summaryrefslogtreecommitdiffstats
path: root/catalog-fe
AgeCommit message (Collapse)AuthorFilesLines
2022-10-18Fix security risk 'Improper Input Validation'vasraz1-0/+70
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I6a52148aec3b567db43ec57109214e52d106f73c Issue-ID: SDC-4189
2022-10-14Align 'org.eclipse.jetty'-version (9.4.49.v20220914)vasraz1-26/+12
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: If56735406d86bd42b57c2ccb1f23699c1685069b Issue-ID: SDC-4189
2022-10-04Fix bug 'X-Frame-Options not configured: Lack of clickjacking protection'vasraz4-18/+53
Add new Filter (ContentSecurityPolicyHeaderFilter) Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ic8151df64e4b95b3d59b44a5f74dd12210f55e87 Issue-ID: SDC-4192
2022-09-29Stepping version to 1.12.0 for start of LondonMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-4155 Change-Id: Ide5c76cbb332dbd03344fdb462e7feef91c9256e
2022-09-28Step version to 1.11.9-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-4172 Change-Id: If2746847292bd769ef47c4628b5bafa7af2d69b9
2022-09-22add the mvn jetty:run command to the README, improve the formattingFiete Ostkamp2-14/+13
Issue-ID: SDC-4183 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de> Change-Id: Ibd8509b16ce0e4af64ced03b31410ca9ca749e0e
2022-09-08Fix high-severity bug 'application exposed to path traversal attack'vasraz1-112/+118
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I7f4b1e8d083cc39f8e57dcedddecc6af56fdc9c2 Issue-ID: SDC-4169
2022-08-22Fix broken chef/berkshelf install in docker imagesvasraz1-0/+1
Set a specific version for the ruby gem "public_suffix", required by chef/berkshelf, to be compatible with the used version of ruby (2.5.0). Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I963a60206cb1f22296fcb5a9f763f326f629f077 Issue-ID: SDC-4139
2022-08-17Update SDC version to 1.11.8-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-4111 Change-Id: I39b23ed9e56a889f1f4a9fa7029a4758c4c9ba47
2022-08-15Step version to 1.11.7-SNAPSHOT1.11.7MichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-4111 Change-Id: I42a9a518dc05a4fd42619fbd471955ddacd62dc3
2022-07-19Fix incorrect dependency scope changeMichaelMorris1-1/+0
Causes sdc-FE health check to fail Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-4101 Change-Id: Ia2484e4792afe5c532340c62266f1ede667ac606
2022-07-15Remove unused dependency (functionaljava)vasraz1-1/+5
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I9d8806dc55fc1d377cdd366343fe898b46fc847d Issue-ID: SDC-4094
2022-06-24Step version to 1.11.6-SNAPSHOTandre.schmid1-1/+1
Change-Id: Ie3f800c418b32bbf05fc8f984bba7ea419583d03 Issue-ID: SDC-4064 Signed-off-by: andre.schmid <andre.schmid@est.tech>
2022-06-24Step version to 1.11.5-SNAPSHOTandre.schmid1-1/+1
Change-Id: Iee1394298e6afddf30e98c8e07a4ddacef95d55f Issue-ID: SDC-4064 Signed-off-by: andre.schmid <andre.schmid@est.tech>
2022-06-10Fix broken images build due to multipart-post gemvasraz1-1/+2
Maximum supported version of multipart-post, with the current images Ruby & RubyGems is 2.2.0. Forcing the 2.2.0 version. Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ie7a7232be817f005c36f09b023344b479c64457f Issue-ID: SDC-4041
2022-05-27Step version to 1.11.4-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-4008 Change-Id: I0570cc896a88c988d5b9cbf45b11f9648a88a932
2022-05-24Remove vulnerable dependencyvasraz1-0/+4
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I7faf230b6cd65cafb07ed766a333f7857410db8a Issue-ID: SDC-4017
2022-05-18Step version to 1.11.3-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3980 Change-Id: Ib1a7cae9f32c347c97157020e58188d802fd6068
2022-04-26Replace deprecated GEventEvaluator with JaninoEventEvaluatorvasraz2-8/+4
Change-Id: I21bfd0aaa66a32ecc1755cbe1efd78b0cd4254cf Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3984
2022-04-25Step version to 1.11.2-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3959 Change-Id: I684a792fa6cd7357da6754baa9edd1d723ecc08d
2022-04-08Step version to 1.11.1-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3951 Change-Id: Ifee66e777462161952765dcbb84c3a8fb1634cd2
2022-03-23Step version to 1.11.0-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3909 Change-Id: I6d20e041b68afdc7ed6ffb900dcb372c1e600ee8
2022-03-22Step version to 1.10.3-SNAPSHOT1.10.3MichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3909 Change-Id: I7bb06e974320433d9f423be6f099d7811982eac0
2022-03-07Update esapi dependency for sec vulnerabilityMichaelMorris1-1/+3
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3895 Change-Id: I457f6865f081faf9474e2f63006b339b7c1512ea
2022-03-03Update vulnerable dependenciesvasraz2-1/+5
Change-Id: Id1098d2e0aceb3fb507e32994925d36f23ad8517 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3895
