summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorliamfallon <liam.fallon@est.tech>2022-04-08 18:20:13 +0100
committerliamfallon <liam.fallon@est.tech>2022-04-08 19:13:53 +0100
commitc2e24ec6c9a3dab70f707744aa5bfda4f078b92e (patch)
tree26061baa4cba916d86d702fd4f2e1706dc40425e
parent21389fc50ae79f7f980534c2d2b5346744f4315c (diff)
Further security dependency changes
Moving the Jackson dependencies into the managed dependency section gives us more control over Jackson Issue-ID: POLICY-4070 Change-Id: Idf6e99c3300c4f649db3bb9660d209fced7b27fb Signed-off-by: liamfallon <liam.fallon@est.tech>
-rw-r--r--integration/pom.xml119
1 files changed, 109 insertions, 10 deletions
diff --git a/integration/pom.xml b/integration/pom.xml
index 3bc2c1ba..8bdb5189 100644
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -44,10 +44,10 @@
<version.eclipselink>2.7.8</version.eclipselink>
<version.drools>7.66.0.Final</version.drools>
<version.jersey>2.34</version.jersey>
- <version.jackson>2.12.6.1</version.jackson>
- <version.jackson.annotations>2.12.4</version.jackson.annotations>
+ <version.jackson>2.12.6</version.jackson>
+ <version.jackson.databind>2.12.6.1</version.jackson.databind>
<version.ccsdk>1.1.5</version.ccsdk>
- <version.swagger>1.6.2</version.swagger>
+ <version.swagger>1.6.6</version.swagger>
<version.javax.bind>2.3.1</version.javax.bind>
<version.javax.json>1.1.4</version.javax.json>
<version.netty>4.1.70.Final</version.netty>
@@ -93,9 +93,100 @@
<!-- Jackson - needed by glassfish jersey -->
<dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-core</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ <version>${version.jackson.databind}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-annotations</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
<groupId>com.fasterxml.jackson.module</groupId>
<artifactId>jackson-module-jaxb-annotations</artifactId>
- <version>${version.jackson.annotations}</version>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.module</groupId>
+ <artifactId>jackson-module-jsonSchema</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.module</groupId>
+ <artifactId>jackson-module-parameter-names</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <!-- Overriding this one breaks drools-applicaiotns -->
+ <!--dependency>
+ <groupId>com.fasterxml.jackson.module</groupId>
+ <artifactId>jackson-module-kotlin</artifactId>
+ <version>${version.jackson}</version>
+ </dependency-->
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.module</groupId>
+ <artifactId>jackson-module-scala_2.12</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.dataformat</groupId>
+ <artifactId>jackson-dataformat-yaml</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.dataformat</groupId>
+ <artifactId>jackson-dataformat-xml</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.dataformat</groupId>
+ <artifactId>jackson-dataformat-csv</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.datatype</groupId>
+ <artifactId>jackson-datatype-jdk8</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.datatype</groupId>
+ <artifactId>jackson-datatype-jsr310</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.datatype</groupId>
+ <artifactId>jackson-datatype-joda</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.jaxrs</groupId>
+ <artifactId>jackson-jaxrs-base</artifactId>
+ <version>${version.jackson}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.jaxrs</groupId>
+ <artifactId>jackson-jaxrs-json-provider</artifactId>
+ <version>${version.jackson}</version>
</dependency>
<!-- Jersey -->
@@ -163,12 +254,6 @@
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-json-jackson</artifactId>
<version>${version.jersey}</version>
- <exclusions>
- <exclusion>
- <groupId>com.fasterxml.jackson.module</groupId>
- <artifactId>jackson-module-jaxb-annotations</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
@@ -346,6 +431,20 @@
<groupId>org.onap.dmaap.messagerouter.dmaapclient</groupId>
<artifactId>dmaapClient</artifactId>
<version>${version.dmaap}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <artifactId>apache-log4j-extras</artifactId>
+ <groupId>log4j</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- CDS dependencies -->