From 42ed29a36844136cf9dc7759b3eef95f3b26fdd9 Mon Sep 17 00:00:00 2001 From: David Cui Date: Mon, 15 Mar 2021 16:17:23 -0700 Subject: [PATCH 1/2] bump jackson cbor version --- elasticsearch/build.gradle | 3 ++- integ-test/build.gradle | 1 + plugin/build.gradle | 2 ++ protocol/build.gradle | 3 ++- 4 files changed, 7 insertions(+), 2 deletions(-) diff --git a/elasticsearch/build.gradle b/elasticsearch/build.gradle index fc499124f6..9b99c1789f 100644 --- a/elasticsearch/build.gradle +++ b/elasticsearch/build.gradle @@ -13,7 +13,8 @@ dependencies { compile group: 'org.elasticsearch', name: 'elasticsearch', version: "${es_version}" compile "io.github.resilience4j:resilience4j-retry:1.5.0" compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.10.5' - compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.10.5.1' + compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.11.4' + compile group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-cbor', version: '2.11.4' compile group: 'org.json', name: 'json', version:'20180813' compileOnly group: 'org.elasticsearch.client', name: 'elasticsearch-rest-high-level-client', version: "${es_version}" diff --git a/integ-test/build.gradle b/integ-test/build.gradle index 6bf88ebbc4..e47372df07 100644 --- a/integ-test/build.gradle +++ b/integ-test/build.gradle @@ -29,6 +29,7 @@ configurations.all { resolutionStrategy.force 'commons-codec:commons-codec:1.13' resolutionStrategy.force 'com.google.guava:guava:29.0-jre' resolutionStrategy.force 'com.fasterxml.jackson.core:jackson-core:2.10.5' + resolutionStrategy.force 'com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.11.4' } dependencies { diff --git a/plugin/build.gradle b/plugin/build.gradle index 2ef6a9de6c..473bb1feea 100644 --- a/plugin/build.gradle +++ b/plugin/build.gradle @@ -35,6 +35,8 @@ configurations.all { // enforce 1.1.3, https://www.whitesourcesoftware.com/vulnerability-database/WS-2019-0379 resolutionStrategy.force 'commons-codec:commons-codec:1.13' resolutionStrategy.force 'com.google.guava:guava:29.0-jre' + resolutionStrategy.force 'com.fasterxml.jackson.core:jackson-core:2.10.5' + resolutionStrategy.force 'com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.11.4' } dependencies { diff --git a/protocol/build.gradle b/protocol/build.gradle index 8259d13217..61bd5ded89 100644 --- a/protocol/build.gradle +++ b/protocol/build.gradle @@ -12,7 +12,8 @@ dependencies { // https://github.com/google/guava/wiki/CVE-2018-10237 compile group: 'com.google.guava', name: 'guava', version: '29.0-jre' compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.10.5' - compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.10.5.1' + compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.11.4' + compile group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-cbor', version: '2.11.4' implementation 'com.google.code.gson:gson:2.8.6' compile project(':core') compile project(':elasticsearch') From 6ddf8b755802b82319c9b71613780eca35dc5955 Mon Sep 17 00:00:00 2001 From: David Cui Date: Mon, 15 Mar 2021 16:20:08 -0700 Subject: [PATCH 2/2] remove unneeded jackon-core version force --- plugin/build.gradle | 1 - 1 file changed, 1 deletion(-) diff --git a/plugin/build.gradle b/plugin/build.gradle index 473bb1feea..c28f9bd954 100644 --- a/plugin/build.gradle +++ b/plugin/build.gradle @@ -35,7 +35,6 @@ configurations.all { // enforce 1.1.3, https://www.whitesourcesoftware.com/vulnerability-database/WS-2019-0379 resolutionStrategy.force 'commons-codec:commons-codec:1.13' resolutionStrategy.force 'com.google.guava:guava:29.0-jre' - resolutionStrategy.force 'com.fasterxml.jackson.core:jackson-core:2.10.5' resolutionStrategy.force 'com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.11.4' }