diff options
author | ChrisC <christophe.closset@intl.att.com> | 2021-05-04 10:08:00 +0200 |
---|---|---|
committer | ChrisC <christophe.closset@intl.att.com> | 2021-05-04 10:51:34 +0200 |
commit | 03f068ac1c511d36ff0f5128289a715e563808d0 (patch) | |
tree | b1bdb055d2a9a7d366963c5ac38ccc0822302026 | |
parent | 030feca3b33f078fb99a01da3e89a3fb265611a8 (diff) |
Update vulnerable package dependencies
Update distribution-client version to 1.4.3
Update some packages dependencies to latest version
Fix conflicting dependencies using exclusions
Issue-ID: SDC-3572
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Change-Id: I76d110e70191c70c7aeba6513e839566f9b3992b
-rw-r--r-- | pom.xml | 4 | ||||
-rw-r--r-- | sdc-distribution-ci/pom.xml | 77 | ||||
-rw-r--r-- | sdc-distribution-client/pom.xml | 44 | ||||
-rw-r--r-- | version.properties | 2 |
4 files changed, 121 insertions, 6 deletions
@@ -4,7 +4,7 @@ <groupId>org.onap.sdc.sdc-distribution-client</groupId> <artifactId>sdc-main-distribution-client</artifactId> - <version>1.4.2-SNAPSHOT</version> + <version>1.4.3-SNAPSHOT</version> <packaging>pom</packaging> <name>sdc-sdc-distribution-client</name> @@ -39,7 +39,7 @@ <httpcore.version>4.4.14</httpcore.version> <logback.version>1.2.3</logback.version> <junit.version>5.7.0</junit.version> - <snakeyaml.version>1.27</snakeyaml.version> + <snakeyaml.version>1.28</snakeyaml.version> <guava.version>30.0-jre</guava.version> <jetty.version>9.4.35.v20201120</jetty.version> <bean-matchers.version>0.12</bean-matchers.version> diff --git a/sdc-distribution-ci/pom.xml b/sdc-distribution-ci/pom.xml index 9af54ca..3562ba8 100644 --- a/sdc-distribution-ci/pom.xml +++ b/sdc-distribution-ci/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>org.onap.sdc.sdc-distribution-client</groupId> <artifactId>sdc-main-distribution-client</artifactId> - <version>1.4.2-SNAPSHOT</version> + <version>1.4.3-SNAPSHOT</version> </parent> <artifactId>sdc-distribution-ci</artifactId> @@ -34,12 +34,32 @@ <artifactId>sdc-distribution-client</artifactId> <version>${project.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <artifactId>httpcore</artifactId> + <groupId>org.apache.httpcomponents</groupId> + </exclusion> + <exclusion> + <artifactId>slf4j-api</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + <exclusion> + <artifactId>httpclient</artifactId> + <groupId>org.apache.httpcomponents</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> <version>${logback.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <artifactId>slf4j-api</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.slf4j</groupId> @@ -64,24 +84,52 @@ <artifactId>junit-jupiter-params</artifactId> <version>${junit-jupiter-params.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>junit-jupiter-api</artifactId> + <groupId>org.junit.jupiter</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.junit.jupiter</groupId> <artifactId>junit-jupiter-engine</artifactId> <version>${junit-jupiter-engine.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>junit-jupiter-api</artifactId> + <groupId>org.junit.jupiter</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.testcontainers</groupId> <artifactId>testcontainers</artifactId> <version>${testcontainers.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>slf4j-api</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + <exclusion> + <artifactId>visible-assertions</artifactId> + <groupId>org.rnorth.visible-assertions</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.testcontainers</groupId> <artifactId>junit-jupiter</artifactId> <version>${junit-jupiter.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>junit-jupiter-api</artifactId> + <groupId>org.junit.jupiter</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.mockito</groupId> @@ -100,18 +148,45 @@ <artifactId>mockito-junit-jupiter</artifactId> <version>${mockito-junit-jupiter.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>junit-jupiter-api</artifactId> + <groupId>org.junit.jupiter</groupId> + </exclusion> + <exclusion> + <artifactId>mockito-core</artifactId> + <groupId>org.mockito</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.awaitility</groupId> <artifactId>awaitility</artifactId> <version>${awaitility.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>objenesis</artifactId> + <groupId>org.objenesis</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.awaitility</groupId> <artifactId>awaitility-proxy</artifactId> <version>${awaitility-proxy.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>byte-buddy</artifactId> + <groupId>net.bytebuddy</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + <version>${httpclient.version}</version> </dependency> </dependencies> diff --git a/sdc-distribution-client/pom.xml b/sdc-distribution-client/pom.xml index a7f8bf9..e073a5e 100644 --- a/sdc-distribution-client/pom.xml +++ b/sdc-distribution-client/pom.xml @@ -15,11 +15,11 @@ <parent> <groupId>org.onap.sdc.sdc-distribution-client</groupId> <artifactId>sdc-main-distribution-client</artifactId> - <version>1.4.2-SNAPSHOT</version> + <version>1.4.3-SNAPSHOT</version> </parent> <artifactId>sdc-distribution-client</artifactId> - <name>sdc-sdc-distribution-client</name> + <name>sdc-distribution-client</name> <description>Distribution client JAR file to use by consumers</description> <packaging>jar</packaging> @@ -36,6 +36,18 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + </exclusion> + <exclusion> + <artifactId>slf4j-api</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + <exclusion> + <artifactId>commons-io</artifactId> + <groupId>commons-io</groupId> + </exclusion> </exclusions> </dependency> <dependency> @@ -81,6 +93,10 @@ <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </exclusion> + <exclusion> + <artifactId>httpcore</artifactId> + <groupId>org.apache.httpcomponents</groupId> + </exclusion> </exclusions> <scope>compile</scope> </dependency> @@ -90,6 +106,12 @@ <artifactId>httpmime</artifactId> <version>${httpclient.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <artifactId>httpclient</artifactId> + <groupId>org.apache.httpcomponents</groupId> + </exclusion> + </exclusions> </dependency> <!-- YAML parser --> @@ -119,6 +141,12 @@ <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-servlet</artifactId> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>jetty-util</artifactId> + <groupId>org.eclipse.jetty</groupId> + </exclusion> + </exclusions> <version>${jetty.version}</version> </dependency> @@ -127,6 +155,12 @@ <artifactId>jetty-webapp</artifactId> <version>${jetty.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>jetty-servlet</artifactId> + <groupId>org.eclipse.jetty</groupId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -154,6 +188,12 @@ <artifactId>bean-matchers</artifactId> <version>${bean-matchers.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>mockito-core</artifactId> + <groupId>org.mockito</groupId> + </exclusion> + </exclusions> </dependency> <dependency> diff --git a/version.properties b/version.properties index 0d94dfd..a54766f 100644 --- a/version.properties +++ b/version.properties @@ -5,7 +5,7 @@ major=1 minor=4 -patch=2 +patch=3 base_version=${major}.${minor}.${patch} |