diff options
| author |   liamfallon <liam.fallon@est.tech> | 2022-01-25 12:22:59 +0000 |
|---|---|---|
| committer | liamfallon <liam.fallon@est.tech> | 2022-01-25 12:23:05 +0000 |
| commit | 397ed3cb307be21d9ca50ed885748fdd035d9a8f (patch) | |
| tree | 9bcedbb8747d873368e49842be71448bd6d3aaf5 | |
| parent | 0b7e14ab321c2da333f45e1a4f244de20ffe21ff (diff) | |
Update to SECCOM recommended dependencies
SECCOM has issued a directive on which dependencies should be used, see
this wiki page:
https://wiki.onap.org/display/SV/Jakarta+Policy
This is the policy parent review to comply with the SECCOM directive.
Zookeeper is added as a test dependency, it is no longer pulled in as a
transitive dependency by Kafka.
Issue-ID: POLICY-3849a
Change-Id: Id721807d2ff194cc6c1aa78f88d911bddce5a458
Signed-off-by: liamfallon <liam.fallon@est.tech>
| -rw-r--r-- | pom.xml | 2 | ||||
| -rw-r--r-- | testsuites/integration/integration-uservice-test/pom.xml | 17 |
2 files changed, 18 insertions, 1 deletions
@@ -43,7 +43,7 @@ <encoding>UTF-8</encoding> <file.encoding>UTF-8</file.encoding> <version.commons-cli>1.4</version.commons-cli> - <version.kafka>2.3.0</version.kafka> + <version.kafka>3.0.0</version.kafka> <version.hibernate>5.3.7.Final</version.hibernate> <version.policy.common>1.9.2-SNAPSHOT</version.policy.common> <version.policy.models>2.5.2-SNAPSHOT</version.policy.models> diff --git a/testsuites/integration/integration-uservice-test/pom.xml b/testsuites/integration/integration-uservice-test/pom.xml index 5b4152dec..d852ad1b5 100644 --- a/testsuites/integration/integration-uservice-test/pom.xml +++ b/testsuites/integration/integration-uservice-test/pom.xml @@ -173,6 +173,23 @@ </exclusion> </exclusions> </dependency> + <dependency> + <groupId>org.apache.zookeeper</groupId> + <artifactId>zookeeper</artifactId> + <version>3.7.0</version> + <scope>test</scope> + <exclusions> + <!-- The default netty version in kafka-junit4 has vulnerabilities --> + <exclusion> + <groupId>io.netty</groupId> + <artifactId>*</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + </exclusion> + </exclusions> + </dependency> <!-- This netty version fixes the vulnerabilities --> <dependency> <groupId>io.netty</groupId> |