Skip to content

Commit

Permalink
Fix for CVE-2976 + add CVE checker (#624)
Browse files Browse the repository at this point in the history
* Fix for CVE-2976 + add CVE checker

Signed-off-by: Omar Khasawneh <[email protected]>

* Updated Changelog

Signed-off-by: Omar Khasawneh <[email protected]>

---------

Signed-off-by: Omar Khasawneh <[email protected]>
  • Loading branch information
okhasawn authored Sep 15, 2023
1 parent 86b6988 commit d09bb4e
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
### Fixed
- [BUG] JarHell caused by latest software.amazon.awssdk 2.20.141 ([#616](https://github.com/opensearch-project/opensearch-java/pull/616))
- Don't over-allocate in HeapBufferedAsyncEntityConsumer in order to consume the response ([#620](https://github.com/opensearch-project/opensearch-java/pull/620))
- Fixed CVE-2976 + added CVE checker ([#624](https://github.com/opensearch-project/opensearch-java/pull/624))

### Security

Expand Down
4 changes: 3 additions & 1 deletion java-client/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,10 @@ plugins {
checkstyle
`maven-publish`
id("com.github.jk1.dependency-license-report") version "2.5"
id("org.owasp.dependencycheck") version "8.4.0"
}
apply(plugin = "opensearch.repositories")
apply(plugin = "org.owasp.dependencycheck")

configurations {
all {
Expand All @@ -62,7 +64,7 @@ configurations {
}

checkstyle {
toolVersion = "10.0"
toolVersion = "10.12.3"
}

java {
Expand Down

0 comments on commit d09bb4e

Please sign in to comment.