diff options
| author |   adheli.tavares <adheli.tavares@est.tech> | 2024-03-12 15:50:35 +0000 |
|---|---|---|
| committer | adheli.tavares <adheli.tavares@est.tech> | 2024-03-12 15:51:59 +0000 |
| commit | 7161044baa64d79c7b5dd174b76c5840f5558344 (patch) | |
| tree | d27eafd4ba3473cc187c328c7a6e54849e131c69 | |
| parent | 30ad30c5a31df96e35d2276d095a72b5e3954b39 (diff) | |
Update dependencies for security fixes
- updated spring framework
- updated postgresql
- changed a few libs to latest version
- removed oparent dependency management to avoid old libs to return
Issue-ID: POLICY-4945
Change-Id: Ia191d2192944bec55218174f64e7611167f38609
Signed-off-by: adheli.tavares <adheli.tavares@est.tech>
| -rw-r--r-- | integration/pom.xml | 115 | ||||
| -rw-r--r-- | pom.xml | 14 |
2 files changed, 91 insertions, 38 deletions
diff --git a/integration/pom.xml b/integration/pom.xml index e0079c83..0728add4 100644 --- a/integration/pom.xml +++ b/integration/pom.xml @@ -2,7 +2,7 @@ ============LICENSE_START======================================================= Copyright (C) 2018 Ericsson. All rights reserved. Modifications Copyright (C) 2018-2023 AT&T. All rights reserved. - Modifications Copyright (C) 2019-2023 Nordix Foundation. + Modifications Copyright (C) 2019-2024 Nordix Foundation. Modifications Copyright (C) 2020-2022 Bell Canada. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); @@ -45,22 +45,24 @@ <docker.push.registry>nexus3.onap.org:10003</docker.push.registry> <!-- Dependency Versions --> <version.ccsdk>1.5.3</version.ccsdk> - <version.cucumber>7.13.0</version.cucumber> + <version.cucumber>7.15.0</version.cucumber> <version.docker-java>3.3.2</version.docker-java> - <version.drools>8.44.0.Final</version.drools> + <version.drools>9.44.0.Final</version.drools> <version.frontend.maven>1.13.4</version.frontend.maven> <version.io.prometheus>0.16.0</version.io.prometheus> <version.jackson>2.16.1</version.jackson> - <version.jacoco>0.8.10</version.jacoco> + <version.jacoco>0.8.11</version.jacoco> + <version.jaxb>4.0.5</version.jaxb> <version.jersey>3.1.5</version.jersey> <version.jetty>11.0.20</version.jetty> - <version.jupiter>5.10.1</version.jupiter> + <version.jupiter>5.10.2</version.jupiter> <version.kafka>3.6.1</version.kafka> - <version.log4j>2.20.0</version.log4j> + <version.kotlin>1.9.22</version.kotlin> + <version.log4j>2.23.1</version.log4j> <version.logback>1.4.14</version.logback> <version.maven-remote-resources-plugin>3.1.0</version.maven-remote-resources-plugin> <version.medeia.validator>1.1.1</version.medeia.validator> - <version.micrometer>1.11.4</version.micrometer> + <version.micrometer>1.11.10</version.micrometer> <version.mockito>5.5.0</version.mockito> <version.mockserver>5.15.0</version.mockserver> <version.netty>4.1.100.Final</version.netty> @@ -69,10 +71,10 @@ <version.plexus>3.5.0</version.plexus> <version.sdc-dist>2.1.1</version.sdc-dist> <version.sdc-tosca>1.9.0</version.sdc-tosca> - <version.slf4j>2.0.11</version.slf4j> - <version.spring>6.0.16</version.spring> - <version.springboot>3.1.8</version.springboot> - <version.spring-security>6.1.6</version.spring-security> + <version.slf4j>2.0.12</version.slf4j> + <version.spring>6.0.17</version.spring> + <version.springboot>3.1.9</version.springboot> + <version.spring-security>6.1.7</version.spring-security> <version.swagger.codegen.v3>3.0.52</version.swagger.codegen.v3> <version.swagger.core.v3>2.2.20</version.swagger.core.v3> <surefireArgLine> @@ -99,6 +101,7 @@ <artifactId>jackson-bom</artifactId> <version>${version.jackson}</version> <type>pom</type> + <scope>import</scope> </dependency> <dependency> <groupId>org.glassfish.jersey.containers</groupId> @@ -125,6 +128,11 @@ <artifactId>jetty-http</artifactId> <version>${version.jetty}</version> </dependency> + <dependency> + <groupId>org.eclipse.jetty</groupId> + <artifactId>jetty-servlet</artifactId> + <version>${version.jetty}</version> + </dependency> <!-- Prometheus Client Libraries --> <dependency> @@ -155,32 +163,42 @@ <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>32.1.3-jre</version> + <version>33.0.0-jre</version> </dependency> <!-- Jakarta dependencies --> <dependency> <groupId>jakarta.xml.bind</groupId> <artifactId>jakarta.xml.bind-api</artifactId> - <version>4.0.1</version> + <version>4.0.2</version> </dependency> <dependency> <groupId>com.sun.xml.bind</groupId> <artifactId>jaxb-impl</artifactId> - <version>4.0.4</version> + <version>${version.jaxb}</version> + </dependency> + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-core</artifactId> + <version>${version.jaxb}</version> </dependency> <dependency> <groupId>org.glassfish.jaxb</groupId> <artifactId>jaxb-core</artifactId> - <version>4.0.4</version> + <version>${version.jaxb}</version> </dependency> <dependency> <groupId>org.glassfish.jaxb</groupId> <artifactId>jaxb-runtime</artifactId> - <version>4.0.4</version> + <version>${version.jaxb}</version> <scope>compile</scope> </dependency> <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-xjc</artifactId> + <version>${version.jaxb}</version> + </dependency> + <dependency> <groupId>jakarta.servlet</groupId> <artifactId>jakarta.servlet-api</artifactId> <version>6.0.0</version> @@ -232,13 +250,13 @@ <dependency> <groupId>org.mariadb.jdbc</groupId> <artifactId>mariadb-java-client</artifactId> - <version>3.1.4</version> + <version>3.3.3</version> </dependency> <!