From: Lee, Tian (tl5884) <TianL@amdocs.com>
Date: Wed, 12 Sep 2018 14:52:57 +0000 (+0100)
Subject: Fix NexusIQ security vulnerabilities
X-Git-Tag: 1.3.0~5
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=aai%2Fbabel.git;a=commitdiff_plain;h=c2e3e7567a82249b193a6532ffd00b90a8724aaa

Fix NexusIQ security vulnerabilities

- Update oparent version to 1.2.0
- Remove explicit Guava dependency (not used)
- Update commons-compress version to latest (1.18)

Change-Id: Ic76e7ee7634fa8f410583a9019c59b86f1f180b4
Issue-ID: AAI-1291
Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
---

diff --git a/pom.xml b/pom.xml
index e63b674..c2d2678 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@
 	<parent>
 		<groupId>org.onap.oparent</groupId>
 		<artifactId>oparent</artifactId>
-		<version>1.1.0</version>
+		<version>1.2.0</version>
 		<relativePath />
 	</parent>
 
@@ -54,7 +54,7 @@
 		<!-- Dependency Versions -->
 		<common.logging.version>1.2.2</common.logging.version>
 		<sdc.tosca.version>1.4.1</sdc.tosca.version>
-		<commons.compress.version>1.16.1</commons.compress.version>
+		<commons.compress.version>1.18</commons.compress.version>
 		<javax.ws.rs.version>2.1</javax.ws.rs.version>
 		<mvn.jaxb2.version>0.13.2</mvn.jaxb2.version>
 		<aai-schema.group.id>org.onap.aai.aai-common</aai-schema.group.id>
@@ -64,7 +64,6 @@
 		<sdc.distribution.client.version>1.3.0</sdc.distribution.client.version>
 		<xmlunit.version>1.6</xmlunit.version>
 		<logback.version>1.2.3</logback.version>
-		<guava.version>25.1-jre</guava.version>
 		<antrun.version>1.8</antrun.version>
 	</properties>
 
@@ -105,7 +104,6 @@
 			<artifactId>logback-core</artifactId>
 			<version>${logback.version}</version><!--$NO-MVN-MAN-VER$-->
 		</dependency>
-
 		<dependency>
 			<groupId>commons-codec</groupId>
 			<artifactId>commons-codec</artifactId>
@@ -129,18 +127,11 @@
 			<groupId>org.codehaus.groovy</groupId>
 			<artifactId>groovy-all</artifactId>
 		</dependency>
-
 		<dependency>
 			<groupId>org.onap.sdc.sdc-tosca</groupId>
 			<artifactId>sdc-tosca</artifactId>
 			<version>${sdc.tosca.version}</version>
 		</dependency>
-		<dependency>
-			<groupId>com.google.guava</groupId>
-			<artifactId>guava</artifactId>
-			<version>${guava.version}</version>
-		</dependency>
-
 		<dependency>
 			<groupId>org.onap.aai</groupId>
 			<artifactId>rest-client</artifactId>