diff options
| author |   vasraz <vasyl.razinkov@est.tech> | 2022-09-07 12:04:28 +0100 |
|---|---|---|
| committer | Vasyl Razinkov <vasyl.razinkov@est.tech> | 2022-09-07 11:07:06 +0000 |
| commit | 9bf89a232e97f9f9cbd71da9d8784cdf9b17004e (patch) | |
| tree | 952c51ae6a821754e68ee1b978c58d0492865a75 | |
| parent | 4a0754b568db469dfe6f45adb5d510c4e8dfdd8c (diff) | |
Update vulnerable dependencies
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I35281d3e8992e1eefd3a790189244a3e67d96f17
Issue-ID: SDC-4152
| -rw-r--r-- | docker-compose/debug.yml | 4 | ||||
| -rw-r--r-- | pom.xml | 2 | ||||
| -rw-r--r-- | sdc-workflow-designer-be/pom.xml | 177 | ||||
| -rw-r--r-- | sdc-workflow-designer-ui/pom.xml | 5 |
4 files changed, 176 insertions, 12 deletions
diff --git a/docker-compose/debug.yml b/docker-compose/debug.yml index 62cacf82..72b1fe16 100644 --- a/docker-compose/debug.yml +++ b/docker-compose/debug.yml @@ -8,10 +8,10 @@ services: ports: - "${BACKEND_DEBUG_PORT}:${BACKEND_DEBUG_PORT}" environment: - - JAVA_OPTIONS=${JAVA_OPTIONS} -Xdebug -agentlib:jdwp=transport=dt_socket,address=${BACKEND_DEBUG_PORT},server=y,suspend=n + - JAVA_OPTIONS=${JAVA_OPTIONS} -Xdebug -agentlib:jdwp=transport=dt_socket,address=*:${BACKEND_DEBUG_PORT},server=y,suspend=n sdc-workflow-frontend: ports: - "${FRONTEND_DEBUG_PORT}:${FRONTEND_DEBUG_PORT}" environment: - - JAVA_OPTIONS=${JAVA_OPTIONS} -Xdebug -agentlib:jdwp=transport=dt_socket,address=${FRONTEND_DEBUG_PORT},server=y,suspend=n
\ No newline at end of file + - JAVA_OPTIONS=${JAVA_OPTIONS} -Xdebug -agentlib:jdwp=transport=dt_socket,address=*:${FRONTEND_DEBUG_PORT},server=y,suspend=n @@ -49,7 +49,7 @@ <sonar.coverage.jacoco.xmlReportPaths> ${project.reporting.outputDirectory}/jacoco-ut/jacoco.xml </sonar.coverage.jacoco.xmlReportPaths> - <docker.api.version>1.41</docker.api.version> + <docker.api.version>1.41</docker.api.version> <checkstyle.skip>true</checkstyle.skip> </properties> diff --git a/sdc-workflow-designer-be/pom.xml b/sdc-workflow-designer-be/pom.xml index c601f2d3..61515f64 100644 --- a/sdc-workflow-designer-be/pom.xml +++ b/sdc-workflow-designer-be/pom.xml @@ -14,8 +14,8 @@ </parent> <properties> - <spring.boot.version>2.1.18.RELEASE</spring.boot.version> - <org.springframework.version>5.1.19.RELEASE</org.springframework.version> + <spring.boot.version>2.2.13.RELEASE</spring.boot.version> + <org.springframework.version>5.2.22.RELEASE</org.springframework.version> <mapstruct.version>1.3.1.Final</mapstruct.version> <lombok.version>1.18.0</lombok.version> <springfox.version>3.0.0</springfox.version> @@ -24,6 +24,7 @@ <mockito.version>3.7.7</mockito.version> <springframework.plugin.version>2.0.0.RELEASE</springframework.plugin.version> <zusammen.version>1.0.2</zusammen.version> + <sdc-be-common.version>1.7.1</sdc-be-common.version> </properties> <dependencyManagement> @@ -52,8 +53,101 @@ </dependency> <dependency> <groupId>org.springframework</groupId> + <artifactId>spring-beans</artifactId> + <version>${org.springframework.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-tx</artifactId> + <version>${org.springframework.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + <version>${org.springframework.version}</version> + <exclusions> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-aop</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-webmvc</artifactId> + <version>${org.springframework.version}</version> + <exclusions> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-aop</artifactId> + </exclusion> + </exclusions> + </dependency> + <!-- bridge jck to slf4j --> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + <version>1.7.36</version> + </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + <version>${org.springframework.version}</version> + <exclusions> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-jcl</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <version>${org.springframework.