Skip to content

Commit

Permalink
Upgrade version of jackson_databind and commons_codec as per twistlock (
Browse files Browse the repository at this point in the history
#308)

scan report

Co-authored-by: Silpi Dhua <[email protected]>
  • Loading branch information
silpidhua and Silpi Dhua authored Jun 2, 2022
1 parent a61b6cc commit d9d6322
Showing 1 changed file with 33 additions and 2 deletions.
35 changes: 33 additions & 2 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -65,11 +65,11 @@
<hadoop.version>3.2.3</hadoop.version>
<junit.version>4.13.1</junit.version>
<jackson.version>1.9.13</jackson.version>
<httpcomponents.httpcore.version>4.4.11</httpcomponents.httpcore.version>
<httpcomponents.httpcore.version>4.4.14</httpcomponents.httpcore.version>
<httpcomponents.client5.version>5.0.3</httpcomponents.client5.version>
<powermock.version>2.0.2</powermock.version>
<mockito.version>2.28.2</mockito.version>
<amazon.sdk.version>1.11.596</amazon.sdk.version>
<amazon.sdk.version>1.11.1034</amazon.sdk.version>
<google.guava.version>30.0-jre</google.guava.version>
</properties>

Expand All @@ -91,6 +91,14 @@
<version>${hadoop.version}</version>
<scope>provided</scope>
<exclusions>
<exclusion>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</exclusion>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
<exclusion>
<groupId>javax.servlet</groupId>
<artifactId>*</artifactId>
Expand Down Expand Up @@ -142,6 +150,10 @@
<groupId>javax.servlet</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
Expand All @@ -151,6 +163,14 @@
<type>test-jar</type>
<version>${hadoop.version}</version>
<exclusions>
<exclusion>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</exclusion>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
<exclusion>
<groupId>javax.servlet</groupId>
<artifactId>*</artifactId>
Expand Down Expand Up @@ -208,6 +228,17 @@
<artifactId>httpcore</artifactId>
<version>${httpcomponents.httpcore.version}</version>
</dependency>
<!-- override transitive dependency versions for security fixes -->
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-cbor</artifactId>
<version>2.13.1</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.13</version>
</dependency>
<!-- Test dependencies -->
<dependency>
<groupId>junit</groupId>
Expand Down

0 comments on commit d9d6322

Please sign in to comment.