Skip to content

Commit

Permalink
Updated dependencies and remove vulnerable dependency
Browse files Browse the repository at this point in the history 
Fixes #260
  • Loading branch information
@morazow
morazow committed Aug 8, 2023
1 parent e5b3a47 commit b97982e
Show file tree
Hide file tree
Showing 5 changed files with 70 additions and 24 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/broken_links_checker.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions doc/changes/changelog.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 40 additions & 0 deletions doc/changes/changes_2.7.3.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# Cloud Storage Extension 2.7.3, released 2023-??-??

Code name:

## Summary

## Security

* #260: Updated dependencies to fix security vulnerabilities

## Dependency Updates

### Compile Dependency Updates

* Updated `com.google.guava:guava:32.1.1-jre` to `32.1.2-jre`
* Updated `com.google.protobuf:protobuf-java:3.23.3` to `3.23.4`
* Updated `io.grpc:grpc-netty:1.56.1` to `1.57.1`
* Updated `io.netty:netty-handler:4.1.94.Final` to `4.1.96.Final`
* Updated `org.alluxio:alluxio-core-client-hdfs:300` to `302`
* Updated `org.apache.commons:commons-lang3:3.12.0` to `3.13.0`
* Updated `org.xerial.snappy:snappy-java:1.1.10.1` to `1.1.10.3`

### Test Dependency Updates

* Updated `com.exasol:exasol-testcontainers:6.6.0` to `6.6.1`
* Updated `nl.jqno.equalsverifier:equalsverifier:3.14.3` to `3.15.1`
* Updated `org.junit.jupiter:junit-jupiter-engine:5.9.3` to `5.10.0`

### Plugin Dependency Updates

* Updated `com.diffplug.spotless:spotless-maven-plugin:2.37.0` to `2.38.0`
* Updated `com.exasol:error-code-crawler-maven-plugin:1.2.3` to `1.3.0`
* Updated `com.exasol:project-keeper-maven-plugin:2.9.7` to `2.9.10`
* Updated `org.apache.maven.plugins:maven-assembly-plugin:3.5.0` to `3.6.0`
* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.0.0` to `3.1.2`
* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.0.0` to `3.1.2`
* Updated `org.basepom.maven:duplicate-finder-maven-plugin:1.5.1` to `2.0.1`
* Updated `org.codehaus.mojo:flatten-maven-plugin:1.4.1` to `1.5.0`
* Updated `org.codehaus.mojo:versions-maven-plugin:2.15.0` to `2.16.0`
* Updated `org.jacoco:jacoco-maven-plugin:0.8.9` to `0.8.10`
19 changes: 9 additions & 10 deletions pk_generated_parent.pom
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

32 changes: 18 additions & 14 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,14 @@
<modelVersion>4.0.0</modelVersion>
<groupId>com.exasol</groupId>
<artifactId>cloud-storage-extension</artifactId>
<version>2.7.2</version>
<version>2.7.3</version>
<name>Cloud Storage Extension</name>
<description>Exasol Cloud Storage Import And Export Extension</description>
<url>https://github.com/exasol/cloud-storage-extension/</url>
<parent>
<artifactId>cloud-storage-extension-generated-parent</artifactId>
<groupId>com.exasol</groupId>
<version>2.7.2</version>
<version>2.7.3</version>
<relativePath>pk_generated_parent.pom</relativePath>
</parent>
<properties>
Expand All @@ -33,27 +33,27 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.12.0</version>
<version>3.13.0</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>32.1.1-jre</version>
<version>32.1.2-jre</version>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-netty</artifactId>
<version>1.56.1</version>
<version>1.57.1</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-handler</artifactId>
<version>4.1.94.Final</version>
<version>4.1.96.Final</version>
</dependency>
<dependency>
<groupId>org.xerial.snappy</groupId>
<artifactId>snappy-java</artifactId>
<version>1.1.10.1</version>
<version>1.1.10.3</version>
</dependency>
<dependency>
<groupId>com.exasol</groupId>
Expand Down Expand Up @@ -265,12 +265,16 @@
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
</exclusion>
<exclusion>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.alluxio</groupId>
<artifactId>alluxio-core-client-hdfs</artifactId>
<version>300</version>
<version>302</version>
<exclusions>
<exclusion>
<groupId>log4j</groupId>
Expand Down Expand Up @@ -355,7 +359,7 @@
<dependency>
<groupId>com.google.protobuf</groupId>
<artifactId>protobuf-java</artifactId>
<version>3.23.3</version>
<version>3.23.4</version>
</dependency>
<dependency>
<groupId>com.google.cloud.bigdataoss</groupId>
Expand Down Expand Up @@ -527,7 +531,7 @@
<dependency>
<groupId>com.exasol</groupId>
<artifactId>exasol-testcontainers</artifactId>
<version>6.6.0</version>
<version>6.6.1</version>
<scope>test</scope>
</dependency>
<dependency>
Expand All @@ -545,13 +549,13 @@
<dependency>
<groupId>nl.jqno.equalsverifier</groupId>
<artifactId>equalsverifier</artifactId>
<version>3.14.3</version>
<version>3.15.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<version>5.9.3</version>
<version>5.10.0</version>
<scope>test</scope>
</dependency>
<dependency>
Expand Down Expand Up @@ -756,7 +760,7 @@
<plugin>
<groupId>com.exasol</groupId>
<artifactId>project-keeper-maven-plugin</artifactId>
<version>2.9.7</version>
<version>2.9.10</version>
<executions>
<execution>
<goals>
Expand Down Expand Up @@ -809,7 +813,7 @@
<plugin>
<groupId>com.diffplug.spotless</groupId>
<artifactId>spotless-maven-plugin</artifactId>
<version>2.37.0</version>
<version>2.38.0</version>
<configuration>
<scala>
<scalafmt>
Expand Down

0 comments on commit b97982e

Please sign in to comment.