diff options
author | liamfallon <liam.fallon@est.tech> | 2022-04-08 18:20:13 +0100 |
---|---|---|
committer | liamfallon <liam.fallon@est.tech> | 2022-04-08 19:13:53 +0100 |
commit | c2e24ec6c9a3dab70f707744aa5bfda4f078b92e (patch) | |
tree | 26061baa4cba916d86d702fd4f2e1706dc40425e | |
parent | 21389fc50ae79f7f980534c2d2b5346744f4315c (diff) |
Further security dependency changes
Moving the Jackson dependencies into the managed dependency section
gives us more control over Jackson
Issue-ID: POLICY-4070
Change-Id: Idf6e99c3300c4f649db3bb9660d209fced7b27fb
Signed-off-by: liamfallon <liam.fallon@est.tech>
-rw-r--r-- | integration/pom.xml | 119 |
1 files changed, 109 insertions, 10 deletions
diff --git a/integration/pom.xml b/integration/pom.xml index 3bc2c1ba..8bdb5189 100644 --- a/integration/pom.xml +++ b/integration/pom.xml @@ -44,10 +44,10 @@ <version.eclipselink>2.7.8</version.eclipselink> <version.drools>7.66.0.Final</version.drools> <version.jersey>2.34</version.jersey> - <version.jackson>2.12.6.1</version.jackson> - <version.jackson.annotations>2.12.4</version.jackson.annotations> + <version.jackson>2.12.6</version.jackson> + <version.jackson.databind>2.12.6.1</version.jackson.databind> <version.ccsdk>1.1.5</version.ccsdk> - <version.swagger>1.6.2</version.swagger> + <version.swagger>1.6.6</version.swagger> <version.javax.bind>2.3.1</version.javax.bind> <version.javax.json>1.1.4</version.javax.json> <version.netty>4.1.70.Final</version.netty> @@ -93,9 +93,100 @@ <!-- Jackson - needed by glassfish jersey --> <dependency> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-core</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-databind</artifactId> + <version>${version.jackson.databind}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-annotations</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> <groupId>com.fasterxml.jackson.module</groupId> <artifactId>jackson-module-jaxb-annotations</artifactId> - <version>${version.jackson.annotations}</version> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.module</groupId> + <artifactId>jackson-module-jsonSchema</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.module</groupId> + <artifactId>jackson-module-parameter-names</artifactId> + <version>${version.jackson}</version> + </dependency> + + <!-- Overriding this one breaks drools-applicaiotns --> + <!--dependency> + <groupId>com.fasterxml.jackson.module</groupId> + <artifactId>jackson-module-kotlin</artifactId> + <version>${version.jackson}</version> + </dependency--> + + <dependency> + <groupId>com.fasterxml.jackson.module</groupId> + <artifactId>jackson-module-scala_2.12</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.dataformat</groupId> + <artifactId>jackson-dataformat-yaml</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.dataformat</groupId> + <artifactId>jackson-dataformat-xml</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.dataformat</groupId> + <artifactId>jackson-dataformat-csv</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.datatype</groupId> + <artifactId>jackson-datatype-jdk8</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.datatype</groupId> + <artifactId>jackson-datatype-jsr310</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.datatype</groupId> + <artifactId>jackson-datatype-joda</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.jaxrs</groupId> + <artifactId>jackson-jaxrs-base</artifactId> + <version>${version.jackson}</version> + </dependency> + + <dependency> + <groupId>com.fasterxml.jackson.jaxrs</groupId> + <artifactId>jackson-jaxrs-json-provider</artifactId> + <version>${version.jackson}</version> </dependency> <!-- Jersey --> @@ -163,12 +254,6 @@ <groupId>org.glassfish.jersey.media</groupId> <artifactId>jersey-media-json-jackson</artifactId> <version>${version.jersey}</version> - <exclusions> - <exclusion> - <groupId>com.fasterxml.jackson.module</groupId> - <artifactId>jackson-module-jaxb-annotations</artifactId> - </exclusion> - </exclusions> </dependency> <dependency> @@ -346,6 +431,20 @@ <groupId>org.onap.dmaap.messagerouter.dmaapclient</groupId> <artifactId>dmaapClient</artifactId> <version>${version.dmaap}</version> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + </exclusion> + <exclusion> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> + <exclusion> + <artifactId>apache-log4j-extras</artifactId> + <groupId>log4j</groupId> + </exclusion> + </exclusions> </dependency> <!-- CDS dependencies --> |