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-jcl</artifactId> + <version>${org.springframework.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-aop</artifactId> + <version>${org.springframework.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-expression</artifactId> + <version>${org.springframework.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-dao</artifactId> + <version>2.0.8</version> + <exclusions> + <exclusion> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.springframework</groupId> <artifactId>spring-web</artifactId> <version>${org.springframework.version}</version> + <exclusions> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-beans</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.springframework.boot</groupId> @@ -67,6 +161,14 @@ <groupId>org.springframework</groupId> <artifactId>spring-web</artifactId> </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-webmvc</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -121,17 +223,47 @@ <groupId>io.netty</groupId> <artifactId>netty-handler</artifactId> </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-tx</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-beans</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-expression</artifactId> + </exclusion> </exclusions> </dependency> <dependency> <groupId>io.netty</groupId> <artifactId>netty-handler</artifactId> - <version>4.1.75.Final</version> + <version>4.1.80.Final</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-devtools</artifactId> <scope>runtime</scope> + <exclusions> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.springframework.boot</groupId> @@ -146,6 +278,14 @@ <groupId>junit</groupId> <artifactId>junit</artifactId> </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -167,6 +307,20 @@ <groupId>org.springframework.plugin</groupId> <artifactId>spring-plugin-core</artifactId> <version>${springframework.plugin.version}</version> + <exclusions> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-beans</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-aop</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.springframework.plugin</groupId> @@ -192,6 +346,7 @@ <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> + <version>1.2.11</version> <scope>runtime</scope> </dependency> <dependency> @@ -226,6 +381,16 @@ <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-actuator</artifactId> <scope>provided</scope> + <exclusions> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.apache.commons</groupId> @@ -245,7 +410,7 @@ <dependency> <groupId>org.onap.sdc.sdc-be-common</groupId> <artifactId>session-lib</artifactId> - <version>1.6.0</version> + <version>${sdc-be-common.version}</version> <exclusions> <exclusion> <artifactId>objenesis</artifactId> @@ -265,7 +430,7 @@ <dependency> <groupId>org.onap.sdc.sdc-be-common</groupId> <artifactId>versioning-lib</artifactId> - <version>1.6.0</version> + <version>${sdc-be-common.version}</version> <exclusions> <exclusion> <groupId>org.springframework.boot</groupId> @@ -276,7 +441,7 @@ <dependency> <groupId>org.onap.sdc.sdc-be-common</groupId> <artifactId>zusammen-lib</artifactId> - <version>1.6.0</version> + <version>${sdc-be-common.version}</version> <exclusions> <exclusion> <groupId>org.springframework.boot</groupId> diff --git a/sdc-workflow-designer-ui/pom.xml b/sdc-workflow-designer-ui/pom.xml index 81614f40..b054b091 100644 --- a/sdc-workflow-designer-ui/pom.xml +++ b/sdc-workflow-designer-ui/pom.xml @@ -32,10 +32,9 @@ <properties> <jest.command /> - <jetty.version>9.4.45.v20220203</jetty.version> + <jetty.version>9.4.48.v20220622</jetty.version> </properties> - <dependencies> <dependency> <groupId>org.eclipse.jetty</groupId> @@ -51,7 +50,7 @@ <dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> - <version>3.0.1</version> + <version>4.0.1</version> <scope>provided</scope> </dependency> <dependency> |