diff options
author | vasraz <vasyl.razinkov@est.tech> | 2022-08-29 11:02:06 +0100 |
---|---|---|
committer | Vasyl Razinkov <vasyl.razinkov@est.tech> | 2022-08-29 15:09:03 +0000 |
commit | cc595a0bfd90645b451ddee658fc496624072cea (patch) | |
tree | 024d075dcb68ca8f6f7440e919009bfdd67a1f1e | |
parent | e550697fd3609554f6419c2e55e0e47e377a9cf9 (diff) |
Remove / update vulnerable dependencies
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: Iff0169361b533f08a283f148af511a301bc4e485
Issue-ID: SDC-4146
-rw-r--r-- | pom.xml | 21 | ||||
-rw-r--r-- | sdc-distribution-ci/pom.xml | 421 | ||||
-rw-r--r-- | sdc-distribution-client/pom.xml | 86 |
3 files changed, 266 insertions, 262 deletions
@@ -11,7 +11,7 @@ <parent> <groupId>org.onap.oparent</groupId> <artifactId>oparent</artifactId> - <version>2.0.0</version> + <version>3.2.1</version> <relativePath/> </parent> @@ -36,14 +36,17 @@ <org.glassfish.jersey.version>2.24</org.glassfish.jersey.version> <functionaljava.version>4.8</functionaljava.version> <httpclient.version>4.5.13</httpclient.version> - <httpcore.version>4.4.14</httpcore.version> - <logback.version>1.2.3</logback.version> - <junit.version>5.7.0</junit.version> - <snakeyaml.version>1.28</snakeyaml.version> - <guava.version>30.0-jre</guava.version> - <jetty.version>9.4.35.v20201120</jetty.version> + <httpcore.version>4.4.15</httpcore.version> + <logback.version>1.2.11</logback.version> + <junit.version>5.9.0</junit.version> + <snakeyaml.version>1.30</snakeyaml.version> + <guava.version>31.1-jre</guava.version> + <jetty.version>9.4.48.v20220622</jetty.version> <bean-matchers.version>0.12</bean-matchers.version> <maven-javadoc-plugin.version>3.2.0</maven-javadoc-plugin.version> + <mockito.version>3.12.4</mockito.version> + <slf4j-api.version>1.7.36</slf4j-api.version> + <assertj-core.version>3.23.1</assertj-core.version> <nexus.proxy>https://nexus.onap.org</nexus.proxy> <sitePath>/content/sites/site/org/onap/sdc/sdc-distribution-client/${project.version}</sitePath> @@ -70,7 +73,8 @@ <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version> <maven-compiler-plugin.source>11</maven-compiler-plugin.source> <maven-compiler-plugin.target>11</maven-compiler-plugin.target> - <sonar-maven-plugin.version>3.7.0.1746</sonar-maven-plugin.version> + <sonar-maven-plugin.version>3.9.1.2184</sonar-maven-plugin.version> + <checkstyle.skip>true</checkstyle.skip> </properties> <profiles> @@ -138,6 +142,7 @@ <configuration> <suppressionsLocation>checkstyle-suppressions.xml</suppressionsLocation> <suppressionsFileExpression>checkstyle.suppressions.file</suppressionsFileExpression> + <skip>${checkstyle.skip}</skip> </configuration> </plugin> <plugin> diff --git a/sdc-distribution-ci/pom.xml b/sdc-distribution-ci/pom.xml index 93714c1..97ed30b 100644 --- a/sdc-distribution-ci/pom.xml +++ b/sdc-distribution-ci/pom.xml @@ -1,216 +1,223 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> +<project xmlns="http://maven.apache.org/POM/4.0.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> + <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.onap.sdc.sdc-distribution-client</groupId> - <artifactId>sdc-main-distribution-client</artifactId> - <version>1.4.5-SNAPSHOT</version> - </parent> + <parent> + <groupId>org.onap.sdc.sdc-distribution-client</groupId> + <artifactId>sdc-main-distribution-client</artifactId> + <version>1.4.5-SNAPSHOT</version> + </parent> - <artifactId>sdc-distribution-ci</artifactId> - <name>sdc-distribution-ci</name> - <description>Distribution CI for testing distribution client</description> + <artifactId>sdc-distribution-ci</artifactId> + <name>sdc-distribution-ci</name> + <description>Distribution CI for testing distribution