Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
============LICENSE_END============================================
ECOMP is a trademark and service mark of AT&T Intellectual Property.
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.onap.dmaap.dbcapi</groupId>
<artifactId>dbcapi</artifactId>
<parent>
<groupId>org.onap.oparent</groupId>
<artifactId>oparent</artifactId>
- <version>1.1.0</version>
- <relativePath />
+ <version>1.2.0</version>
+ <relativePath/>
</parent>
<build>
<finalName>dbcapi</finalName>
</dependencies>
</plugin>
+ <!-- prevent SNAPSHOT dependencies -->
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-enforcer-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>enforce-no-snapshots</id>
+ <goals>
+ <goal>enforce</goal>
+ </goals>
+ <configuration>
+ <rules>
+ <requireReleaseDeps>
+ <message>No Snapshots Allowed!</message>
+ <excludes>
+ <exclude>org.onap.aaf.authz:aaf-cadi-client</exclude>
+ <exclude>org.onap.aaf.authz:aaf-misc-env</exclude>
+ <exclude>org.onap.aaf.authz:aaf-cadi-aaf</exclude>
+ <exclude>org.onap.aaf.authz:aaf-auth-client</exclude>
+ <exclude>org.onap.aaf.authz:aaf-cadi-core</exclude>
+ <exclude>org.onap.aaf.authz:aaf-misc-rosetta</exclude>
+ </excludes>
+ </requireReleaseDeps>
+ </rules>
+ <fail>true</fail>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+
</plugins>
<pluginManagement>
<plugins>
</goals>
</pluginExecutionFilter>
<action>
- <ignore />
+ <ignore/>
</action>
</pluginExecution>
</pluginExecutions>
<dependency>
<groupId>org.onap.aaf.authz</groupId>
<artifactId>aaf-cadi-aaf</artifactId>
- <version>2.1.2-SNAPSHOT</version>
+ <version>2.1.5-SNAPSHOT</version>
<classifier>full</classifier>
</dependency>
<dependency>
<artifactId>jackson-annotations</artifactId>
<version>${jackson.version}</version>
</dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
-<!-- for DMAAP-205, a point release on the common version
- addresses a security issue. Note the add notation here
- <version>${jackson.version}.1</version>
- -->
- <version>${jackson.version}</version>
- </dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-yaml</artifactId>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
- <version>1.2.0</version>
+ <version>1.2.3</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
- <version>1.2.0</version>
+ <version>1.2.3</version>
</dependency>
<!-- DMAAP-656:
- - removed this dependency because it utilized a third party
- - lib called com.google.guava:20.0 which had severe threat identified.
- - build code without this dependency and it seemed to work, so perhaps it
- - is not needed?
+ - override this dependency because it utilized a third party
+ - lib called com.google.guava:20.0 which had severe security threat identified.
+ -->
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <version>24.1.1-jre</version>
+ </dependency>
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-core</artifactId>
<version>${swagger.version}</version>
</dependency>
- -->
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-jersey2-jaxrs</artifactId>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
- <version>9.4.1208.jre7</version>
+ <version>42.2.5</version>
</dependency>
<dependency>
<groupId>com.att.eelf</groupId>
<jersey.version>2.26</jersey.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<jettyVersion>9.3.8.RC0</jettyVersion>
- <eelf.version>0.0.1</eelf.version>
- <artifact.version>1.0.15-SNAPSHOT</artifact.version>
+ <eelf.version>1.0.0</eelf.version>
+ <artifact.version>1.0.17-SNAPSHOT</artifact.version>
<!-- SONAR -->
<jacoco.version>0.7.7.201606060606</jacoco.version>
<sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
Code Review / dmaap / dbcapi.git / blobdiff