summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPamela Dragosh <pdragosh@research.att.com>2018-02-07 15:41:30 -0500
committerPamela Dragosh <pdragosh@research.att.com>2018-02-07 15:59:44 -0500
commitbcdb1e1a529d31d3f03482ca784a1799655ce544 (patch)
tree85f8720e38a910960cedd27735acb979ccadd4c5
parent6a44b2926f33b427904c2f3e7962d0dfc360c482 (diff)
Upgrade dependencies to clear security issues
A bit of consolidation too - which could use a lot more work. These were simple security upgrades for fixes identified by LF weekly LCM job. Added some missing license headers. Issue-ID: POLICY-507 Change-Id: If285b0f95d30a1084c9363bf6a41b48d52fb3aff Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
-rw-r--r--BRMSGateway/pom.xml12
-rw-r--r--ONAP-PAP-REST/pom.xml11
-rw-r--r--ONAP-PDP-REST/pom.xml9
-rw-r--r--ONAP-PDP/pom.xml4
-rw-r--r--ONAP-REST/pom.xml4
-rw-r--r--ONAP-SDK-APP/pom.xml3
-rw-r--r--POLICY-SDK-APP/pom.xml30
-rw-r--r--PolicyEngineAPI/pom.xml8
-rw-r--r--PolicyEngineClient/pom.xml4
-rw-r--r--PolicyEngineUtils/pom.xml4
-rw-r--r--pom.xml22
11 files changed, 72 insertions, 39 deletions
diff --git a/BRMSGateway/pom.xml b/BRMSGateway/pom.xml
index 6f530b376..4c88768da 100644
--- a/BRMSGateway/pom.xml
+++ b/BRMSGateway/pom.xml
@@ -2,7 +2,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine
================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -49,12 +49,12 @@
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model</artifactId>
- <version>2.2.1</version>
+ <version>3.3.9</version>
</dependency>
<dependency>
<groupId>org.apache.maven.shared</groupId>
<artifactId>maven-invoker</artifactId>
- <version>2.2</version>
+ <version>3.0.0</version>
</dependency>
<dependency>
<groupId>org.onap.policy.common</groupId>
@@ -64,12 +64,12 @@
<dependency>
<groupId>org.sonatype.nexus</groupId>
<artifactId>nexus-rest-client-java</artifactId>
- <version>2.3.1</version>
+ <version>2.3.1-01</version>
</dependency>
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
- <version>1.3.1</version>
+ <version>1.4.10</version>
</dependency>
<dependency>
<groupId>com.att.nsa</groupId>
@@ -100,7 +100,7 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.5.2</version>
+ <version>${httpclient.version}</version>
</dependency>
</dependencies>
<build>
diff --git a/ONAP-PAP-REST/pom.xml b/ONAP-PAP-REST/pom.xml
index f0e3f334f..ca7de6b88 100644
--- a/ONAP-PAP-REST/pom.xml
+++ b/ONAP-PAP-REST/pom.xml
@@ -144,7 +144,7 @@
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
- <version>1.3.1</version>
+ <version>${commons.fileupload.version}</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
@@ -278,17 +278,17 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.6.3</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.module</groupId>
@@ -347,9 +347,8 @@
</dependency>
</dependencies>
<properties>
- <springframework.version>4.2.0.RELEASE</springframework.version>
+ <springframework.version>4.3.3.RELEASE</springframework.version>
<hibernate.version>4.3.10.Final</hibernate.version>
<projectversion>2.0.2</projectversion>
- <jackson.version>2.6.0</jackson.version>
</properties>
</project>
diff --git a/ONAP-PDP-REST/pom.xml b/ONAP-PDP-REST/pom.xml
index 31649cb48..ed9481f37 100644
--- a/ONAP-PDP-REST/pom.xml
+++ b/ONAP-PDP-REST/pom.xml
@@ -3,7 +3,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine
================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -182,7 +182,7 @@
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
- <version>2.5.0</version>
+ <version>2.8.0</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
@@ -191,11 +191,6 @@
</exclusions>
</dependency>
<dependency>
- <groupId>io.springfox</groupId>
- <artifactId>springfox-swagger-ui</artifactId>
- <version>2.5.0</version>
- </dependency>
- <dependency>
<groupId>org.onap.policy.engine</groupId>
<artifactId>PolicyEngineAPI</artifactId>
<version>${project.version}</version>
diff --git a/ONAP-PDP/pom.xml b/ONAP-PDP/pom.xml
index 4e1962e86..456217a6b 100644
--- a/ONAP-PDP/pom.xml
+++ b/ONAP-PDP/pom.xml
@@ -3,7 +3,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine
================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -41,7 +41,7 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.4.1</version>
+ <version>${httpclient.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
diff --git a/ONAP-REST/pom.xml b/ONAP-REST/pom.xml
index 499ec195f..27f3582ef 100644
--- a/ONAP-REST/pom.xml
+++ b/ONAP-REST/pom.xml
@@ -3,7 +3,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine
================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -188,7 +188,7 @@
</dependencies>
<properties>
- <springframework.version>4.2.0.RELEASE</springframework.version>