2022-02-28Increase FE timoutvasraz1-8/+9
Change-Id: Id25eb2931119404a90a48ee7a50b286c975a6f82 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3886
2022-02-26Implement improved MinIo clientvasraz2-2/+2
Change-Id: Ic9abd6b0bdaa17e9deff2279a64416d81f7ad606 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3886
2022-02-09Redirect root URL to sdc1vasraz3-2/+28
Change-Id: I792cf2bfbb2f8f1e891d30048ff63acefac3604e Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3877
2022-02-09Step version to 1.10.2-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3868 Change-Id: I8dc7701d6290bc95cf4ec90dae8653722a5c453f
2022-02-02Step version to 1.10.1-SNAPSHOTMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3868 Change-Id: Ie6509f8b0d2fa0e67a78295d3b49689bc2931b8b
2022-01-13Improve testing stabilityvasraz2-4/+4
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I3f631642a97e65d6628816767e0a5408f02f4bc6 Issue-ID: SDC-3839
2021-12-09Improve fast-build profilevasraz2-9/+5
Remove docker build from 'fast-build' profile Change-Id: I90b79bc05ecd159b5c6ff62f195507476dcdaa38 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3804
2021-12-07Fix vulnerable dependencyvasraz2-10/+21
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3795 Change-Id: Ib6f7902b2f8380ad9febcc2fad0374e8070af15c
2021-11-26Revert accidentally formatted POMsvasraz1-313/+305
Change-Id: I17ee875dcc2c63d6014c68345113df76cb2aa9b9 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3757
2021-11-22Fix test cases failing incorrectlyvasraz1-679/+693
https://gerrit.onap.org/r/c/sdc/+/124980 Change-Id: I9fbd8a0b5b83d04928feea7624e593b45441ac9b Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3757
2021-11-15Fix critical cross site scriptingvasraz2-15/+15
Change-Id: I66a220f71a2e950055107a725191b46bcbe8c6a6 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3607 Issue-ID: SDC-3755
2021-10-12Revert "Fix critical cross site scripting"vasraz1-4/+3
This reverts commit 7c8f40bc6df4a5a4d5822e48ecbe5ebe6a0d251a. Change-Id: I5719e82cffd36a21f265217265acf7eac060124b Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3755
2021-10-01Step version for JakartaMichaelMorris1-1/+1
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3738 Change-Id: Id008db63021d07278bd17a6603d992a905237e41
2021-09-20Updated SDC version to 1.9.2-SNAPSHOT1.9.2MichaelMorris1-1/+1
Updated to release bug fixes on 1.9.1 for I release Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3694 Change-Id: Ifda88730a17f2ecabab0ac29128aaa23618bc4f8
2021-09-13Update SDC version to 1.9.1-SNAPSHOT1.9.1MichaelMorris1-1/+1
Update version for M4 for I release Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3694 Change-Id: Ib7ea2917e57496ebd89a27693de60d4ea1aedc70
2021-08-19Align all SDC dependencies versionsvasraz1-2/+2
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Iba19bd39ba5a136436ac1e9ca0a7dcc164d6f7bf Issue-ID: SDC-2875
2021-08-11Fix critical cross site scriptingaribeiro1-3/+4
xss (cross site scripting) issue identified in sonarcloud Issue-ID: SDC-3607 Signed-off-by: aribeiro <anderson.ribeiro@est.tech> Change-Id: I729f14587154a02759ec62d5134cd115ac6eff38
2021-07-29fix security vulnerabilityaribeiro1-5/+6
Issue-ID: SDC-3607 Signed-off-by: aribeiro <anderson.ribeiro@est.tech> Change-Id: I935898fcf1ae74dc8f162153ff2cf4744b8f2f99
2021-07-27Remove dependency vulnerabilityvasraz1-0/+4
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Id6f1a33b86369b54af70094686d3a15d4dca3b15 Issue-ID: SDC-3572
2021-07-21Remove dependency vulnerabilityvasraz1-2/+13
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ia703de3d5bad1780e63be401ce0b435cb665f505 Issue-ID: SDC-3572
2021-06-04Fix dependencies with Critical Violationsvasraz1-67/+82
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ic4fb2577c260c80e0204bc68df508f41d9835734 Issue-ID: SDC-3572
2021-05-15Update vulnerable package dependenciesvasraz1-0/+10
commons-io -> 2.7 org.freemarker -> 2.3.30 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ie18bd3abffdb64017ab49331864325beea8aa2c4 Issue-ID: SDC-3572
2021-05-12Use integration-java11 Dockerfilesebdet12-93/+76
Use onap/integration-java11:7.1.0 as a source for the images requiring JDK 11 in SDC Issue-ID: SDC-3298 Change-Id: Ifee3d2942dcb9c078f2ebb686bdabc0ecca857b3 Signed-off-by: xuegao <xue.gao@intl.att.com>
2021-04-12Fix weak-cryptography issuesxuegao3-119/+6
Load the truststore/keystore of our own instead of using the default one. Issue-ID: SDC-3495 Change-Id: I0ecd764d5198480a065fd38299cc9ff9da66af29 Signed-off-by: xuegao <xue.gao@intl.att.com>
2021-03-29Reformat catalog-fevasraz23-826/+596
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3449 Change-Id: Ic4c34262e5cb4e5851af493400ccc01af5684a18