From 9bf89a232e97f9f9cbd71da9d8784cdf9b17004e Mon Sep 17 00:00:00 2001 From: vasraz Date: Wed, 7 Sep 2022 12:04:28 +0100 Subject: [PATCH] Update vulnerable dependencies Signed-off-by: Vasyl Razinkov Change-Id: I35281d3e8992e1eefd3a790189244a3e67d96f17 Issue-ID: SDC-4152 --- docker-compose/debug.yml | 4 +- pom.xml | 2 +- sdc-workflow-designer-be/pom.xml | 177 +++++++++++++++++++++++++++++++++++++-- sdc-workflow-designer-ui/pom.xml | 5 +- 4 files changed, 176 insertions(+), 12 deletions(-) diff --git a/docker-compose/debug.yml b/docker-compose/debug.yml index 62cacf82..72b1fe16 100644 --- a/docker-compose/debug.yml +++ b/docker-compose/debug.yml @@ -8,10 +8,10 @@ services: ports: - "${BACKEND_DEBUG_PORT}:${BACKEND_DEBUG_PORT}" environment: - - JAVA_OPTIONS=${JAVA_OPTIONS} -Xdebug -agentlib:jdwp=transport=dt_socket,address=${BACKEND_DEBUG_PORT},server=y,suspend=n + - JAVA_OPTIONS=${JAVA_OPTIONS} -Xdebug -agentlib:jdwp=transport=dt_socket,address=*:${BACKEND_DEBUG_PORT},server=y,suspend=n sdc-workflow-frontend: ports: - "${FRONTEND_DEBUG_PORT}:${FRONTEND_DEBUG_PORT}" environment: - - JAVA_OPTIONS=${JAVA_OPTIONS} -Xdebug -agentlib:jdwp=transport=dt_socket,address=${FRONTEND_DEBUG_PORT},server=y,suspend=n \ No newline at end of file + - JAVA_OPTIONS=${JAVA_OPTIONS} -Xdebug -agentlib:jdwp=transport=dt_socket,address=*:${FRONTEND_DEBUG_PORT},server=y,suspend=n diff --git a/pom.xml b/pom.xml index 04ffa345..30ccc453 100644 --- a/pom.xml +++ b/pom.xml @@ -49,7 +49,7 @@ ${project.reporting.outputDirectory}/jacoco-ut/jacoco.xml - 1.41 + 1.41 true diff --git a/sdc-workflow-designer-be/pom.xml b/sdc-workflow-designer-be/pom.xml index c601f2d3..61515f64 100644 --- a/sdc-workflow-designer-be/pom.xml +++ b/sdc-workflow-designer-be/pom.xml @@ -14,8 +14,8 @@ - 2.1.18.RELEASE - 5.1.19.RELEASE + 2.2.13.RELEASE + 5.2.22.RELEASE 1.3.1.Final 1.18.0 3.0.0 @@ -24,6 +24,7 @@ 3.7.7 2.0.0.RELEASE 1.0.2 + 1.7.1 @@ -50,10 +51,103 @@ jakarta.el ${org.glassfish.version} + + org.springframework + spring-beans + ${org.springframework.version} + + + org.springframework + spring-tx + ${org.springframework.version} + + + org.springframework + spring-context + ${org.springframework.version} + + + org.springframework + spring-aop + + + + + org.springframework + spring-webmvc + ${org.springframework.version} + + + org.springframework + spring-aop + + + + + + org.slf4j + jcl-over-slf4j + 1.7.36 + + + + org.springframework + spring-core + ${org.springframework.version} + + + org.springframework + spring-jcl + + + + + org.springframework + spring-test + ${org.springframework.version} + test + + + org.springframework + spring-jcl + ${org.springframework.version} + test + + + org.springframework + spring-aop + ${org.springframework.version} + + + org.springframework + spring-expression + ${org.springframework.version} + + + org.springframework + spring-dao + 2.0.8 + + + javax.servlet + servlet-api + + + org.springframework spring-web ${org.springframework.version} + + + org.springframework + spring-beans + + + org.springframework + spring-core + + org.springframework.boot @@ -67,6 +161,14 @@ org.springframework spring-web + + org.springframework + spring-core + + + org.springframework + spring-webmvc + @@ -121,17 +223,47 @@ io.netty netty-handler + + org.springframework + spring-tx + + + org.springframework + spring-context + + + org.springframework + spring-beans + + + org.springframework + spring-core + + + org.springframework + spring-expression + io.netty netty-handler - 4.1.75.Final + 4.1.80.Final org.springframework.boot spring-boot-devtools runtime + + + org.springframework + spring-core + + + org.springframework + spring-context + + org.springframework.boot @@ -146,6 +278,14 @@ junit junit + + org.springframework + spring-core + + + org.springframework + spring-test + @@ -167,6 +307,20 @@ org.springframework.plugin spring-plugin-core ${springframework.plugin.version} + + + org.springframework + spring-beans + + + org.springframework + spring-context + + + org.springframework + spring-aop + + org.springframework.plugin @@ -192,6 +346,7 @@ ch.qos.logback logback-classic + 1.2.11 runtime @@ -226,6 +381,16 @@ org.springframework.boot spring-boot-starter-actuator provided + + + org.springframework + spring-core + + + org.springframework + spring-context + + org.apache.commons @@ -245,7 +410,7 @@ org.onap.sdc.sdc-be-common session-lib - 1.6.0 + ${sdc-be-common.version} objenesis @@ -265,7 +430,7 @@ org.onap.sdc.sdc-be-common versioning-lib - 1.6.0 + ${sdc-be-common.version} org.springframework.boot @@ -276,7 +441,7 @@ org.onap.sdc.sdc-be-common zusammen-lib - 1.6.0 + ${sdc-be-common.version} org.springframework.boot diff --git a/sdc-workflow-designer-ui/pom.xml b/sdc-workflow-designer-ui/pom.xml index 81614f40..b054b091 100644 --- a/sdc-workflow-designer-ui/pom.xml +++ b/sdc-workflow-designer-ui/pom.xml @@ -32,10 +32,9 @@ - 9.4.45.v20220203 + 9.4.48.v20220622 - org.eclipse.jetty @@ -51,7 +50,7 @@ javax.servlet javax.servlet-api - 3.0.1 + 4.0.1 provided -- 2.16.6