diff options
author | liamfallon <liam.fallon@ericsson.com> | 2018-06-21 11:40:18 +0800 |
---|---|---|
committer | liamfallon <liam.fallon@ericsson.com> | 2018-06-21 11:40:27 +0800 |
commit | 29992b16ffdde0bde1f2f315624cb30ce0d0773b (patch) | |
tree | 2013338fee521e453e15798ddc4025b70e403828 | |
parent | bb89ed3ad0765d323b6b026fc5fdd3b4a57fcc31 (diff) |
Reduce level of vulnerability on JRuby plugin
The JRuby plugin was using an old version of JRuby.
The version of JRuby is updated to the latest version, which
reduces the security vulnerability level. Some JRuby libraries
that are not used in the APEX PDP and that themselves have security
vulnerabilities are excluded.
Issue-ID: POLICY-905
Change-Id: I1c9d40c505849d8cab2778a4993dec9148504599
Signed-off-by: liamfallon <liam.fallon@ericsson.com>
-rw-r--r-- | plugins/plugins-executor/plugins-executor-jruby/pom.xml | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/plugins/plugins-executor/plugins-executor-jruby/pom.xml b/plugins/plugins-executor/plugins-executor-jruby/pom.xml index c9284a20d..c9f72fc07 100644 --- a/plugins/plugins-executor/plugins-executor-jruby/pom.xml +++ b/plugins/plugins-executor/plugins-executor-jruby/pom.xml @@ -37,8 +37,22 @@ <dependencies> <dependency> <groupId>org.jruby</groupId> - <artifactId>jruby-complete</artifactId> - <version>1.7.26</version> + <artifactId>jruby</artifactId> + <version>9.2.0.0</version> + <exclusions> + <exclusion> + <groupId>org.jruby.extras</groupId> + <artifactId>bytelist</artifactId> + </exclusion> + <exclusion> + <groupId>org.jruby</groupId> + <artifactId>dirgra</artifactId> + </exclusion> + <exclusion> + <groupId>org.jruby</groupId> + <artifactId>jruby-stdlib</artifactId> + </exclusion> + </exclusions> </dependency> </dependencies> -</project>
\ No newline at end of file +</project> |