Refer io.netty from policy/parent

author Ram Krishna Verma <ram_krishna.verma@bell.ca>

Fri, 3 Apr 2020 18:26:15 +0000 (14:26 -0400)

committer Ram Krishna Verma <ram_krishna.verma@bell.ca>

Fri, 3 Apr 2020 18:26:22 +0000 (14:26 -0400)
author Ram Krishna Verma <ram_krishna.verma@bell.ca>
Fri, 3 Apr 2020 18:26:15 +0000 (14:26 -0400)
committer Ram Krishna Verma <ram_krishna.verma@bell.ca>
Fri, 3 Apr 2020 18:26:22 +0000 (14:26 -0400)
diff --git a/plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml b/plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml

index b963a4b..34aa8c8 100644 (file)
--- a/plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml
+++ b/plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml
@@ -2,6 +2,7 @@
    ============LICENSE_START=======================================================
     Copyright (C) 2018 Ericsson. All rights reserved.
     Modifications Copyright (C) 2019 Nordix Foundation.
+   Modifications Copyright (C) 2020 Bell Canada.
    ================================================================================
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
@@ -63,8 +64,17 @@
                      <groupId>org.slf4j</groupId>
                      <artifactId>slf4j-log4j12</artifactId>
                  </exclusion>
+                <exclusion>
+                    <groupId>io.netty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
              </exclusions>
          </dependency>
+        <!-- This netty version fixes the vulnerabilities -->
+        <dependency>
+            <groupId>io.netty</groupId>
+            <artifactId>netty-all</artifactId>
+        </dependency>
      </dependencies>
  
      <profiles>
diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml

index 7265127..e652460 100644 (file)
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
@@ -1,6 +1,7 @@
  <!--
    ============LICENSE_START=======================================================
     Copyright (C) 2018 Ericsson. All rights reserved.
+   Modifications Copyright (C) 2020 Bell Canada.
    ================================================================================
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
@@ -48,7 +49,6 @@
          <dependency>
              <groupId>io.netty</groupId>
              <artifactId>netty-all</artifactId>
-            <version>4.1.25.Final</version>
          </dependency>
      </dependencies>
      
diff --git a/pom.xml b/pom.xml

index aea2462..5b21c21 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -3,6 +3,7 @@
     Copyright (C) 2018 Ericsson. All rights reserved.
     Modifications Copyright (C) 2019-2020 Nordix Foundation.
     Modifications Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
+   Modifications Copyright (C) 2020 Bell Canada.
    ================================================================================
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
@@ -26,7 +27,7 @@
      <parent>
          <groupId>org.onap.policy.parent</groupId>
          <artifactId>integration</artifactId>
-        <version>3.1.1</version>
+        <version>3.1.2-SNAPSHOT</version>
          <relativePath />
      </parent>
  
diff --git a/testsuites/integration/integration-uservice-test/pom.xml b/testsuites/integration/integration-uservice-test/pom.xml

index 6d2c29f..323b580 100644 (file)
--- a/testsuites/integration/integration-uservice-test/pom.xml
+++ b/testsuites/integration/integration-uservice-test/pom.xml
@@ -2,6 +2,7 @@
    ============LICENSE_START=======================================================
     Copyright (C) 2018 Ericsson. All rights reserved.
     Modifications Copyright (C) 2019-2020 Nordix Foundation.
+   Modifications Copyright (C) 2020 Bell Canada.
    ================================================================================
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
@@ -153,6 +154,18 @@
              <artifactId>kafka-junit4</artifactId>
              <version>3.0.1</version>
              <scope>test</scope>
+            <exclusions>
+            <!-- The default netty version in kafka-junit4 has vulnerabilities -->
+                <exclusion>
+                    <groupId>io.netty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <!-- This netty version fixes the vulnerabilities -->
+        <dependency>
+            <groupId>io.netty</groupId>
+            <artifactId>netty-all</artifactId>
          </dependency>
          <dependency>
              <groupId>org.apache.activemq.tooling</groupId>
author	Ram Krishna Verma <ram_krishna.verma@bell.ca>
	Fri, 3 Apr 2020 18:26:15 +0000 (14:26 -0400)
committer	Ram Krishna Verma <ram_krishna.verma@bell.ca>
	Fri, 3 Apr 2020 18:26:22 +0000 (14:26 -0400)
plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml		patch \| blob \| history
plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml		patch \| blob \| history
pom.xml		patch \| blob \| history
testsuites/integration/integration-uservice-test/pom.xml		patch \| blob \| history