<parent>
<groupId>org.onap.oparent</groupId>
<artifactId>oparent</artifactId>
- <version>1.2.0</version>
+ <version>1.2.2</version>
<relativePath/>
</parent>
<build>
</dependencies>
</plugin>
+ <!-- prevent SNAPSHOT dependencies -->
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-enforcer-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>enforce-no-snapshots</id>
+ <goals>
+ <goal>enforce</goal>
+ </goals>
+ <configuration>
+ <rules>
+ <requireReleaseDeps>
+ <message>No Snapshots Allowed!</message>
+ <excludes>
+ <exclude>org.onap.aaf.authz:aaf-cadi-client</exclude>
+ <exclude>org.onap.aaf.authz:aaf-misc-env</exclude>
+ <exclude>org.onap.aaf.authz:aaf-cadi-aaf</exclude>
+ <exclude>org.onap.aaf.authz:aaf-auth-client</exclude>
+ <exclude>org.onap.aaf.authz:aaf-cadi-core</exclude>
+ <exclude>org.onap.aaf.authz:aaf-misc-rosetta</exclude>
+ </excludes>
+ </requireReleaseDeps>
+ </rules>
+ <fail>true</fail>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+
</plugins>
<pluginManagement>
<plugins>
<dependency>
<groupId>org.onap.aaf.authz</groupId>
<artifactId>aaf-cadi-aaf</artifactId>
- <version>2.1.2-SNAPSHOT</version>
+ <version>2.1.7</version>
<classifier>full</classifier>
</dependency>
<dependency>
<artifactId>jackson-annotations</artifactId>
<version>${jackson.version}</version>
</dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
-<!-- for DMAAP-205, a point release on the common version
- addresses a security issue. Note the add notation here
- -->
- <version>${jackson.version}.1</version>
- </dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-yaml</artifactId>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
- <version>1.2.0</version>
+ <version>1.2.3</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
- <version>1.2.0</version>
+ <version>1.2.3</version>
+ </dependency>
+<!-- DMAAP-656:
+ - override this dependency because it utilized a third party
+ - lib called com.google.guava:20.0 which had severe security threat identified.
+ -->
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <version>24.1.1-jre</version>
</dependency>
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-core</artifactId>
- <version>1.5.13</version>
+ <version>${swagger.version}</version>
</dependency>
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-jersey2-jaxrs</artifactId>
- <version>1.5.13</version>
+ <version>${swagger.version}</version>
</dependency>
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-annotations</artifactId>
- <version>1.5.13</version>
+ <version>${swagger.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.containers</groupId>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
- <version>1.6</version>
+ <version>1.11</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.postgresql/postgresql -->
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
- <version>9.4.1208.jre7</version>
+ <version>42.2.5</version>
</dependency>
<dependency>
<groupId>com.att.eelf</groupId>
</site>
</distributionManagement>
<properties>
- <jackson.version>2.8.11</jackson.version>
+ <swagger.version>1.5.19</swagger.version>
+ <jackson.version>2.9.5</jackson.version>
<jersey.version>2.26</jersey.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <jettyVersion>9.3.9.v20160517</jettyVersion>
- <eelf.version>0.0.1</eelf.version>
- <artifact.version>1.0.14-SNAPSHOT</artifact.version>
+ <jettyVersion>9.4.12.RC2</jettyVersion>
+ <eelf.version>1.0.0</eelf.version>
+ <artifact.version>1.0.23-SNAPSHOT</artifact.version>
<!-- SONAR -->
<jacoco.version>0.7.7.201606060606</jacoco.version>
<sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>