diff options
author | jz385p <jz385p@us.att.com> | 2020-06-03 12:50:14 +0530 |
---|---|---|
committer | Jegadeesh Babu <jegadeesh.babu@att.com> | 2020-06-17 11:10:10 +0000 |
commit | cfc431ee10a83ccc0a170ec4f8e674f6ccb63a8d (patch) | |
tree | 22a9339d0bec91a591b4a62f75f36ac45b8bc992 | |
parent | e276ad30dc38f55e06877df8fd0d3372534c8f47 (diff) |
Fixed few security issues from the dependencies
Fixed security vulnerable issues
Issue-ID: PORTAL-916
Change-Id: Icbc99c29f04f6390ab2903249ce92f25e2fb0fd2
Signed-off-by: jz385p <jegadeesh.babu@att.com>
5 files changed, 15 insertions, 46 deletions
diff --git a/ecomp-portal-BE-common/pom.xml b/ecomp-portal-BE-common/pom.xml index 82e9827c..526619fa 100644 --- a/ecomp-portal-BE-common/pom.xml +++ b/ecomp-portal-BE-common/pom.xml @@ -184,17 +184,7 @@ <artifactId>jaxb-api</artifactId> <version>2.4.0-b180830.0359</version> </dependency> - <dependency> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-starter</artifactId> - <version>1.3.1.RELEASE</version> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - </exclusion> - </exclusions> - </dependency> + <!-- Hibernate --> <dependency> <groupId>org.hibernate</groupId> @@ -290,17 +280,17 @@ <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-annotations</artifactId> - <version>2.8.10</version> + <version>2.10.0</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> - <version>2.8.10</version> + <version>2.10.0</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> - <version>2.8.11.4</version> + <version>2.10.0</version> </dependency> <dependency> <groupId>postgresql</groupId> diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/MicroserviceProxyController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/MicroserviceProxyController.java index 134d99ef..9b03b46f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/MicroserviceProxyController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/MicroserviceProxyController.java @@ -105,9 +105,16 @@ public class MicroserviceProxyController extends EPUnRestrictedBaseController { */ private boolean isValidJSON(String response) { try { + if(response != null && !response.isEmpty()) + { final ObjectMapper mapper = new ObjectMapper(); mapper.readTree(response); return true; + } + else + { + return false; + } } catch (IOException e) { logger.debug(EELFLoggerDelegate.debugLogger, "isValidJSON failed", e); return false; diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java index 6b06ee22..b40b8db6 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java @@ -661,7 +661,7 @@ public class ExternalAccessRolesControllerTest { Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList); PortalRestResponse<String> portalRestResponse = null; PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>(); - expectedportalRestResponse.setMessage(null); + expectedportalRestResponse.setMessage("argument \"content\" is null"); expectedportalRestResponse.setResponse("Failed"); expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR); Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey); diff --git a/ecomp-portal-BE-os/pom.xml b/ecomp-portal-BE-os/pom.xml index 398520cb..41615df5 100644 --- a/ecomp-portal-BE-os/pom.xml +++ b/ecomp-portal-BE-os/pom.xml @@ -251,21 +251,7 @@ <artifactId>spring-test</artifactId> <version>${springframework.version}</version> </dependency> - <dependency> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-starter</artifactId> - <version>1.3.0.RELEASE</version> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>ch.qos.logback</groupId> - <artifactId>logback-classic</artifactId> - </exclusion> - </exclusions> - </dependency> + <!-- Hibernate --> <dependency> <groupId>org.hibernate</groupId> @@ -315,21 +301,7 @@ <version>3.0.5</version> </dependency> <!-- Mapper --> - <dependency> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-annotations</artifactId> - <version>2.8.10</version> - </dependency> - <dependency> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-core</artifactId> - <version>2.8.10</version> - </dependency> - <dependency> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-databind</artifactId> - <version>2.8.10</version> - </dependency> + <dependency> <groupId>com.fasterxml</groupId> <artifactId>classmate</artifactId> @@ -34,7 +34,7 @@ <hibernate.version>4.3.11.Final</hibernate.version> <fasterxml.version>2.8.11.4</fasterxml.version> <!-- NOT provided by OParent, unfortunately --> - <jacocoVersion>0.7.6.201602180812</jacocoVersion> + <jacocoVersion>0.8.1</jacocoVersion> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <encoding>UTF-8</encoding> <!-- <sonar.exclusions>**/scripts/**/*,**.js</sonar.exclusions> --> |