diff options
author | Pooja03 <PM00501616@techmahindra.com> | 2018-04-25 10:53:41 +0530 |
---|---|---|
committer | Pooja Malik <PM00501616@techmahindra.com> | 2018-04-25 05:26:13 +0000 |
commit | fbb4e65173e5e340d6bd7366a12a12558067690c (patch) | |
tree | 86427d91c3916adbdd211f41a7af14b2d1070b18 | |
parent | f3222cb2137c1ec21d300540de385bf620ff022d (diff) |
Security issue and FileNotFound Exception
Security issue to be addressed for fasterxml.jackson and FileNotFound
Exception for MapperConfig.json
Issue-ID: DCAEGEN2-467
Change-Id: Iba56ee61f9b8768a80ec88e423f7cb3e80961306
Signed-off-by: Pooja03 <PM00501616@techmahindra.com>
3 files changed, 128 insertions, 128 deletions
diff --git a/UniversalVesAdapter/pom.xml b/UniversalVesAdapter/pom.xml index 2f8d63b..e6baf06 100644 --- a/UniversalVesAdapter/pom.xml +++ b/UniversalVesAdapter/pom.xml @@ -1,23 +1,15 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- -* ============LICENSE_START======================================================= -* ONAP : DCAEGEN2/services/mapper -* ================================================================================ -* Copyright 2018 TechMahindra -*================================================================================= -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -* ============LICENSE_END========================================================= - --> +<!-- * ============LICENSE_START======================================================= + * ONAP : DCAEGEN2/services/mapper * ================================================================================ + * Copyright 2018 TechMahindra *================================================================================= + * Licensed under the Apache License, Version 2.0 (the "License"); * you may + not use this file except in compliance with the License. * You may obtain + a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * + * Unless required by applicable law or agreed to in writing, software * distributed + under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES + OR CONDITIONS OF ANY KIND, either express or implied. * See the License for + the specific language governing permissions and * limitations under the License. + * ============LICENSE_END========================================================= --> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> @@ -27,9 +19,8 @@ <version>0.0.1</version> <parent> - <!-- <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-starter-parent</artifactId> - <version>2.0.0.RELEASE</version> --> + <!-- <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> + <version>2.0.0.RELEASE</version> --> <groupId>org.onap.dcaegen2.services.mapper</groupId> <artifactId>mapper</artifactId> <version>0.0.1-SNAPSHOT</version> @@ -57,12 +48,12 @@ <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> - <version>2.0.0.RELEASE</version> + <version>2.0.1.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> - <version>2.0.0.RELEASE</version> + <version>2.0.1.RELEASE</version> <scope>test</scope> </dependency> <dependency> @@ -74,48 +65,48 @@ <dependency> <groupId>org.springframework.data</groupId> <artifactId>spring-data-commons</artifactId> - <version>2.0.5.RELEASE</version> + <version>2.0.6.RELEASE</version> </dependency> <dependency> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-databind</artifactId> - <version>2.9.4</version> -</dependency> - - -<dependency> - <groupId>hsqldb</groupId> - <artifactId>hsqldb</artifactId> - <version>1.8.0.10</version> - <scope>test</scope> -</dependency> - -<!-- https://mvnrepository.com/artifact/xalan/xalan --> -<dependency> - <groupId>xalan</groupId> - <artifactId>xalan</artifactId> - <version>2.7.2</version> -</dependency> - -<!-- https://mvnrepository.com/artifact/xerces/xercesImpl --> -<dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.11.0-atlassian-01</version> -</dependency> - -<!-- https://mvnrepository.com/artifact/com.thoughtworks.xstream/xstream --> -<dependency> - <groupId>com.thoughtworks.xstream</groupId> - <artifactId>xstream</artifactId> - <version>1.4.10</version> -</dependency> -<!-- https://mvnrepository.com/artifact/xml-apis/xml-apis --> -<dependency> - <groupId>xml-apis</groupId> - <artifactId>xml-apis</artifactId> - <version>1.4.01</version> -</dependency> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-databind</artifactId> + <version>2.9.5</version> + </dependency> + + + <dependency> + <groupId>hsqldb</groupId> + <artifactId>hsqldb</artifactId> + <version>1.8.0.10</version> + <scope>test</scope> + </dependency> + + <!-- https://mvnrepository.com/artifact/xalan/xalan --> + <dependency> + <groupId>xalan</groupId> + <artifactId>xalan</artifactId> + <version>2.7.2</version> + </dependency> + + <!-- https://mvnrepository.com/artifact/xerces/xercesImpl --> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>2.11.0-atlassian-01</version> + </dependency> + + <!-- https://mvnrepository.com/artifact/com.thoughtworks.xstream/xstream --> + <dependency> + <groupId>com.thoughtworks.xstream</groupId> + <artifactId>xstream</artifactId> + <version>1.4.10</version> + </dependency> + <!