aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChrisC <christophe.closset@intl.att.com>2021-05-04 10:08:00 +0200
committerChrisC <christophe.closset@intl.att.com>2021-05-04 10:51:34 +0200
commit03f068ac1c511d36ff0f5128289a715e563808d0 (patch)
treeb1bdb055d2a9a7d366963c5ac38ccc0822302026
parent030feca3b33f078fb99a01da3e89a3fb265611a8 (diff)
Update vulnerable package dependencies
Update distribution-client version to 1.4.3 Update some packages dependencies to latest version Fix conflicting dependencies using exclusions Issue-ID: SDC-3572 Signed-off-by: ChrisC <christophe.closset@intl.att.com> Change-Id: I76d110e70191c70c7aeba6513e839566f9b3992b
-rw-r--r--pom.xml4
-rw-r--r--sdc-distribution-ci/pom.xml77
-rw-r--r--sdc-distribution-client/pom.xml44
-rw-r--r--version.properties2
4 files changed, 121 insertions, 6 deletions
diff --git a/pom.xml b/pom.xml
index 03f3a9a..1a127bd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
<groupId>org.onap.sdc.sdc-distribution-client</groupId>
<artifactId>sdc-main-distribution-client</artifactId>
- <version>1.4.2-SNAPSHOT</version>
+ <version>1.4.3-SNAPSHOT</version>
<packaging>pom</packaging>
<name>sdc-sdc-distribution-client</name>
@@ -39,7 +39,7 @@
<httpcore.version>4.4.14</httpcore.version>
<logback.version>1.2.3</logback.version>
<junit.version>5.7.0</junit.version>
- <snakeyaml.version>1.27</snakeyaml.version>
+ <snakeyaml.version>1.28</snakeyaml.version>
<guava.version>30.0-jre</guava.version>
<jetty.version>9.4.35.v20201120</jetty.version>
<bean-matchers.version>0.12</bean-matchers.version>
diff --git a/sdc-distribution-ci/pom.xml b/sdc-distribution-ci/pom.xml
index 9af54ca..3562ba8 100644
--- a/sdc-distribution-ci/pom.xml
+++ b/sdc-distribution-ci/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.onap.sdc.sdc-distribution-client</groupId>
<artifactId>sdc-main-distribution-client</artifactId>
- <version>1.4.2-SNAPSHOT</version>
+ <version>1.4.3-SNAPSHOT</version>
</parent>
<artifactId>sdc-distribution-ci</artifactId>
@@ -34,12 +34,32 @@
<artifactId>sdc-distribution-client</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>httpcore</artifactId>
+ <groupId>org.apache.httpcomponents</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>slf4j-api</artifactId>
+ <groupId>org.slf4j</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>httpclient</artifactId>
+ <groupId>org.apache.httpcomponents</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>${logback.version}</version>
<scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>slf4j-api</artifactId>
+ <groupId>org.slf4j</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
@@ -64,24 +84,52 @@
<artifactId>junit-jupiter-params</artifactId>
<version>${junit-jupiter-params.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>junit-jupiter-api</artifactId>
+ <groupId>org.junit.jupiter</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<version>${junit-jupiter-engine.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>junit-jupiter-api</artifactId>
+ <groupId>org.junit.jupiter</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>testcontainers</artifactId>
<version>${testcontainers.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>slf4j-api</artifactId>
+ <groupId>org.slf4j</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>visible-assertions</artifactId>
+ <groupId>org.rnorth.visible-assertions</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>junit-jupiter</artifactId>
<version>${junit-jupiter.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>junit-jupiter-api</artifactId>
+ <groupId>org.junit.jupiter</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
@@ -100,18 +148,45 @@
<artifactId>mockito-junit-jupiter</artifactId>
<version>${mockito-junit-jupiter.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>junit-jupiter-api</artifactId>
+ <groupId>org.junit.jupiter</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>mockito-core</artifactId>
+ <groupId>org.mockito</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.awaitility</groupId>
<artifactId>awaitility</artifactId>
<version>${awaitility.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>objenesis</artifactId>
+ <groupId>org.objenesis</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.awaitility</groupId>
<artifactId>awaitility-proxy</artifactId>
<version>${awaitility-proxy.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>byte-buddy</artifactId>
+ <groupId>net.bytebuddy</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>${httpclient.version}</version>
</dependency>
</dependencies>
diff --git a/sdc-distribution-client/pom.xml b/sdc-distribution-client/pom.xml
index a7f8bf9..e073a5e 100644
--- a/sdc-distribution-client/pom.xml
+++ b/sdc-distribution-client/pom.xml
@@ -15,11 +15,11 @@
<parent>
<groupId>org.onap.sdc.sdc-distribution-client</groupId>
<artifactId>sdc-main-distribution-client</artifactId>
- <version>1.4.2-SNAPSHOT</version>
+ <version>1.4.3-SNAPSHOT</version>
</parent>
<artifactId>sdc-distribution-client</artifactId>
- <name>sdc-sdc-distribution-client</name>
+ <name>sdc-distribution-client</name>
<description>Distribution client JAR file to use by consumers</description>
<packaging>jar</packaging>
@@ -36,6 +36,18 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ </exclusion>
+ <exclusion>
+ <artifactId>slf4j-api</artifactId>
+ <groupId>org.slf4j</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>commons-io</artifactId>
+ <groupId>commons-io</groupId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -81,6 +93,10 @@
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</exclusion>
+ <exclusion>
+ <artifactId>httpcore</artifactId>
+ <groupId>org.apache.httpcomponents</groupId>
+ </exclusion>
</exclusions>
<scope>compile</scope>
</dependency>
@@ -90,6 +106,12 @@
<artifactId>httpmime</artifactId>
<version>${httpclient.version}</version>
<scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>httpclient</artifactId>
+ <groupId>org.apache.httpcomponents</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- YAML parser -->
@@ -119,6 +141,12 @@
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>jetty-util</artifactId>
+ <groupId>org.eclipse.jetty</groupId>
+ </exclusion>
+ </exclusions>
<version>${jetty.version}</version>
</dependency>
@@ -127,6 +155,12 @@
<artifactId>jetty-webapp</artifactId>
<version>${jetty.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>jetty-servlet</artifactId>
+ <groupId>org.eclipse.jetty</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
@@ -154,6 +188,12 @@
<artifactId>bean-matchers</artifactId>
<version>${bean-matchers.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <artifactId>mockito-core</artifactId>
+ <groupId>org.mockito</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
diff --git a/version.properties b/version.properties
index 0d94dfd..a54766f 100644
--- a/version.properties
+++ b/version.properties
@@ -5,7 +5,7 @@
major=1
minor=4
-patch=2
+patch=3
base_version=${major}.${minor}.${patch}