summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2023-05-18 16:13:52 +0100
committerMichael Morris <michael.morris@est.tech>2023-05-25 12:09:03 +0000
commitdffdf560049dac56f2c7d35dffec0e009c7939af (patch)
tree79ad6c154293db9719e370eee1ef4c9954287dd8
parent468d0770593e167990df815e45cde717bd845d18 (diff)
Update vulnerable dependencies
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ifedc08763f6d46e3bcba0367a81edc8e219865d0 Issue-ID: SDC-4504
-rw-r--r--asdctool/pom.xml18
-rw-r--r--catalog-be/pom.xml7
-rw-r--r--catalog-dao/pom.xml8
-rw-r--r--catalog-model/pom.xml9
-rw-r--r--catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java6
-rw-r--r--onboarding/pom.xml1
-rw-r--r--openecomp-be/tools/swagger-ui/pom.xml2
-rw-r--r--openecomp-be/tools/zusammen-tools/pom.xml2
-rw-r--r--pom.xml10
9 files changed, 32 insertions, 31 deletions
diff --git a/asdctool/pom.xml b/asdctool/pom.xml
index 4dba42e290..6431e3132d 100644
--- a/asdctool/pom.xml
+++ b/asdctool/pom.xml
@@ -12,6 +12,10 @@
<version>1.12.4-SNAPSHOT</version>
</parent>
+ <properties>
+ <apache-poi.version>5.2.3</apache-poi.version>
+ </properties>
+
<dependencies>
<dependency>
<groupId>com.google.guava</groupId>
@@ -265,14 +269,7 @@
<scope>compile</scope>
</dependency>
- <!-- slf4j + logback -->
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- <version>${slf4j-api.version}</version>
- <scope>compile</scope>
- </dependency>
-
+ <!-- logback -->
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
@@ -373,6 +370,10 @@
<scope>compile</scope>
<exclusions>
<exclusion>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ </exclusion>
+ <exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
@@ -654,6 +655,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
+ <version>${mvn.assembly.version}</version>
<executions>
<execution>
<configuration>
diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml
index 987b2e7c64..cea9a32c3b 100644
--- a/catalog-be/pom.xml
+++ b/catalog-be/pom.xml
@@ -41,12 +41,6 @@
<version>${jsoup.version}</version>
</dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- <version>${slf4j-api.version}</version>
- </dependency>
-
<!--JSON and YAML Parsing-->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
@@ -1208,6 +1202,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
+ <version>${mvn.assembly.version}</version>
<executions>
<execution>
<id>normatives</id>
diff --git a/catalog-dao/pom.xml b/catalog-dao/pom.xml
index 279aa3a776..a4474d089a 100644
--- a/catalog-dao/pom.xml
+++ b/catalog-dao/pom.xml
@@ -374,6 +374,10 @@ Modifications copyright (c) 2018 Nokia
<scope>provided</scope>
<exclusions>
<exclusion>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ </exclusion>
+ <exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
@@ -483,6 +487,10 @@ Modifications copyright (c) 2018 Nokia
<version>${cassandra-all.version}</version>
<exclusions>
<exclusion>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ </exclusion>
+ <exclusion>
<groupId>org.apache.thrift</groupId>
<artifactId>libthrift</artifactId>
</exclusion>
diff --git a/catalog-model/pom.xml b/catalog-model/pom.xml
index eb09dc1796..2577bf01f7 100644
--- a/catalog-model/pom.xml
+++ b/catalog-model/pom.xml
@@ -270,6 +270,10 @@
<scope>provided</scope>
<exclusions>
<exclusion>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ </exclusion>
+ <exclusion>
<artifactId>slf4j-log4j12</artifactId>
<groupId>org.slf4j</groupId>
</exclusion>
@@ -486,11 +490,6 @@
<version>${lombok.version}</version>
</dependency>
<dependency>
- <groupId>joda-time</groupId>
- <artifactId>joda-time</artifactId>
- <version>${joda.time.version}</version>
- </dependency>
- <dependency>
<groupId>org.openecomp.sdc.core</groupId>
<artifactId>openecomp-tosca-lib</artifactId>
<version>${project.version}</version>
diff --git a/catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java b/catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java
index 72dc4aa7aa..0d44cff6e7 100644
