diff options
author | vasraz <vasyl.razinkov@est.tech> | 2023-03-22 23:14:29 +0000 |
---|---|---|
committer | Vasyl Razinkov <vasyl.razinkov@est.tech> | 2023-03-23 10:05:13 +0000 |
commit | 1e7e19b4d1ddf05309e3e43d5ecb9138902b19b8 (patch) | |
tree | 002f5d119eba60240b1ddcc32243bc9117190122 | |
parent | 30e99b484fcc96d2304a05db5d8972d2250f0756 (diff) |
Upgrade vulnerable dependencies
Fix missing default no-args constructor
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: Icfcbe0ec577b2d629179fa46e42141c196e08970
Issue-ID: SDC-4287
Issue-ID: SDC-4446
-rw-r--r-- | common-app-api/pom.xml | 2 | ||||
-rw-r--r-- | common-be-tests-utils/pom.xml | 4 | ||||
-rw-r--r-- | common-be/pom.xml | 4 | ||||
-rw-r--r-- | common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMap.java | 55 | ||||
-rw-r--r-- | common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMapAppenderConstructor.java | 19 | ||||
-rw-r--r-- | integration-tests/pom.xml | 2 | ||||
-rw-r--r-- | pom.xml | 42 | ||||
-rw-r--r-- | utils/webseal-simulator/pom.xml | 8 |
8 files changed, 112 insertions, 24 deletions
diff --git a/common-app-api/pom.xml b/common-app-api/pom.xml index 7f137acbb2..7e4baae68a 100644 --- a/common-app-api/pom.xml +++ b/common-app-api/pom.xml @@ -334,7 +334,7 @@ <dependency> <groupId>org.codehaus.jettison</groupId> <artifactId>jettison</artifactId> - <version>1.3.3</version> + <version>1.5.3</version> </dependency> <dependency> diff --git a/common-be-tests-utils/pom.xml b/common-be-tests-utils/pom.xml index aa67b004f2..aeca54688f 100644 --- a/common-be-tests-utils/pom.xml +++ b/common-be-tests-utils/pom.xml @@ -28,6 +28,10 @@ <groupId>com.squareup.okhttp3</groupId> <artifactId>okhttp</artifactId> </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-annotations</artifactId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/common-be/pom.xml b/common-be/pom.xml index 0a57575916..74321488a1 100644 --- a/common-be/pom.xml +++ b/common-be/pom.xml @@ -32,6 +32,10 @@ <groupId>com.squareup.okhttp3</groupId> <artifactId>okhttp</artifactId> </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-annotations</artifactId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMap.java b/common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMap.java new file mode 100644 index 0000000000..52cda7651a --- /dev/null +++ b/common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMap.java @@ -0,0 +1,55 @@ +/* + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2023 Nordix Foundation. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.onap.sdc.tosca.services; + +import java.util.AbstractMap; +import java.util.LinkedHashMap; +import java.util.Map; +import java.util.Set; +import lombok.NoArgsConstructor; + +@NoArgsConstructor +public class StrictMap extends AbstractMap { + + private Map<Object, Object> delegate; + + public StrictMap(Map<Object, Object> delegate) { + this.delegate = delegate; + } + + @Override + public Object put(Object key, Object value) { + if (delegate == null) { + delegate = new LinkedHashMap<>(); + } + if (delegate.containsKey(key)) { + throw new IllegalStateException("duplicate key: " + key); + } + return delegate.put(key, value); + } + + @Override + public Set<Entry<Object, Object>> entrySet() { + if (delegate == null) { + delegate = new LinkedHashMap<>(); + } + return delegate.entrySet(); + } +} diff --git a/common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMapAppenderConstructor.java b/common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMapAppenderConstructor.java index 678ba00724..08af90a768 100644 --- a/common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMapAppenderConstructor.java +++ b/common/onap-tosca-datatype/src/main/java/org/onap/sdc/tosca/services/StrictMapAppenderConstructor.java @@ -19,9 +19,7 @@ */ package org.onap.sdc.tosca.services; -import java.util.AbstractMap; import java.util.Map; -import java.util.Set; import org.yaml.snakeyaml.constructor.Constructor; import org.yaml.snakeyaml.nodes.MappingNode; import org.yaml.snakeyaml.parser.ParserException; @@ -39,21 +37,7 @@ public class StrictMapAppenderConstructor extends Constructor { @Override protected Map<Object, Object> createDefaultMap(int initSize) { - final Map<Object, Object> delegate = super.createDefaultMap(initSize); - return new AbstractMap<>() { - @Override - public Object put(Object key, Object value) { - if (delegate.containsKey(key)) { - throw new IllegalStateException("duplicate key: " + key); - } - return delegate.put(key, value); - } - - @Override - public Set<Entry<Object, Object>> entrySet() { - return delegate.entrySet(); - } - }; + return new StrictMap(super.createDefaultMap(initSize)); } @Override @@ -64,4 +48,5 @@ public class StrictMapAppenderConstructor extends Constructor { throw new ParserException("while parsing MappingNode", node.getStartMark(), exception.getMessage(), node.getEndMark()); } } + } diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml index eea5c5afc7..3b47304c08 100644 --- a/integration-tests/pom.xml +++ b/integration-tests/pom.xml @@ -55,7 +55,7 @@ limitations under the License. <it.helm-validator.version>1.3.1</it.helm-validator.version> <!-- parser--> - <sdc-tosca-parser.version>1.7.0</sdc-tosca-parser.version> + <sdc-tosca-parser.version>1.8.0</sdc-tosca-parser.version> <docker.showLogs>false</docker.showLogs> </properties> @@ -47,7 +47,7 @@ Modifications copyright (c) 2018-2019 Nokia <lang3.version>3.10</lang3.version> <guava.version>30.1-jre</guava.version> <janusgraph.version>0.3.3</janusgraph.version> - <spring.version>5.3.20</spring.version> + <spring.version>5.3.25</spring.version> <spring.boot.version>2.2.13.RELEASE</spring.boot.version> <!-- update to 2.36 bring error--> @@ -91,14 +91,14 @@ Modifications copyright (c) 2018-2019 Nokia <keycloak.version>18.0.0</keycloak.version> <!-- JSON and YAML Parsing --> - <jackson.version>2.12.7</jackson.version> + <jackson.version>2.14.2</jackson.version> <jackson-annotations.version>${jackson.version}</jackson-annotations.version> <clearspring.version>2.1.1</clearspring.version> <skipYamlJsonValidator>false</skipYamlJsonValidator> <!-- Yaml for properties --> - <snakeyaml.version>1.29</snakeyaml.version> + <snakeyaml.version>1.33</snakeyaml.version> <functionaljava.version>4.9</functionaljava.version> <httpclient.version>4.5.13</httpclient.version> <httpcore.version>4.4.15</httpcore.version> @@ -172,12 +172,12 @@ Modifications copyright (c) 2018-2019 Nokia <sitePath>/content/sites/site/org/openecomp/sdc/${project.version}</sitePath> <staging.profile.id>176c31dfe190a</staging.profile.id> <!--togglz version--> - <togglz.version>2.6.1.Final</togglz.version> + <togglz.version>3.3.3</togglz.version> <joda.time.version>2.9.9</joda.time.version> <!--sdc-security-utils--> - <security.util.lib.version>1.7.1</security.util.lib.version> + <security.util.lib.version>1.8.0</security.util.lib.version> <!--jacoco--> <jacoco.version>0.8.7</jacoco.version> @@ -337,6 +337,18 @@ Modifications copyright (c) 2018-2019 Nokia <groupId>org.bouncycastle</groupId> <artifactId>*</artifactId> </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-core</artifactId> + </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-databind</artifactId> + </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-annotations</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -353,6 +365,18 @@ Modifications copyright (c) 2018-2019 Nokia <groupId>org.bouncycastle</groupId> <artifactId>*</artifactId> </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-core</artifactId> + </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-databind</artifactId> + </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-annotations</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -364,6 +388,14 @@ Modifications copyright (c) 2018-2019 Nokia <groupId>org.bouncycastle</groupId> <artifactId>*</artifactId> </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-core</artifactId> + </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-databind</artifactId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml index d9790e4708..73f22ef1da 100644 --- a/utils/webseal-simulator/pom.xml +++ b/utils/webseal-simulator/pom.xml @@ -65,6 +65,14 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpcore</artifactId> </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-core</artifactId> + </exclusion> + <exclusion> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-databind</artifactId> + </exclusion> </exclusions> </dependency> |