diff options
author | vasraz <vasyl.razinkov@est.tech> | 2023-05-18 16:13:52 +0100 |
---|---|---|
committer | Michael Morris <michael.morris@est.tech> | 2023-05-25 12:09:03 +0000 |
commit | dffdf560049dac56f2c7d35dffec0e009c7939af (patch) | |
tree | 79ad6c154293db9719e370eee1ef4c9954287dd8 | |
parent | 468d0770593e167990df815e45cde717bd845d18 (diff) |
Update vulnerable dependencies
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: Ifedc08763f6d46e3bcba0367a81edc8e219865d0
Issue-ID: SDC-4504
-rw-r--r-- | asdctool/pom.xml | 18 | ||||
-rw-r--r-- | catalog-be/pom.xml | 7 | ||||
-rw-r--r-- | catalog-dao/pom.xml | 8 | ||||
-rw-r--r-- | catalog-model/pom.xml | 9 | ||||
-rw-r--r-- | catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java | 6 | ||||
-rw-r--r-- | onboarding/pom.xml | 1 | ||||
-rw-r--r-- | openecomp-be/tools/swagger-ui/pom.xml | 2 | ||||
-rw-r--r-- | openecomp-be/tools/zusammen-tools/pom.xml | 2 | ||||
-rw-r--r-- | pom.xml | 10 |
9 files changed, 32 insertions, 31 deletions
diff --git a/asdctool/pom.xml b/asdctool/pom.xml index 4dba42e290..6431e3132d 100644 --- a/asdctool/pom.xml +++ b/asdctool/pom.xml @@ -12,6 +12,10 @@ <version>1.12.4-SNAPSHOT</version> </parent> + <properties> + <apache-poi.version>5.2.3</apache-poi.version> + </properties> + <dependencies> <dependency> <groupId>com.google.guava</groupId> @@ -265,14 +269,7 @@ <scope>compile</scope> </dependency> - <!-- slf4j + logback --> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - <version>${slf4j-api.version}</version> - <scope>compile</scope> - </dependency> - + <!-- logback --> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> @@ -373,6 +370,10 @@ <scope>compile</scope> <exclusions> <exclusion> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + </exclusion> + <exclusion> <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> @@ -654,6 +655,7 @@ <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> + <version>${mvn.assembly.version}</version> <executions> <execution> <configuration> diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml index 987b2e7c64..cea9a32c3b 100644 --- a/catalog-be/pom.xml +++ b/catalog-be/pom.xml @@ -41,12 +41,6 @@ <version>${jsoup.version}</version> </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - <version>${slf4j-api.version}</version> - </dependency> - <!--JSON and YAML Parsing--> <dependency> <groupId>com.fasterxml.jackson.core</groupId> @@ -1208,6 +1202,7 @@ <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> + <version>${mvn.assembly.version}</version> <executions> <execution> <id>normatives</id> diff --git a/catalog-dao/pom.xml b/catalog-dao/pom.xml index 279aa3a776..a4474d089a 100644 --- a/catalog-dao/pom.xml +++ b/catalog-dao/pom.xml @@ -374,6 +374,10 @@ Modifications copyright (c) 2018 Nokia <scope>provided</scope> <exclusions> <exclusion> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + </exclusion> + <exclusion> <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> @@ -483,6 +487,10 @@ Modifications copyright (c) 2018 Nokia <version>${cassandra-all.version}</version> <exclusions> <exclusion> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + </exclusion> + <exclusion> <groupId>org.apache.thrift</groupId> <artifactId>libthrift</artifactId> </exclusion> diff --git a/catalog-model/pom.xml b/catalog-model/pom.xml index eb09dc1796..2577bf01f7 100644 --- a/catalog-model/pom.xml +++ b/catalog-model/pom.xml @@ -270,6 +270,10 @@ <scope>provided</scope> <exclusions> <exclusion> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + </exclusion> + <exclusion> <artifactId>slf4j-log4j12</artifactId> <groupId>org.slf4j</groupId> </exclusion> @@ -486,11 +490,6 @@ <version>${lombok.version}</version> </dependency> <dependency> - <groupId>joda-time</groupId> - <artifactId>joda-time</artifactId> - <version>${joda.time.version}</version> - </dependency> - <dependency> <groupId>org.openecomp.sdc.core</groupId> <artifactId>openecomp-tosca-lib</artifactId> <version>${project.version}</version> diff --git