Update log4j version due to security vulnerability

[policy/parent.git] / integration / pom.xml

diff --git a/integration/pom.xml b/integration/pom.xml
index e1a1dc5..14e234d 100644 (file)
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -27,7 +27,7 @@
     <parent>
         <groupId>org.onap.policy.parent</groupId>
         <artifactId>policy-parent</artifactId>
-        <version>3.4.2-SNAPSHOT</version>
+        <version>3.5.1-SNAPSHOT</version>
     </parent>
     <artifactId>integration</artifactId>
     <packaging>pom</packaging>
@@ -37,7 +37,7 @@
     <properties>
         <java.version>11</java.version>
         <!-- NOTE: For RELEASE/SNAPSHOT always set to the project version -->
-        <version.parent.resources>3.4.2</version.parent.resources>
+        <version.parent.resources>3.5.1-SNAPSHOT</version.parent.resources>
         <version.logback>1.2.3</version.logback>
         <version.dmaap>1.1.12</version.dmaap>
         <version.powermock>2.0.9</version.powermock>
@@ -52,13 +52,14 @@
         <version.netty>4.1.67.Final</version.netty>
         <version.springboot>2.5.0</version.springboot>
         <version.eelf.core>1.0.0</version.eelf.core>
-        <version.camel>3.7.3</version.camel>
+        <version.camel>3.13.0</version.camel>
         <version.tomcat>9.0.45</version.tomcat>
         <version.mockserver>5.11.2</version.mockserver>
         <version.immutable>2.8.8</version.immutable>
         <version.springfox>3.0.0</version.springfox>
         <version.jakarta-api>2.0.2</version.jakarta-api>
         <version.io.micrometer>1.7.3</version.io.micrometer>
+        <version.io.prometheus>0.11.0</version.io.prometheus>
         <jacoco.dataFile>${project.basedir}/../target/code-coverage/jacoco-ut.exec</jacoco.dataFile>
         <repo.npm>https://nexus3.onap.org/repository/npm.public/npm/-/</repo.npm>
         <docker.pull.registry>nexus3.onap.org:10001</docker.pull.registry>
@@ -198,6 +199,23 @@
                 <version>2.7.1</version>
             </dependency>
 
+            <!-- Prometheus Client Libraries -->
+            <dependency>
+                <groupId>io.prometheus</groupId>
+                <artifactId>simpleclient</artifactId>
+                <version>${version.io.prometheus}</version>
+            </dependency>
+            <dependency>
+                <groupId>io.prometheus</groupId>
+                <artifactId>simpleclient_hotspot</artifactId>
+                <version>${version.io.prometheus}</version>
+            </dependency>
+            <dependency>
+                <groupId>io.prometheus</groupId>
+                <artifactId>simpleclient_servlet</artifactId>
+                <version>${version.io.prometheus}</version>
+            </dependency>
+
             <!-- Swagger Jersey2 JAXRS -->
             <dependency>
                 <groupId>io.swagger</groupId>
@@ -324,6 +342,14 @@
                         <groupId>io.springfox</groupId>
                         <artifactId>springfox-boot-starter</artifactId>
                     </exclusion>
+                    <exclusion>
+                        <groupId>org.apache.logging.log4j</groupId>
+                        <artifactId>log4j-api</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.apache.logging.log4j</groupId>
+                        <artifactId>log4j-to-slf4j</artifactId>
+                    </exclusion>
                 </exclusions>
             </dependency>
             <dependency>
@@ -331,6 +357,16 @@
                 <artifactId>json-smart</artifactId>
                 <version>2.4.7</version>
             </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-api</artifactId>
+                <version>2.16.0</version>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-to-slf4j</artifactId>
+                <version>2.16.0</version>
+            </dependency>
 
             <!-- AAF Client -->
             <dependency>