Code Review / policy / apex-pdp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 4cfa2e2)
Try new version of JRuby 25/66625/1
authorliamfallon <liam.fallon@ericsson.com>
Fri, 14 Sep 2018 12:00:30 +0000 (13:00 +0100)
committerliamfallon <liam.fallon@ericsson.com>
Fri, 14 Sep 2018 12:00:42 +0000 (13:00 +0100)
We had to use an old versino of JRuby due to security issues.

A new version of JRuby was released in May, it
seems to have a lower vulnerability level when tested
using the "pom" test. Raising this review to check it
in CLM.

Change-Id: I77bf8bae4f7efe66d7e244d0ff9a52432b00a5ce
Issue-ID: POLICY-1065
Signed-off-by: liamfallon <liam.fallon@ericsson.com>
plugins/plugins-executor/plugins-executor-jruby/pom.xml patch | blob | history

diff --git a/plugins/plugins-executor/plugins-executor-jruby/pom.xml b/plugins/plugins-executor/plugins-executor-jruby/pom.xml
index 3399e15..0620dae 100644 (file)
--- a/plugins/plugins-executor/plugins-executor-jruby/pom.xml
+++ b/plugins/plugins-executor/plugins-executor-jruby/pom.xml
@@ -33,36 +33,8 @@
     <dependencies>
         <dependency>
             <groupId>org.jruby</groupId>
-            <artifactId>jruby</artifactId>
-            <version>9.1.2.0</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>org.jruby</groupId>
-                    <artifactId>dirgra</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.jruby</groupId>
-                    <artifactId>jruby-stdlib</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>com.github.jnr</groupId>
-                    <artifactId>jnr-posix</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>com.github.jnr</groupId>
-                    <artifactId>jffi</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-        <dependency>
-            <groupId>com.github.jnr</groupId>
-            <artifactId>jnr-posix</artifactId>
-            <version>3.0.45</version>
-        </dependency>
-        <dependency>
-            <groupId>com.github.jnr</groupId>
-            <artifactId>jffi</artifactId>
-            <version>1.2.10</version>
+            <artifactId>jruby-core</artifactId>
+            <version>9.2.0.0</version>
         </dependency>
     </dependencies>
 
This repo will hold the next generation Apex PDP engine (Casablanca)