diff options
| author |   ChrisC <christophe.closset@intl.att.com> | 2021-05-07 12:38:57 +0200 |
|---|---|---|
| committer | ChrisC <christophe.closset@intl.att.com> | 2021-05-07 12:38:57 +0200 |
| commit | a6dcb0487d3efa67e73285623062d700c7ef9cfa (patch) | |
| tree | 147b0d5bba9cc3e3c13e07dd6c4a74456823b167 | |
| parent | 303bb319e73431fb47a1a13169a8d95ee6f58ac0 (diff) | |
Update vulnerable package dependencies
Update version to 1.9.0
Update vulnerable packages
Fix dependency conflicts
Issue-ID: SDC-3572
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Change-Id: I2dfac9340555ff41bb8b977bd28d0ed861c19125
8 files changed, 87 insertions, 22 deletions
@@ -29,7 +29,7 @@ <groupId>org.onap.sdc.sdc-workflow-designer</groupId> <artifactId>sdc-workflow-designer-parent</artifactId> <name>sdc-sdc-workflow-designer</name> - <version>1.8.0-SNAPSHOT</version> + <version>1.9.0-SNAPSHOT</version> <packaging>pom</packaging> <properties> diff --git a/sdc-workflow-designer-be/pom.xml b/sdc-workflow-designer-be/pom.xml index a25d2fbd..e7be72bf 100644 --- a/sdc-workflow-designer-be/pom.xml +++ b/sdc-workflow-designer-be/pom.xml @@ -10,14 +10,14 @@ <parent> <groupId>org.onap.sdc.sdc-workflow-designer</groupId> <artifactId>sdc-workflow-designer-parent</artifactId> - <version>1.8.0-SNAPSHOT</version> + <version>1.9.0-SNAPSHOT</version> </parent> <properties> - <spring.boot.version>2.1.0.RELEASE</spring.boot.version> + <spring.boot.version>2.3.10.RELEASE</spring.boot.version> <mapstruct.version>1.3.1.Final</mapstruct.version> <lombok.version>1.18.0</lombok.version> - <springfox.version>2.8.0</springfox.version> + <springfox.version>3.0.0</springfox.version> <jaxb.api.version>2.3.0</jaxb.api.version> </properties> @@ -50,7 +50,33 @@ </dependency> <dependency> <groupId>org.springframework.boot</groupId> + <artifactId>spring-boot-starter-validation</artifactId> + </dependency> + <dependency> + <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-cassandra</artifactId> + <exclusions> + <exclusion> + <artifactId>HdrHistogram</artifactId> + <groupId>org.hdrhistogram</groupId> + </exclusion> + <exclusion> + <artifactId>asm</artifactId> + <groupId>org.ow2.asm</groupId> + </exclusion> + <exclusion> + <artifactId>asm-analysis</artifactId> + <groupId>org.ow2.asm</groupId> + </exclusion> + <exclusion> + <artifactId>asm-commons</artifactId> + <groupId>org.ow2.asm</groupId> + </exclusion> + <exclusion> + <artifactId>asm-tree</artifactId> + <groupId>org.ow2.asm</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.springframework.boot</groupId> @@ -61,15 +87,16 @@ <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>asm</artifactId> + <groupId>org.ow2.asm</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>io.springfox</groupId> - <artifactId>springfox-swagger-ui</artifactId> - <version>${springfox.version}</version> - </dependency> - <dependency> - <groupId>io.springfox</groupId> - <artifactId>springfox-swagger2</artifactId> + <artifactId>springfox-boot-starter</artifactId> <version>${springfox.version}</version> </dependency> <dependency> @@ -96,6 +123,13 @@ <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> + <version>4.5.13</version> + <exclusions> + <exclusion> + <artifactId>commons-codec</artifactId> + <groupId>commons-codec</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.mapstruct</groupId> @@ -127,17 +161,23 @@ <dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> - <version>2.6</version> + <version>2.8.0</version> </dependency> <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> - <version>1.9</version> + <version>1.15</version> </dependency> <dependency> <groupId>org.onap.sdc.sdc-be-common</groupId> <artifactId>session-lib</artifactId> <version>1.6.0</version> + <exclusions> + <exclusion> + <artifactId>objenesis</artifactId> + <groupId>org.objenesis</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.onap.sdc.sdc-be-common</groupId> @@ -159,6 +199,22 @@ <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-cassandra</artifactId> </exclusion> + <exclusion> + <artifactId>jnr-posix</artifactId> + <groupId>com.github.jnr</groupId> + </exclusion> + <exclusion> + <artifactId>jnr-ffi</artifactId> + <groupId>com.github.jnr</groupId> + </exclusion> + <exclusion> + <artifactId>zusammen-sdk</artifactId> + <groupId>com.amdocs.zusammen</groupId> + </exclusion> + <exclusion> + <artifactId>zusammen-commons-configuration</artifactId> + <groupId>com.amdocs.zusammen</groupId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/sdc-workflow-designer-be/src/main/java/org/onap/sdc/workflow/api/swagger/UserIdReader.java b/sdc-workflow-designer-be/src/main/java/org/onap/sdc/workflow/api/swagger/UserIdReader.java index d16c9407..0bcac29f 100644 --- a/sdc-workflow-designer-be/src/main/java/org/onap/sdc/workflow/api/swagger/UserIdReader.java +++ b/sdc-workflow-designer-be/src/main/java/org/onap/sdc/workflow/api/swagger/UserIdReader.java @@ -19,7 +19,7 @@ package org.onap.sdc.workflow.api.swagger; import static org.onap.sdc.workflow.api.RestParams.USER_ID_HEADER; import com.fasterxml.classmate.TypeResolver; -import com.google.common.base.Optional; +import java.util.Optional; import org.onap.sdc.workflow.services.annotations.UserId; import org.springframework.core.annotation.Order; import org.springframework.stereotype.Component; diff --git a/sdc-workflow-designer-be/src/main/java/org/onap/sdc/workflow/server/config/SwaggerConfig.java b/sdc-workflow-designer-be/src/main/java/org/onap/sdc/workflow/server/config/SwaggerConfig.java index a2eca63a..d6f2e3e1 100644 --- a/sdc-workflow-designer-be/src/main/java/org/onap/sdc/workflow/server/config/SwaggerConfig.java +++ b/sdc-workflow-designer-be/src/main/java/org/onap/sdc/workflow/server/config/SwaggerConfig.java @@ -23,10 +23,8 @@ import org.springframework.context.annotation.Configuration; import springfox.documentation.builders.RequestHandlerSelectors; import springfox.documentation.spi.DocumentationType; import springfox.documentation.spring.web.plugins.Docket; -import springfox.documentation.swagger2.annotations.EnableSwagger2; @Configuration -@EnableSwagger2 public class SwaggerConfig { @Bean diff --git a/sdc-workflow-designer-be/src/test/java/org/onap/sdc/workflow/api/swagger/UserIdReaderTest.java b/sdc-workflow-designer-be/src/test/java/org/onap/sdc/workflow/api/swagger/UserIdReaderTest.java index 6899e984..b82cb438 100644 --- a/sdc-workflow-designer-be/src/test/java/org/onap/sdc/workflow/api/swagger/UserIdReaderTest.java +++ b/sdc-workflow-designer-be/src/test/java/org/onap/sdc/workflow/api/swagger/UserIdReaderTest.java @@ -23,7 +23,7 @@ import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; import com.fasterxml.classmate.TypeResolver; -import com.google.common.base.Optional; +import java.util.Optional; import java.lang.annotation.Annotation; import org.junit.Test; import org.junit.runner.RunWith; @@ -60,7 +60,7 @@ public class UserIdReaderTest { @Test public void shouldNotCallToParameterBuilderIfUserIdAnnotationNotFound() { when(parameterContext.resolvedMethodParameter()).thenReturn(resolvedMethodParameter); - when(resolvedMethodParameter.findAnnotation(UserId.class)).thenReturn(Optional.absent()); + when(resolvedMethodParameter.findAnnotation(UserId.class)).thenReturn(Optional.empty()); userIdReader.apply(parameterContext); verify(parameterContext, times(0)).parameterBuilder(); } @@ -70,7 +70,7 @@ public class UserIdReaderTest { doReturn(resolvedMethodParameter).when(parameterContext).resolvedMethodParameter(); doReturn(parameterBuilder).when(parameterContext).parameterBuilder(); - doReturn(parameterBuilder).when(parameterBuilder).parameterType(any()); + doReturn(parameterBuilder).when(parameterBuilder).parameterType((String)(any())); doReturn(parameterBuilder).when(parameterBuilder).name(any()); doReturn(parameterBuilder).when(parameterBuilder).type(any()); doReturn(Optional.of(USER_ID_ANNOTATION)).when(resolvedMethodParameter).findAnnotation(UserId.class); diff --git a/sdc-workflow-designer-init/pom.xml b/sdc-workflow-designer-init/pom.xml index a665e1a5..178a2dd6 100644 --- a/sdc-workflow-designer-init/pom.xml +++ b/sdc-workflow-designer-init/pom.xml @@ -10,7 +10,7 @@ <parent> <groupId>org.onap.sdc.sdc-workflow-designer</groupId> <artifactId>sdc-workflow-designer-parent</artifactId> - <version>1.8.0-SNAPSHOT</version> + <version>1.9.0-SNAPSHOT</version> </parent> <profiles> diff --git a/sdc-workflow-designer-ui/pom.xml b/sdc-workflow-designer-ui/pom.xml index 887267b4..4cfc8d15 100644 --- a/sdc-workflow-designer-ui/pom.xml +++ b/sdc-workflow-designer-ui/pom.xml @@ -27,7 +27,7 @@ <parent> <groupId>org.onap.sdc.sdc-workflow-designer</groupId> <artifactId>sdc-workflow-designer-parent</artifactId> - <version>1.8.0-SNAPSHOT</version> + <version>1.9.0-SNAPSHOT</version> </parent> <properties> @@ -39,7 +39,13 @@ <dependency> <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-proxy</artifactId> - <version>9.4.18.v20190429</version> + <version>9.4.40.v20210413</version> + <exclusions> + <exclusion> + <artifactId>jetty-http</artifactId> + <groupId>org.eclipse.jetty</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>javax.servlet</groupId> @@ -47,6 +53,11 @@ <version>3.0.1</version> <scope>provided</scope> </dependency> + <dependency> + <groupId>org.eclipse.jetty</groupId> + <artifactId>jetty-http</artifactId> + <version>9.4.40.v20210413</version> + </dependency> </dependencies> <build> diff --git a/version.properties b/version.properties index 11f03832..0986d1f0 100644 --- a/version.properties +++ b/version.properties @@ -3,7 +3,7 @@ # because they are used in Jenkins, whose plug-in doesn't support major=1 -minor=8 +minor=9 patch=0 base_version=${major}.${minor}.${patch} |