--- a/catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java
+++ b/catalog-model/src/main/java/org/openecomp/sdc/be/model/User.java
@@ -20,13 +20,12 @@
package org.openecomp.sdc.be.model;
import com.fasterxml.jackson.annotation.JsonInclude;
+import java.time.ZonedDateTime;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import lombok.ToString;
-import org.joda.time.DateTime;
-import org.joda.time.DateTimeZone;
import org.openecomp.sdc.be.dao.utils.UserStatusEnum;
import org.openecomp.sdc.common.util.NoHtml;
@@ -88,8 +87,7 @@ public class User {
}
public void setLastLoginTime() {
- DateTime now = new DateTime(DateTimeZone.UTC);
- this.lastLoginTime = now.getMillis();
+ this.lastLoginTime = ZonedDateTime.now().toInstant().toEpochMilli();
}
}
diff --git a/onboarding/pom.xml b/onboarding/pom.xml
index 44c4b1631b..04e7dc3f85 100644
--- a/onboarding/pom.xml
+++ b/onboarding/pom.xml
@@ -41,7 +41,6 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<!-- Maven plugin versions -->
- <mvn.assembly.version>2.1</mvn.assembly.version>
<mvn.clean.version>2.5</mvn.clean.version>
<mvn.resource.version>3.1.0</mvn.resource.version>
<mvn.deploy.version>2.4</mvn.deploy.version>
diff --git a/openecomp-be/tools/swagger-ui/pom.xml b/openecomp-be/tools/swagger-ui/pom.xml
index 9f69310d0e..c136ef0dc9 100644
--- a/openecomp-be/tools/swagger-ui/pom.xml
+++ b/openecomp-be/tools/swagger-ui/pom.xml
@@ -109,7 +109,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
- <version>${mvn.assembly.version}</version>
+ <version>2.6</version>
<configuration>
<descriptor>assembly/swagger.xml</descriptor>
<finalName>${plugin.name}</finalName>
diff --git a/openecomp-be/tools/zusammen-tools/pom.xml b/openecomp-be/tools/zusammen-tools/pom.xml
index b31472c7b8..19777ce5f1 100644
--- a/openecomp-be/tools/zusammen-tools/pom.xml
+++ b/openecomp-be/tools/zusammen-tools/pom.xml
@@ -198,7 +198,9 @@
</executions>
</plugin>
<plugin>
+ <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
+ <version>${mvn.assembly.version}</version>
<executions>
<execution>
<id>Generate assembly</id>
diff --git a/pom.xml b/pom.xml
index 7844a524a1..1c2077f6ed 100644
--- a/pom.xml
+++ b/pom.xml
@@ -48,14 +48,15 @@ Modifications copyright (c) 2018-2019 Nokia
<guava.version>30.1-jre</guava.version>
<janusgraph.version>0.3.3</janusgraph.version>
<spring.version>5.3.26</spring.version>
- <spring.boot.version>2.2.13.RELEASE</spring.boot.version>
+ <spring.boot.version>2.3.12.RELEASE</spring.boot.version>
+ <mvn.assembly.version>3.6.0</mvn.assembly.version>
<!-- update to 2.36 bring error-->
<!-- java.lang.NoClassDefFoundError: com/fasterxml/jackson/databind/AnnotationIntrospector$XmlExtensions-->
<jersey-bom.version>2.34</jersey-bom.version>
<jakarta.el.version>3.0.4</jakarta.el.version>
- <netty.version>4.1.77.Final</netty.version>
+ <netty.version>4.1.92.Final</netty.version>
<servlet-api.version>4.0.4</servlet-api.version>
<wire-mock.version>2.26.3</wire-mock.version>
<ecomp.version>3.4.0</ecomp.version>
@@ -64,7 +65,6 @@ Modifications copyright (c) 2018-2019 Nokia
<commons-beanutils>1.9.4</commons-beanutils>
<commons.io.version>2.8.0</commons.io.version>
<commons-configuration>2.8.0</commons-configuration>
- <apache-poi.version>4.1.0</apache-poi.version>
<onap.logging.version>1.6.1</onap.logging.version>
<apache-commons-text.version>1.10.0</apache-commons-text.version>
<jaxb-api.version>2.3.1</jaxb-api.version>
@@ -173,8 +173,6 @@ Modifications copyright (c) 2018-2019 Nokia
<!--togglz version-->
<togglz.version>3.3.3</togglz.version>
- <joda.time.version>2.9.9</joda.time.version>
-
<!--sdc-security-utils-->
<security.util.lib.version>1.8.0</security.util.lib.version>
<!--jacoco-->
@@ -458,7 +456,7 @@ Modifications copyright (c) 2018-2019 Nokia
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
- <version>3.1.0</version>
+ <version>${mvn.assembly.version}</version>
<configuration>
<tarLongFileMode>posix</tarLongFileMode>
</configuration>