diff options
| -rw-r--r-- | controlloop/common/eventmanager/pom.xml | 9 | ||||
| -rw-r--r-- | controlloop/common/guard/pom.xml | 9 | ||||
| -rw-r--r-- | controlloop/packages/artifacts/pom.xml | 9 | ||||
| -rw-r--r-- | controlloop/templates/template.demo/pom.xml | 9 |
4 files changed, 36 insertions, 0 deletions
diff --git a/controlloop/common/eventmanager/pom.xml b/controlloop/common/eventmanager/pom.xml index d0ce65138..6264e7e41 100644 --- a/controlloop/common/eventmanager/pom.xml +++ b/controlloop/common/eventmanager/pom.xml @@ -48,6 +48,15 @@ <artifactId>xacml</artifactId> <version>1.0.1</version> <scope>provided</scope> + <exclusions> + <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We + are not using that PIP and can safely exclude this jar to resolve CLM issue. + --> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.onap.policy.drools-applications.controlloop.common.actors</groupId> diff --git a/controlloop/common/guard/pom.xml b/controlloop/common/guard/pom.xml index 36c7e1918..ae3dbde98 100644 --- a/controlloop/common/guard/pom.xml +++ b/controlloop/common/guard/pom.xml @@ -20,6 +20,15 @@ <groupId>com.att.research.xacml</groupId> <artifactId>xacml-pdp</artifactId> <version>1.0.1</version> + <exclusions> + <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We + are not using that PIP and can safely exclude this jar to resolve CLM issue. + --> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>junit</groupId> diff --git a/controlloop/packages/artifacts/pom.xml b/controlloop/packages/artifacts/pom.xml index 0965fa034..3b49a75ce 100644 --- a/controlloop/packages/artifacts/pom.xml +++ b/controlloop/packages/artifacts/pom.xml @@ -190,6 +190,15 @@ <artifactId>xacml-pdp</artifactId> <version>1.0.1</version> <type>jar</type> + <exclusions> + <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We + are not using that PIP and can safely exclude this jar to resolve CLM issue. + --> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + </exclusions> </dependency> </dependencies> </project> diff --git a/controlloop/templates/template.demo/pom.xml b/controlloop/templates/template.demo/pom.xml index f2700e7d5..ab6997522 100644 --- a/controlloop/templates/template.demo/pom.xml +++ b/controlloop/templates/template.demo/pom.xml @@ -132,6 +132,15 @@ <artifactId>xacml</artifactId> <version>1.0.1</version> <scope>test</scope> + <exclusions> + <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We + are not using that PIP and can safely exclude this jar to resolve CLM issue. + --> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>com.att.research.xacml</groupId> |