summaryrefslogtreecommitdiffstats
path: root/pom.xml
diff options
context:
space:
mode:
authorJoanna Jeremicz <joanna.jeremicz@nokia.com>2019-11-19 07:47:26 +0100
committerJoanna Jeremicz <joanna.jeremicz@nokia.com>2019-11-22 10:08:32 +0100
commit489978b1ff839d3ea02b0e76b933afc55fdea1d3 (patch)
tree1b79793fde21efcc97738371c3b460333dcb1a28 /pom.xml
parent73889b15a3b4de4b13bfdd8a219a263f6b4a8d2a (diff)
Fix HV-VES static code vulnerabilities
- Update kafka-clients version - Update SDK version - Update reactor-bom version Issue-ID: DCAEGEN2-1823 Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com> Change-Id: Ib2d49c46e2d1b58d5131b9af6fc27804d443da71
Diffstat (limited to 'pom.xml')
-rw-r--r--pom.xml14
1 files changed, 12 insertions, 2 deletions
diff --git a/pom.xml b/pom.xml
index 8b5d165d..f36c5e8c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -57,7 +57,7 @@
<build-helper-maven-plugin.version>1.7</build-helper-maven-plugin.version>
<jacoco.version>0.8.2</jacoco.version>
<detekt.version>1.0.0-RC14</detekt.version>
- <sdk.version>1.1.4</sdk.version>
+ <sdk.version>1.3.2</sdk.version>
<!-- Protocol buffers -->
<protobuf.version>3.6.1</protobuf.version>
@@ -477,10 +477,20 @@
<groupId>io.projectreactor</groupId>
<artifactId>reactor-bom</artifactId>
<!-- remember to update netty native bindings versions -->
- <version>Californium-SR8</version>
+ <version>Dysprosium-SR1</version>
<type>pom</type>
<scope>import</scope>
</dependency>
+ <!-- Due to security reasons, override transitive kafka-clients dependency version (2.0.0 -> 2.3.1) -->
+ <dependency>
+ <groupId>org.apache.kafka</groupId>
+ <artifactId>kafka-clients</artifactId>
+ <version>2.3.1</version>
+ </dependency>
+ <!--
+ Disable native extension (epoll) on production for now.
+ Might be reintroduced if performance tests prove there is some performance issue.
+ -->
<!--
<dependency>
<groupId>io.netty</groupId>