diff options
Diffstat (limited to 'controlloop/common/guard/pom.xml')
-rw-r--r-- | controlloop/common/guard/pom.xml | 48 |
1 files changed, 36 insertions, 12 deletions
diff --git a/controlloop/common/guard/pom.xml b/controlloop/common/guard/pom.xml index 7dc85d778..d1beed58d 100644 --- a/controlloop/common/guard/pom.xml +++ b/controlloop/common/guard/pom.xml @@ -36,18 +36,42 @@ <scope>provided</scope> </dependency> <dependency> - <groupId>com.att.research.xacml</groupId> - <artifactId>xacml-pdp</artifactId> - <version>1.0.2</version> - <exclusions> - <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We - are not using that PIP and can safely exclude this jar to resolve CLM issue. - --> - <exclusion> - <groupId>commons-collections</groupId> - <artifactId>commons-collections</artifactId> - </exclusion> - </exclusions> + <groupId>com.att.research.xacml</groupId> + <artifactId>xacml-pdp</artifactId> + <version>1.0.2</version> + <exclusions> + <!-- + Exclude jars with an older version or that are insecure and not needed. + --> + <exclusion> + <artifactId>commons-codec</artifactId> + <groupId>commons-codec</groupId> + </exclusion> + <exclusion> + <artifactId>commons-logging</artifactId> + <groupId>commons-logging</groupId> + </exclusion> + <exclusion> + <artifactId>guava</artifactId> + <groupId>com.google.guava</groupId> + </exclusion> + <exclusion> + <artifactId>commons-lang3</artifactId> + <groupId>org.apache.commons</groupId> + </exclusion> + <exclusion> + <artifactId>jackson-databind</artifactId> + <groupId>com.fasterxml.jackson.core</groupId> + </exclusion> + <exclusion> + <artifactId>commons-collections</artifactId> + <groupId>commons-collections</groupId> + </exclusion> + <exclusion> + <artifactId>commons-lang</artifactId> + <groupId>commons-lang</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>junit</groupId> |