a/catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java b/catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java index 72dc4aa7aa..0d44cff6e7 100644 --- a/catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java +++ b/catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java @@ -20,13 +20,12 @@ package org.openecomp.sdc.be.model; import com.fasterxml.jackson.annotation.JsonInclude; +import java.time.ZonedDateTime; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; import lombok.ToString; -import org.joda.time.DateTime; -import org.joda.time.DateTimeZone; import org.openecomp.sdc.be.dao.utils.UserStatusEnum; import org.openecomp.sdc.common.util.NoHtml; @@ -88,8 +87,7 @@ public class User { } public void setLastLoginTime() { - DateTime now = new DateTime(DateTimeZone.UTC); - this.lastLoginTime = now.getMillis(); + this.lastLoginTime = ZonedDateTime.now().toInstant().toEpochMilli(); } } diff --git a/onboarding/pom.xml b/onboarding/pom.xml index 44c4b1631b..04e7dc3f85 100644 --- a/onboarding/pom.xml +++ b/onboarding/pom.xml @@ -41,7 +41,6 @@ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <!-- Maven plugin versions --> - <mvn.assembly.version>2.1</mvn.assembly.version> <mvn.clean.version>2.5</mvn.clean.version> <mvn.resource.version>3.1.0</mvn.resource.version> <mvn.deploy.version>2.4</mvn.deploy.version> diff --git a/openecomp-be/tools/swagger-ui/pom.xml b/openecomp-be/tools/swagger-ui/pom.xml index 9f69310d0e..c136ef0dc9 100644 --- a/openecomp-be/tools/swagger-ui/pom.xml +++ b/openecomp-be/tools/swagger-ui/pom.xml @@ -109,7 +109,7 @@ <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> - <version>${mvn.assembly.version}</version> + <version>2.6</version> <configuration> <descriptor>assembly/swagger.xml</descriptor> <finalName>${plugin.name}</finalName> diff --git a/openecomp-be/tools/zusammen-tools/pom.xml b/openecomp-be/tools/zusammen-tools/pom.xml index b31472c7b8..19777ce5f1 100644 --- a/openecomp-be/tools/zusammen-tools/pom.xml +++ b/openecomp-be/tools/zusammen-tools/pom.xml @@ -198,7 +198,9 @@ </executions> </plugin> <plugin> + <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> + <version>${mvn.assembly.version}</version> <executions> <execution> <id>Generate assembly</id> @@ -48,14 +48,15 @@ Modifications copyright (c) 2018-2019 Nokia <guava.version>30.1-jre</guava.version> <janusgraph.version>0.3.3</janusgraph.version> <spring.version>5.3.26</spring.version> - <spring.boot.version>2.2.13.RELEASE</spring.boot.version> + <spring.boot.version>2.3.12.RELEASE</spring.boot.version> + <mvn.assembly.version>3.6.0</mvn.assembly.version> <!-- update to 2.36 bring error--> <!-- java.lang.NoClassDefFoundError: com/fasterxml/jackson/databind/AnnotationIntrospector$XmlExtensions--> <jersey-bom.version>2.34</jersey-bom.version> <jakarta.el.version>3.0.4</jakarta.el.version> - <netty.version>4.1.77.Final</netty.version> + <netty.version>4.1.92.Final</netty.version> <servlet-api.version>4.0.4</servlet-api.version> <wire-mock.version>2.26.3</wire-mock.version> <ecomp.version>3.4.0</ecomp.version> @@ -64,7 +65,6 @@ Modifications copyright (c) 2018-2019 Nokia <commons-beanutils>1.9.4</commons-beanutils> <commons.io.version>2.8.0</commons.io.version> <commons-configuration>2.8.0</commons-configuration> - <apache-poi.version>4.1.0</apache-poi.version> <onap.logging.version>1.6.1</onap.logging.version> <apache-commons-text.version>1.10.0</apache-commons-text.version> <jaxb-api.version>2.3.1</jaxb-api.version> @@ -173,8 +173,6 @@ Modifications copyright (c) 2018-2019 Nokia <!--togglz version--> <togglz.version>3.3.3</togglz.version> - <joda.time.version>2.9.9</joda.time.version> - <!--sdc-security-utils--> <security.util.lib.version>1.8.0</security.util.lib.version> <!--jacoco--> @@ -458,7 +456,7 @@ Modifications copyright (c) 2018-2019 Nokia <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> - <version>3.1.0</version> + <version>${mvn.assembly.version}</version> <configuration> <tarLongFileMode>posix</tarLongFileMode> </configuration> |