diff options
author | Joanna Jeremicz <joanna.jeremicz@nokia.com> | 2019-11-19 07:47:26 +0100 |
---|---|---|
committer | Joanna Jeremicz <joanna.jeremicz@nokia.com> | 2019-11-22 10:08:32 +0100 |
commit | 489978b1ff839d3ea02b0e76b933afc55fdea1d3 (patch) | |
tree | 1b79793fde21efcc97738371c3b460333dcb1a28 /pom.xml | |
parent | 73889b15a3b4de4b13bfdd8a219a263f6b4a8d2a (diff) |
Fix HV-VES static code vulnerabilities
- Update kafka-clients version
- Update SDK version
- Update reactor-bom version
Issue-ID: DCAEGEN2-1823
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
Change-Id: Ib2d49c46e2d1b58d5131b9af6fc27804d443da71
Diffstat (limited to 'pom.xml')
-rw-r--r-- | pom.xml | 14 |
1 files changed, 12 insertions, 2 deletions
@@ -57,7 +57,7 @@ <build-helper-maven-plugin.version>1.7</build-helper-maven-plugin.version> <jacoco.version>0.8.2</jacoco.version> <detekt.version>1.0.0-RC14</detekt.version> - <sdk.version>1.1.4</sdk.version> + <sdk.version>1.3.2</sdk.version> <!-- Protocol buffers --> <protobuf.version>3.6.1</protobuf.version> @@ -477,10 +477,20 @@ <groupId>io.projectreactor</groupId> <artifactId>reactor-bom</artifactId> <!-- remember to update netty native bindings versions --> - <version>Californium-SR8</version> + <version>Dysprosium-SR1</version> <type>pom</type> <scope>import</scope> </dependency> + <!-- Due to security reasons, override transitive kafka-clients dependency version (2.0.0 -> 2.3.1) --> + <dependency> + <groupId>org.apache.kafka</groupId> + <artifactId>kafka-clients</artifactId> + <version>2.3.1</version> + </dependency> + <!-- + Disable native extension (epoll) on production for now. + Might be reintroduced if performance tests prove there is some performance issue. + --> <!-- <dependency> <groupId>io.netty</groupId> |