From 5b30eb5dadbf401a2ea50fb7afba1dc7fd4ec42d Mon Sep 17 00:00:00 2001
From: liamfallon <liam.fallon@est.tech>
Date: Wed, 26 Aug 2020 12:48:45 +0100
Subject: Update apex JRuby joni dependency for security

Issue-ID: POLICY-2799
Change-Id: Ifdc16e99093995665db61329f61455fc0f327386
Signed-off-by: liamfallon <liam.fallon@est.tech>
---
 plugins/plugins-executor/plugins-executor-jruby/pom.xml | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'plugins/plugins-executor/plugins-executor-jruby')

diff --git a/plugins/plugins-executor/plugins-executor-jruby/pom.xml b/plugins/plugins-executor/plugins-executor-jruby/pom.xml
index c7af58546..c550ae0b7 100644
--- a/plugins/plugins-executor/plugins-executor-jruby/pom.xml
+++ b/plugins/plugins-executor/plugins-executor-jruby/pom.xml
@@ -18,7 +18,8 @@
   SPDX-License-Identifier: Apache-2.0
   ============LICENSE_END=========================================================
 -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <parent>
         <groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId>
@@ -34,7 +35,7 @@
         <dependency>
             <groupId>org.jruby</groupId>
             <artifactId>jruby-core</artifactId>
-            <version>9.2.11.1</version>
+            <version>9.2.13.0</version>
             <exclusions>
                 <exclusion>
                     <groupId>org.jruby.extras</groupId>
@@ -48,8 +49,17 @@
                     <groupId>com.github.jnr</groupId>
                     <artifactId>jffi</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.jruby.joni</groupId>
+                    <artifactId>joni</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>org.jruby.joni</groupId>
+            <artifactId>joni</artifactId>
+            <version>2.1.40</version>
+        </dependency>
         <dependency>
             <groupId>org.jruby.extras</groupId>
             <artifactId>bytelist</artifactId>
-- 
cgit 1.2.3-korg