diff options
author | Pamela Dragosh <pdragosh@research.att.com> | 2018-04-13 14:41:44 -0400 |
---|---|---|
committer | Pamela Dragosh <pdragosh@research.att.com> | 2018-04-13 14:41:58 -0400 |
commit | 7bb69f8ae932417a5538450f987834007f1e9b51 (patch) | |
tree | 948ccda1915680e3ecaaf2af54d3f559cd80139e | |
parent | ea42fa8577530c6109bb1d3cd43c64a0ee298a88 (diff) |
Exclude commons-collections
Since we are not using LDAP PIP we can get rid of this jar
that has security issues.
Issue-ID: POLICY-722
Change-Id: I93feacc8733a834866476db75933d8b2cf08c212
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
-rw-r--r-- | controlloop/common/controller-beijing/pom.xml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/controlloop/common/controller-beijing/pom.xml b/controlloop/common/controller-beijing/pom.xml index 71165f7ae..b6021626b 100644 --- a/controlloop/common/controller-beijing/pom.xml +++ b/controlloop/common/controller-beijing/pom.xml @@ -158,6 +158,15 @@ <groupId>com.att.research.xacml</groupId> <artifactId>xacml-pdp</artifactId> <version>1.0.1</version> + <exclusions> + <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We + are not using that PIP and can safely exclude this jar to resolve CLM issue. + --> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.onap.policy.drools-pdp</groupId> |