From 41c8b867dc2057933fce671f8c85e3b11385ea1d Mon Sep 17 00:00:00 2001
From: jitendra007 <jitendra.sharma1@huawei.com>
Date: Wed, 12 Aug 2020 11:17:53 +0530
Subject: fix snakeyaml vulnerability

Issue-ID: VNFSDK-584

Signed-off-by: jitendra007 <jitendra.sharma1@huawei.com>
Change-Id: Id91ed81d3b104e507eefc242a59e19918564233c
---
 csarvalidation/pom.xml                                                | 2 +-
 .../src/test/java/org/onap/validation/yaml/YamlFileValidatorTest.java | 3 +--
 .../src/test/java/org/onap/validation/yaml/YamlLoaderTest.java        | 4 ++--
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/csarvalidation/pom.xml b/csarvalidation/pom.xml
index 389997d..3dbbf9e 100644
--- a/csarvalidation/pom.xml
+++ b/csarvalidation/pom.xml
@@ -49,7 +49,7 @@
     <dependency>
       <groupId>org.yaml</groupId>
       <artifactId>snakeyaml</artifactId>
-      <version>1.18</version>
+      <version>1.26</version>
     </dependency>
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
diff --git a/csarvalidation/src/test/java/org/onap/validation/yaml/YamlFileValidatorTest.java b/csarvalidation/src/test/java/org/onap/validation/yaml/YamlFileValidatorTest.java
index d29b41a..f89cc68 100644
--- a/csarvalidation/src/test/java/org/onap/validation/yaml/YamlFileValidatorTest.java
+++ b/csarvalidation/src/test/java/org/onap/validation/yaml/YamlFileValidatorTest.java
@@ -86,13 +86,12 @@ public class YamlFileValidatorTest {
     public void shouldThrowErrorWhenGivenPathToInvalidPmDictionaryFile() {
         // given
         String path = getFullPathForGivenResources(YamlLoadingUtils.PATH_TO_MULTI_DOCUMENT_INVALID_YAML);
-
         // when  then
         assertThatThrownBy(() ->
             new YamlFileValidator().validateYamlFileWithSchema(path)
         ).isInstanceOf(ParserException.class)
             .hasMessageContaining(
-                "expected the node content, but found DocumentEnd"
+                "expected the node content, but found '<document end>'"
             );
     }
 
diff --git a/csarvalidation/src/test/java/org/onap/validation/yaml/YamlLoaderTest.java b/csarvalidation/src/test/java/org/onap/validation/yaml/YamlLoaderTest.java
index 9e7af5d..e8bc7c1 100644
--- a/csarvalidation/src/test/java/org/onap/validation/yaml/YamlLoaderTest.java
+++ b/csarvalidation/src/test/java/org/onap/validation/yaml/YamlLoaderTest.java
@@ -65,7 +65,7 @@ public class YamlLoaderTest {
         // when then
         assertThatThrownBy(YamlLoadingUtils::tryToLoadMultiDocumentInvalidYamlFile
         ).isInstanceOf(ParserException.class)
-            .hasMessageContaining("expected the node content, but found DocumentEnd");
+            .hasMessageContaining("expected the node content, but found '<document end>'");
     }
 
     @Test
@@ -73,7 +73,7 @@ public class YamlLoaderTest {
         // when then
         assertThatThrownBy(YamlLoadingUtils::tryToLoadMultiDocumentInvalidYamlFileUsingStringPath
         ).isInstanceOf(ParserException.class)
-            .hasMessageContaining("expected the node content, but found DocumentEnd");
+            .hasMessageContaining("expected the node content, but found '<document end>'");
     }
 
 }
-- 
cgit 1.2.3-korg