Update dependencies for security vulnerabilities

[policy/parent.git] / integration / pom.xml

diff --git a/integration/pom.xml b/integration/pom.xml
index bc8f2be..78ec369 100644 (file)
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -27,7 +27,7 @@
     <parent>
         <groupId>org.onap.policy.parent</groupId>
         <artifactId>policy-parent</artifactId>
-        <version>3.6.0-SNAPSHOT</version>
+        <version>3.6.1-SNAPSHOT</version>
     </parent>
     <artifactId>integration</artifactId>
     <packaging>pom</packaging>
@@ -36,23 +36,22 @@
 
     <properties>
         <java.version>11</java.version>
-        <!-- NOTE: For RELEASE/SNAPSHOT always set to the project version -->
-        <version.parent.resources>3.5.3</version.parent.resources>
-        <version.logback>1.2.10</version.logback>
+        <!-- Note Well: For RELEASE/SNAPSHOT always set to the project version -->
+        <version.parent.resources>3.6.1-SNAPSHOT</version.parent.resources>
+        <version.logback>1.2.11</version.logback>
         <version.dmaap>1.1.12</version.dmaap>
         <version.powermock>2.0.9</version.powermock>
         <version.eclipselink>2.7.8</version.eclipselink>
-        <version.drools>7.68.0.Final</version.drools>
+        <version.drools>7.73.0.Final</version.drools>
         <version.jersey>2.33</version.jersey>
         <version.jackson>2.12.6</version.jackson>
-        <version.jackson.databind>2.12.6.1</version.jackson.databind>
+        <version.jackson.databind>2.14.0-rc1</version.jackson.databind>
         <version.ccsdk>1.1.5</version.ccsdk>
         <version.swagger>1.6.6</version.swagger>
         <version.javax.bind>2.3.1</version.javax.bind>
         <version.javax.json>1.1.4</version.javax.json>
         <version.netty>4.1.70.Final</version.netty>
-        <version.springboot>2.5.0</version.springboot>
-        <version.springboot.actuator>2.5.4</version.springboot.actuator>
+        <version.springboot>2.7.4</version.springboot>
         <version.hibernate.core>5.4.31.Final</version.hibernate.core>
         <version.eelf.core>1.0.0</version.eelf.core>
         <version.camel>3.7.3</version.camel>
@@ -63,7 +62,8 @@
         <version.jakarta-api>2.0.2</version.jakarta-api>
         <version.io.micrometer>1.7.3</version.io.micrometer>
         <version.io.prometheus>0.11.0</version.io.prometheus>
-        <version.postgres>42.3.3</version.postgres>
+        <version.postgres>42.5.0</version.postgres>
+        <version.kafka>3.0.0</version.kafka>
         <jacoco.dataFile>${project.basedir}/../target/code-coverage/jacoco-ut.exec</jacoco.dataFile>
         <repo.npm>https://nexus3.onap.org/repository/npm.public/npm/-/</repo.npm>
         <docker.pull.registry>nexus3.onap.org:10001</docker.pull.registry>
@@ -295,6 +295,20 @@
                 <version>${version.postgres}</version>
             </dependency>
 
+            <!-- Kafka -->
+            <dependency>
+                <groupId>org.apache.kafka</groupId>
+                <artifactId>kafka-clients</artifactId>
+                <version>${version.kafka}</version>
+                <exclusions>
+                    <!-- The default Zookeeper version in Kafka has vulnerabilities -->
+                    <exclusion>
+                        <groupId>org.apache.zookeeper</groupId>
+                        <artifactId>zookeeper</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+
             <!-- Prometheus Client Libraries -->
             <dependency>
                 <groupId>io.prometheus</groupId>
@@ -389,6 +403,11 @@
                 <artifactId>json</artifactId>
                 <version>20201115</version>
             </dependency>
+           <dependency>
+               <groupId>com.worldturner.medeia</groupId>
+               <artifactId>medeia-validator-gson</artifactId>
+               <version>1.1.1</version>
+           </dependency>
 
             <!-- Lombok -->
             <dependency>
@@ -519,7 +538,7 @@
             <dependency>
                 <groupId>org.yaml</groupId>
                 <artifactId>snakeyaml</artifactId>
-                <version>1.27</version>
+                <version>1.33</version>
             </dependency>
 
             <!-- Drools -->
@@ -968,6 +987,20 @@
                                                 <ignore />
                                             </action>
                                         </pluginExecution>
+                                        <pluginExecution>
+                                            <pluginExecutionFilter>
+                                                <groupId>org.apache.maven.plugins</groupId>
+                                                <artifactId>maven-remote-resources-plugin</artifactId>
+                                                <versionRange>3.0.0,)</versionRange>
+                                                <goals>
+                                                    <goal>bundle</goal>
+                                                    <goal>process</goal>
+                                                </goals>
+                                            </pluginExecutionFilter>
+                                            <action>
+                                                <ignore />
+                                            </action>
+                                        </pluginExecution>
                                         <pluginExecution>
                                             <pluginExecutionFilter>
                                                 <groupId>org.jacoco</groupId>
@@ -1317,7 +1350,7 @@
                 <plugin>
                     <groupId>io.fabric8</groupId>
                     <artifactId>docker-maven-plugin</artifactId>
-                    <version>0.34.1</version>
+                    <version>0.40.1</version>
                 </plugin>
                 <plugin>
                     <groupId>org.kie</groupId>