+ <springframework.version>4.3.3.RELEASE</springframework.version>
<hibernate.version>4.3.10.Final</hibernate.version>
</properties>
</project>
diff --git a/ONAP-SDK-APP/pom.xml b/ONAP-SDK-APP/pom.xml
index e1497ccac..67f810e12 100644
--- a/ONAP-SDK-APP/pom.xml
+++ b/ONAP-SDK-APP/pom.xml
@@ -2,7 +2,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine
================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -36,7 +36,6 @@
<!-- Skip assembling the zip; assemble via mvn -Dskipassembly=false .. -->
<skipassembly>true</skipassembly>
<!-- Tests usually require some setup that maven cannot do, so skip. -->
- <jackson.version>2.6.0</jackson.version>
<sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**,src/main/webapp/**/*</sonar.exclusions>
<!-- Version number gets stored only here -->
<tomcat.download.path>http://archive.apache.org/dist/tomcat/tomcat-8/v8.0.37/bin</tomcat.download.path>
diff --git a/POLICY-SDK-APP/pom.xml b/POLICY-SDK-APP/pom.xml
index 60bc1c12d..fa7c99c25 100644
--- a/POLICY-SDK-APP/pom.xml
+++ b/POLICY-SDK-APP/pom.xml
@@ -1,3 +1,22 @@
+<!--
+ ============LICENSE_START=======================================================
+ ONAP Policy Engine
+ ================================================================================
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
@@ -50,11 +69,10 @@
<properties>
<encoding>UTF-8</encoding>
<epsdk.version>2.1.0-SNAPSHOT</epsdk.version>
- <springframework.version>4.2.0.RELEASE</springframework.version>
+ <springframework.version>4.3.3.RELEASE</springframework.version>
<hibernate.version>4.3.11.Final</hibernate.version>
<skipassembly>true</skipassembly>
<skiptests>false</skiptests>
- <jackson.version>2.6.0</jackson.version>
<sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**,src/main/webapp/app/policyApp/CSS/**/*,src/main/webapp/app/policyApp/libs/**/*</sonar.exclusions>
</properties>
<dependencies>
@@ -127,17 +145,17 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.6.3</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.module</groupId>
@@ -198,7 +216,7 @@
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
- <version>1.3.1</version>
+ <version>${commons.fileupload.version}</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
diff --git a/PolicyEngineAPI/pom.xml b/PolicyEngineAPI/pom.xml
index 1c2f5b845..be3700eba 100644
--- a/PolicyEngineAPI/pom.xml
+++ b/PolicyEngineAPI/pom.xml
@@ -3,7 +3,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine
================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -34,7 +34,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.8.5</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish</groupId>
@@ -44,7 +44,7 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.3.1</version>
+ <version>${httpclient.version}</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
@@ -59,7 +59,7 @@
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
- <version>1.3.1</version>
+ <version>${commons.fileupload.version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
diff --git a/PolicyEngineClient/pom.xml b/PolicyEngineClient/pom.xml
index 722c994c8..3703ad1e1 100644
--- a/PolicyEngineClient/pom.xml
+++ b/PolicyEngineClient/pom.xml
@@ -3,7 +3,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine
================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -42,7 +42,7 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.5</version>
+ <version>${httpclient.version}</version>
</dependency>
</dependencies>
<build>
diff --git a/PolicyEngineUtils/pom.xml b/PolicyEngineUtils/pom.xml
index 3db9c9ede..9e2e13b15 100644
--- a/PolicyEngineUtils/pom.xml
+++ b/PolicyEngineUtils/pom.xml
@@ -2,7 +2,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine
================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -70,7 +70,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.7.5</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.github.fge</groupId>
diff --git a/pom.xml b/pom.xml
index 0eb2f4302..4dce81ca9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,3 +1,22 @@
+<!--
+ ============LICENSE_START=======================================================
+ ONAP Policy Engine
+ ================================================================================
+ Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
@@ -31,6 +50,9 @@
<snapshots.path>content/repositories/snapshots/</snapshots.path>
<staging.path>content/repositories/staging/</staging.path>
<dmaap.version>1.0.0</dmaap.version>
+ <httpclient.version>4.5.5</httpclient.version>
+ <jackson.version>2.9.3</jackson.version>
+ <commons.fileupload.version>1.3.3</commons.fileupload.version>
</properties>