summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ONAP-PDP/pom.xml9
-rw-r--r--ONAP-XACML/pom.xml9
2 files changed, 18 insertions, 0 deletions
diff --git a/ONAP-PDP/pom.xml b/ONAP-PDP/pom.xml
index d302c955d..dc3953b76 100644
--- a/ONAP-PDP/pom.xml
+++ b/ONAP-PDP/pom.xml
@@ -73,6 +73,15 @@
<groupId>com.att.research.xacml</groupId>
<artifactId>xacml-pdp</artifactId>
<version>1.0.1</version>
+ <exclusions>
+ <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We
+ are not using that PIP and can safely exclude this jar to resolve CLM issue.
+ -->
+ <exclusion>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>junit</groupId>
diff --git a/ONAP-XACML/pom.xml b/ONAP-XACML/pom.xml
index c399e3fa9..b6f12c005 100644
--- a/ONAP-XACML/pom.xml
+++ b/ONAP-XACML/pom.xml
@@ -83,6 +83,15 @@
<groupId>com.att.research.xacml</groupId>
<artifactId>xacml</artifactId>
<version>1.0.1</version>
+ <exclusions>
+ <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We
+ are not using that PIP and can safely exclude this jar to resolve CLM issue.
+ -->
+ <exclusion>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
</dependencies>
</project>