client</description> - <properties> - <slf4j-api.version>1.7.30</slf4j-api.version> - <mockito-core.version>3.5.0</mockito-core.version> - <mockito-junit-jupiter.version>2.23.0</mockito-junit-jupiter.version> - <assertj-core.version>3.18.1</assertj-core.version> - <junit-jupiter.version>1.15.1</junit-jupiter.version> - <testcontainers.version>1.15.1</testcontainers.version> - <junit-jupiter-engine.version>5.4.2</junit-jupiter-engine.version> - <junit-jupiter-params.version>5.4.2</junit-jupiter-params.version> - <junit-jupiter-api.version>5.4.2</junit-jupiter-api.version> - <awaitility-proxy.version>3.0.0</awaitility-proxy.version> - <awaitility.version>3.0.0</awaitility.version> - </properties> + <properties> + <mockito-core.version>${mockito.version}</mockito-core.version> + <mockito-junit-jupiter.version>${mockito.version}</mockito-junit-jupiter.version> + <testcontainers.version>1.17.1</testcontainers.version> + <junit-jupiter.version>${testcontainers.version}</junit-jupiter.version> + <junit-jupiter-engine.version>${junit.version}</junit-jupiter-engine.version> + <junit-jupiter-params.version>${junit.version}</junit-jupiter-params.version> + <junit-jupiter-api.version>${junit.version}</junit-jupiter-api.version> + <awaitility-proxy.version>3.0.0</awaitility-proxy.version> + <awaitility.version>3.0.0</awaitility.version> + </properties> + <dependencies> + <dependency> + <groupId>org.onap.sdc.sdc-distribution-client</groupId> + <artifactId>sdc-distribution-client</artifactId> + <version>${project.version}</version> + <scope>compile</scope> + <exclusions> + <exclusion> + <artifactId>httpcore</artifactId> + <groupId>org.apache.httpcomponents</groupId> + </exclusion> + <exclusion> + <artifactId>slf4j-api</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + <exclusion> + <artifactId>httpclient</artifactId> + <groupId>org.apache.httpcomponents</groupId> + </exclusion> + <exclusion> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + <version>${logback.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>slf4j-api</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <version>${slf4j-api.version}</version> + </dependency> - <dependencies> - <dependency> - <groupId>org.onap.sdc.sdc-distribution-client</groupId> - <artifactId>sdc-distribution-client</artifactId> - <version>${project.version}</version> - <scope>compile</scope> - <exclusions> - <exclusion> - <artifactId>httpcore</artifactId> - <groupId>org.apache.httpcomponents</groupId> - </exclusion> - <exclusion> - <artifactId>slf4j-api</artifactId> - <groupId>org.slf4j</groupId> - </exclusion> - <exclusion> - <artifactId>httpclient</artifactId> - <groupId>org.apache.httpcomponents</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>ch.qos.logback</groupId> - <artifactId>logback-classic</artifactId> - <version>${logback.version}</version> - <scope>compile</scope> - <exclusions> - <exclusion> - <artifactId>slf4j-api</artifactId> - <groupId>org.slf4j</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - <version>${slf4j-api.version}</version> - </dependency> - <dependency> - <groupId>ch.qos.logback</groupId> - <artifactId>logback-core</artifactId> - <version>${logback.version}</version> - <scope>compile</scope> - </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <version>${junit-jupiter-api.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-params</artifactId> + <version>${junit-jupiter-params.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>junit-jupiter-api</artifactId> + <groupId>org.junit.jupiter</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <version>${junit-jupiter-engine.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>junit-jupiter-api</artifactId> + <groupId>org.junit.jupiter</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.testcontainers</groupId> + <artifactId>testcontainers</artifactId> + <version>${testcontainers.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>slf4j-api</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + <exclusion> + <artifactId>visible-assertions</artifactId> + <groupId>org.rnorth.visible-assertions</groupId> + </exclusion> + <exclusion> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.junit.vintage</groupId> + <artifactId>junit-vintage-engine</artifactId> + <version>${junit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.testcontainers</groupId> + <artifactId>junit-jupiter</artifactId> + <version>${junit-jupiter.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>junit-jupiter-api</artifactId> + <groupId>org.junit.jupiter</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-core</artifactId> + <version>${mockito-core.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.assertj</groupId> + <artifactId>assertj-core</artifactId> + <version>${assertj-core.