14
-rw-r--r--sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/api/ConfigurationModule.kt4
2 files changed, 14 insertions, 4 deletions
diff --git a/pom.xml b/pom.xml
index 8b5d165d..f36c5e8c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -57,7 +57,7 @@
<build-helper-maven-plugin.version>1.7</build-helper-maven-plugin.version>
<jacoco.version>0.8.2</jacoco.version>
<detekt.version>1.0.0-RC14</detekt.version>
- <sdk.version>1.1.4</sdk.version>
+ <sdk.version>1.3.2</sdk.version>
<!-- Protocol buffers -->
<protobuf.version>3.6.1</protobuf.version>
@@ -477,10 +477,20 @@
<groupId>io.projectreactor</groupId>
<artifactId>reactor-bom</artifactId>
<!-- remember to update netty native bindings versions -->
- <version>Californium-SR8</version>
+ <version>Dysprosium-SR1</version>
<type>pom</type>
<scope>import</scope>
</dependency>
+ <!-- Due to security reasons, override transitive kafka-clients dependency version (2.0.0 -> 2.3.1) -->
+ <dependency>
+ <groupId>org.apache.kafka</groupId>
+ <artifactId>kafka-clients</artifactId>
+ <version>2.3.1</version>
+ </dependency>
+ <!--
+ Disable native extension (epoll) on production for now.
+ Might be reintroduced if performance tests prove there is some performance issue.
+ -->
<!--
<dependency>
<groupId>io.netty</groupId>
diff --git a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/api/ConfigurationModule.kt b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/api/ConfigurationModule.kt
index 35adfe79..c913555a 100644
--- a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/api/ConfigurationModule.kt
+++ b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/api/ConfigurationModule.kt
@@ -34,7 +34,7 @@ import org.onap.dcae.collectors.veshv.utils.logging.Logger
import org.onap.dcae.collectors.veshv.utils.logging.MappedDiagnosticContext
import org.onap.dcaegen2.services.sdk.rest.services.cbs.client.api.CbsClient
import org.onap.dcaegen2.services.sdk.rest.services.cbs.client.api.CbsClientFactory
-import org.onap.dcaegen2.services.sdk.rest.services.cbs.client.model.EnvProperties
+import org.onap.dcaegen2.services.sdk.rest.services.cbs.client.model.CbsClientConfiguration
import reactor.core.publisher.Flux
import reactor.core.publisher.Mono
import reactor.retry.Jitter
@@ -52,7 +52,7 @@ class ConfigurationModule internal constructor(private val configStateListener:
constructor(configStateListener: ConfigurationStateListener) : this(
configStateListener,
- CbsClientFactory.createCbsClient(EnvProperties.fromEnvironment())
+ CbsClientFactory.createCbsClient(CbsClientConfiguration.fromEnvironment())
)
fun healthCheckPort(args: Array<String>): Int = cmd.getHealthcheckPort(args)