-- Postgres --> <dependency> <groupId>org.postgresql</groupId> <artifactId>postgresql</artifactId> - <version>42.6.0</version> + <version>42.7.2</version> </dependency> <!-- Kafka --> <dependency> @@ -250,12 +268,12 @@ <dependency> <groupId>org.apache.httpcomponents.core5</groupId> <artifactId>httpcore5</artifactId> - <version>5.2.2</version> + <version>5.2.4</version> </dependency> <dependency> <groupId>org.apache.httpcomponents.client5</groupId> <artifactId>httpclient5</artifactId> - <version>5.2.1</version> + <version>5.3.1</version> </dependency> <!-- JSON marshalling and unmarshalling --> @@ -267,7 +285,7 @@ <dependency> <groupId>org.json</groupId> <artifactId>json</artifactId> - <version>20231013</version> + <version>20240303</version> </dependency> <dependency> <groupId>com.worldturner.medeia</groupId> @@ -288,7 +306,7 @@ <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> - <version>1.18.28</version> + <version>1.18.30</version> </dependency> <!-- Logging --> <dependency> @@ -468,7 +486,7 @@ <dependency> <groupId>com.h2database</groupId> <artifactId>h2</artifactId> - <version>2.2.220</version> + <version>2.2.224</version> <scope>test</scope> </dependency> <!-- JUNIT --> @@ -508,7 +526,7 @@ <dependency> <groupId>org.assertj</groupId> <artifactId>assertj-core</artifactId> - <version>3.24.2</version> + <version>3.25.3</version> <scope>test</scope> </dependency> <!-- Mock libraries --> @@ -630,6 +648,11 @@ <artifactId>commons-jexl3</artifactId> <version>3.2.1</version> </dependency> + <dependency> + <groupId>commons-beanutils</groupId> + <artifactId>commons-beanutils</artifactId> + <version>1.9.4</version> + </dependency> <!-- Github --> <dependency> <groupId>com.github.docker-java</groupId> @@ -763,7 +786,7 @@ <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-core</artifactId> - <version>10.1.18</version> + <version>10.1.19</version> </dependency> <dependency> <groupId>org.springframework</groupId> @@ -792,6 +815,48 @@ <artifactId>bcpkix-fips</artifactId> <version>1.0.7</version> </dependency> + <dependency> + <groupId>io.opentelemetry.instrumentation</groupId> + <artifactId>opentelemetry-kafka-clients-2.6</artifactId> + <version>1.25.0-alpha</version> + </dependency> + <dependency> + <groupId>io.opentelemetry</groupId> + <artifactId>opentelemetry-exporter-otlp</artifactId> + <version>1.25.0</version> + </dependency> + <dependency> + <groupId>io.opentelemetry</groupId> + <artifactId>opentelemetry-sdk-extension-autoconfigure</artifactId> + <version>1.25.0-alpha</version> + </dependency> + <dependency> + <groupId>io.micrometer</groupId> + <artifactId>micrometer-tracing-bridge-otel</artifactId> + <version>1.1.8</version> + </dependency> + <dependency> + <groupId>io.opentelemetry</groupId> + <artifactId>opentelemetry-sdk-extension-jaeger-remote-sampler</artifactId> + <version>1.25.0</version> + </dependency> + + <!-- Kotlin dependencies --> + <dependency> + <groupId>org.jetbrains.kotlin</groupId> + <artifactId>kotlin-stdlib</artifactId> + <version>${version.kotlin}</version> + </dependency> + <dependency> + <groupId>org.jetbrains.kotlin</groupId> + <artifactId>kotlin-stdlib-jdk8</artifactId> + <version>${version.kotlin}</version> + </dependency> + <dependency> + <groupId>org.jetbrains.kotlin</groupId> + <artifactId>kotlin-reflect</artifactId> + <version>${version.kotlin}</version> + </dependency> </dependencies> </dependencyManagement> <scm> @@ -2,7 +2,7 @@ ============LICENSE_START======================================================= Copyright (C) 2018 Ericsson. All rights reserved. Modifications Copyright (C) 2020-2021 AT&T. All rights reserved. - Modifications Copyright (C) 2021 Nordix Foundation. + Modifications Copyright (C) 2021, 2024 Nordix Foundation. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -42,18 +42,6 @@ <module>integration</module> </modules> - <dependencyManagement> - <dependencies> - <dependency> - <groupId>org.onap.oparent</groupId> - <artifactId>dependencies</artifactId> - <version>${oparent.version}</version> - <type>pom</type> - <scope>import</scope> - </dependency> - </dependencies> - </dependencyManagement> - <build> <pluginManagement> <plugins> |