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-junit-jupiter</artifactId> + <version>${mockito-junit-jupiter.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>junit-jupiter-api</artifactId> + <groupId>org.junit.jupiter</groupId> + </exclusion> + <exclusion> + <artifactId>mockito-core</artifactId> + <groupId>org.mockito</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.awaitility</groupId> + <artifactId>awaitility</artifactId> + <version>${awaitility.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>objenesis</artifactId> + <groupId>org.objenesis</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.awaitility</groupId> + <artifactId>awaitility-proxy</artifactId> + <version>${awaitility-proxy.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>byte-buddy</artifactId> + <groupId>net.bytebuddy</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + <version>${httpclient.version}</version> + <scope>runtime</scope> + </dependency> + </dependencies> - <dependency> - <groupId>org.junit.jupiter</groupId> - <artifactId>junit-jupiter-api</artifactId> - <version>${junit-jupiter-api.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.junit.jupiter</groupId> - <artifactId>junit-jupiter-params</artifactId> - <version>${junit-jupiter-params.version}</version> - <scope>test</scope> - <exclusions> - <exclusion> - <artifactId>junit-jupiter-api</artifactId> - <groupId>org.junit.jupiter</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.junit.jupiter</groupId> - <artifactId>junit-jupiter-engine</artifactId> - <version>${junit-jupiter-engine.version}</version> - <scope>test</scope> - <exclusions> - <exclusion> - <artifactId>junit-jupiter-api</artifactId> - <groupId>org.junit.jupiter</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.testcontainers</groupId> - <artifactId>testcontainers</artifactId> - <version>${testcontainers.version}</version> - <scope>test</scope> - <exclusions> - <exclusion> - <artifactId>slf4j-api</artifactId> - <groupId>org.slf4j</groupId> - </exclusion> - <exclusion> - <artifactId>visible-assertions</artifactId> - <groupId>org.rnorth.visible-assertions</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.testcontainers</groupId> - <artifactId>junit-jupiter</artifactId> - <version>${junit-jupiter.version}</version> - <scope>test</scope> - <exclusions> - <exclusion> - <artifactId>junit-jupiter-api</artifactId> - <groupId>org.junit.jupiter</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.mockito</groupId> - <artifactId>mockito-core</artifactId> - <version>${mockito-core.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.assertj</groupId> - <artifactId>assertj-core</artifactId> - <version>${assertj-core.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.mockito</groupId> - <artifactId>mockito-junit-jupiter</artifactId> - <version>${mockito-junit-jupiter.version}</version> - <scope>test</scope> - <exclusions> - <exclusion> - <artifactId>junit-jupiter-api</artifactId> - <groupId>org.junit.jupiter</groupId> - </exclusion> - <exclusion> - <artifactId>mockito-core</artifactId> - <groupId>org.mockito</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.awaitility</groupId> - <artifactId>awaitility</artifactId> - <version>${awaitility.version}</version> - <scope>test</scope> - <exclusions> - <exclusion> - <artifactId>objenesis</artifactId> - <groupId>org.objenesis</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.awaitility</groupId> - <artifactId>awaitility-proxy</artifactId> - <version>${awaitility-proxy.version}</version> - <scope>test</scope> - <exclusions> - <exclusion> - <artifactId>byte-buddy</artifactId> - <groupId>net.bytebuddy</groupId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - <version>${httpclient.version}</version> - </dependency> - </dependencies> - - <build> - <finalName>client-initialization</finalName> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-jar-plugin</artifactId> - <version>2.4</version> - <configuration> - <archive> - <manifest> - <addClasspath>true</addClasspath> - <classpathPrefix>lib</classpathPrefix> - <mainClass>org.onap.test.it.RegisterToAsdcTopicIT</mainClass> - </manifest> - <manifestEntries> - <Class-Path>lib/</Class-Path> - </manifestEntries> - </archive> - </configuration> - </plugin> - </plugins> - </build> + <build> + <finalName>client-initialization</finalName> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jar-plugin</artifactId> + <version>2.4</version> + <configuration> + <archive> + <manifest> + <addClasspath>true</addClasspath> + <classpathPrefix>lib</classpathPrefix> + <mainClass>org.onap.test.it.RegisterToAsdcTopicIT</mainClass> + </manifest> + <manifestEntries> + <Class-Path>lib/</Class-Path> + </manifestEntries> + </archive> + </configuration> + </plugin> + </plugins> + </build> </project> diff --git a/sdc-distribution-client/pom.xml b/sdc-distribution-client/pom.xml index 45c9950..7d46cc5 100644 --- a/sdc-distribution-client/pom.xml +++ b/sdc-distribution-client/pom.xml @@ -1,15 +1,13 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <properties> - <assertj-core.version>3.18.1</assertj-core.version> - <mockito-all.version>3.6.28</mockito-all.version> <commons-io.version>2.8.0</commons-io.version> - <gson.version>2.8.6</gson.version> + <gson.version>2.8.9</gson.version> <cambriaClient.version>0.0.1</cambriaClient.version> - <slf4j-api.version>1.7.30</slf4j-api.version> + <lombok.version>1.18.24</lombok.version> </properties> <parent> @@ -23,32 +21,16 @@ <description>Distribution client JAR file to use by consumers</description> <packaging>jar</packaging> - <dependencies> - <dependency> - <groupId>com.att.nsa</groupId> - <artifactId>saClientLibrary</artifactId> - <version>${cambriaClient.version}</version> - <scope>compile</scope> - <exclusions> - <exclusion> <!-- declare the exclusion here --> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </exclusion> - <exclusion> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - </exclusion> - <exclusion> - <artifactId>slf4j-api</artifactId> - <groupId>org.slf4j</groupId> - </exclusion> - <exclusion> - <artifactId>commons-io</artifactId> - <groupId>commons-io</groupId> - </exclusion> - </exclusions> + <groupId>org.projectlombok</groupId> + <artifactId>lombok</artifactId> + <version>${lombok.version}</version> + </dependency> + <dependency> + <groupId>org.json</groupId> + <artifactId>json</artifactId> + <version>20220320</version> </dependency> <dependency> <groupId>org.slf4j</groupId> @@ -61,6 +43,12 @@ <artifactId>cambriaClient</artifactId> <version>${cambriaClient.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.json</groupId> + <artifactId>json</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -101,19 +89,6 @@ <scope>compile</scope> </dependency> - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpmime</artifactId> - <version>${httpclient.version}</version> - <scope>compile</scope> - <exclusions> - <exclusion> - <artifactId>httpclient</artifactId> - <groupId>org.apache.httpcomponents</groupId> - </exclusion> - </exclusions> - </dependency> - <!-- YAML parser --> <dependency> <groupId>org.yaml</groupId> @@ -143,8 +118,12 @@ <scope>test</scope> <exclusions> <exclusion> + <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-util</artifactId> + </exclusion> + <exclusion> <groupId>org.eclipse.jetty</groupId> + <artifactId>jetty-security</artifactId> </exclusion> </exclusions> <version>${jetty.version}</version> @@ -163,23 +142,36 @@ </exclusions> </dependency> +<!-- TODO - remove after migration to Junit5--> <dependency> - <groupId>org.junit.jupiter</groupId> - <artifactId>junit-jupiter</artifactId> + <groupId>org.junit.vintage</groupId> + <artifactId>junit-vintage-engine</artifactId> <version>${junit.version}</version> <scope>test</scope> </dependency> <dependency> - <groupId>org.junit.vintage</groupId> - <artifactId>junit-vintage-engine</artifactId> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter</artifactId> <version>${junit.version}</version> <scope>test</scope> </dependency> <dependency> <groupId>org.mockito</groupId> + <artifactId>mockito-junit-jupiter</artifactId> + <version>${mockito.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-inline</artifactId> + <version>${mockito.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mockito</groupId> <artifactId>mockito-core</artifactId> - <version>${mockito-all.version}</version> + <version>${mockito.version}</version> <scope>test</scope> </dependency> |