-- https://mvnrepository.com/artifact/xml-apis/xml-apis --> + <dependency> + <groupId>xml-apis</groupId> + <artifactId>xml-apis</artifactId> + <version>1.4.01</version> + </dependency> @@ -129,9 +120,17 @@ <build> <plugins> <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <configuration> + <reuseForks>false</reuseForks> + <forkCount>1</forkCount> + </configuration> + </plugin> + <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> - <version>2.0.0.RELEASE</version> + <version>2.0.0.RELEASE</version> <executions> <execution> <goals> @@ -144,64 +143,65 @@ </executions> </plugin> <plugin> - <groupId>com.spotify</groupId> - <artifactId>docker-maven-plugin</artifactId> - <version>${docker.maven.version}</version> - <configuration> - <skipDockerBuild>false</skipDockerBuild> - <imageName>${onap.nexus.dockerregistry.daily}/onap/${project.groupId}.${project.artifactId}</imageName> - <baseImage>openjdk:8-jre</baseImage> - <entryPoint>["java", "-jar", "/opt/${project.build.finalName}.jar", "server"]</entryPoint> - <resources> - <resource> - <targetPath>/opt</targetPath> - <directory>${project.build.directory}</directory> - <include>${project.build.finalName}.jar</include> - </resource> - </resources> - <exposes> - <expose>8080</expose> - </exposes> - <imageTags> - <imageTag>${project.version}-SNAPSHOT-${maven.build.timestamp}Z</imageTag> - <imageTag>${project.version}</imageTag> - <imageTag>latest</imageTag> - </imageTags> - <serverId>${onap.nexus.dockerregistry.daily}</serverId> - </configuration> - </plugin> - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>build-helper-maven-plugin</artifactId> - <version>1.9.1</version> - <executions> - <execution> - <id>add-source</id> - <phase>generate-sources</phase> - <goals> - <goal>add-source</goal> - </goals> - <configuration> - <sources> - <source>src/gen/java</source> - </sources> - </configuration> - </execution> - <execution> - <id>regex-property</id> - <goals> - <goal>regex-property</goal> - </goals> - <configuration> - <name>docker.version</name> - <value>${project.version}</value> - <regex>(^[0-9]+.[0-9]+.[0-9]+$)</regex> - <replacement>$1-STAGING</replacement> - <failIfNoMatch>false</failIfNoMatch> - </configuration> - </execution> - </executions> - </plugin> + <groupId>com.spotify</groupId> + <artifactId>docker-maven-plugin</artifactId> + <version>${docker.maven.version}</version> + <configuration> + <skipDockerBuild>false</skipDockerBuild> + <imageName>${onap.nexus.dockerregistry.daily}/onap/${project.groupId}.${project.artifactId}</imageName> + <baseImage>openjdk:8-jre</baseImage> + <entryPoint>["java", "-jar", "/opt/${project.build.finalName}.jar", + "server"]</entryPoint> + <resources> + <resource> + <targetPath>/opt</targetPath> + <directory>${project.build.directory}</directory> + <include>${project.build.finalName}.jar</include> + </resource> + </resources> + <exposes> + <expose>8080</expose> + </exposes> + <imageTags> + <imageTag>${project.version}-SNAPSHOT-${maven.build.timestamp}Z</imageTag> + <imageTag>${project.version}</imageTag> + <imageTag>latest</imageTag> + </imageTags> + <serverId>${onap.nexus.dockerregistry.daily}</serverId> + </configuration> + </plugin> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>build-helper-maven-plugin</artifactId> + <version>1.9.1</version> + <executions> + <execution> + <id>add-source</id> + <phase>generate-sources</phase> + <goals> + <goal>add-source</goal> + </goals> + <configuration> + <sources> + <source>src/gen/java</source> + </sources> + </configuration> + </execution> + <execution> + <id>regex-property</id> + <goals> + <goal>regex-property</goal> + </goals> + <configuration> + <name>docker.version</name> + <value>${project.version}</value> + <regex>(^[0-9]+.[0-9]+.[0-9]+$)</regex> + <replacement>$1-STAGING</replacement> + <failIfNoMatch>false</failIfNoMatch> + </configuration> + </execution> + </executions> + </plugin> </plugins> </build> diff --git a/UniversalVesAdapter/src/main/resources/application.properties b/UniversalVesAdapter/src/main/resources/application.properties index 0aefded..4841f4a 100644 --- a/UniversalVesAdapter/src/main/resources/application.properties +++ b/UniversalVesAdapter/src/main/resources/application.properties @@ -6,6 +6,6 @@ universal.configFiles=snmp:snmpTrapToVes.xml,default:defaultConfig.xml fileService.url=http://localhost:8888/fileAsString/ messagesInBatch=1000 messagesInTimeInterval=5000 -mapperConfig.file=MapperConfig.json -dmaap.consumer_props=/src/main/resources/dme2/consumer.properties -dmaap.publisher_props=/src/main/resources/dme2/publisher.properties
\ No newline at end of file +mapperConfig.file=../UniversalVesAdapter/src/main/resources/MapperConfig.json +dmaap.consumer_props=../UniversalVesAdapter/src/main/resources/dme2/consumer.properties +dmaap.publisher_props=../UniversalVesAdapter/src/main/resources/dme2/publisher.properties
\ No newline at end of file diff --git a/UniversalVesAdapter/src/test/java/org/onap/universalvesadapter/configs/DMaapMrUrlConfigurationTest.java b/UniversalVesAdapter/src/test/java/org/onap/universalvesadapter/configs/DMaapMrUrlConfigurationTest.java index ac9274d..c7497b4 100644 --- a/UniversalVesAdapter/src/test/java/org/onap/universalvesadapter/configs/DMaapMrUrlConfigurationTest.java +++ b/UniversalVesAdapter/src/test/java/org/onap/universalvesadapter/configs/DMaapMrUrlConfigurationTest.java @@ -43,8 +43,8 @@ public class DMaapMrUrlConfigurationTest { String actualdata2 = dMaapMrUrlConfiguration.getPublisherProperties(); String actualdata3 = dMaapMrUrlConfiguration.getUrl(); - assertEquals("/src/main/resources/dme2/consumer.properties", actualdata1); - assertEquals("/src/main/resources/dme2/publisher.properties", actualdata2); + assertEquals("../UniversalVesAdapter/src/main/resources/dme2/consumer.properties", actualdata1); + assertEquals("../UniversalVesAdapter/src/main/resources/dme2/publisher.properties", actualdata2); assertEquals("http://localhost:8080/greeting12", actualdata3); |