Skip to content

Commit

Permalink
Merge pull request #6507 from breakponchito/FISH-7835-upgrading-okhtt…
Browse files Browse the repository at this point in the history
…p-and-skip-kotlin-to-fix-cves

FISH-7835: upgrading okhttp and skipping kotlin dependencies
  • Loading branch information
breakponchito authored Dec 17, 2023
2 parents aca2539 + 63e2fa6 commit d54cbc2
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 3 deletions.
1 change: 1 addition & 0 deletions core/core-parent/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -635,6 +635,7 @@
<excludes>
<exclude>io.opentelemetry.extension</exclude>
<exclude>io.opentelemetry.instrumentation</exclude>
<exclude>fish.payara.shaded</exclude>
</excludes>
</parameter>
</configuration>
Expand Down
4 changes: 3 additions & 1 deletion core/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,9 @@
<stax2-api.version>4.2.1</stax2-api.version>
<stax-api.version>1.0-2</stax-api.version>
<jbi.version>1.0</jbi.version>

<okhttp3-version>4.12.0</okhttp3-version>
<kotlin-version>1.8.21</kotlin-version>

<!-- implementation and build dependencies -->
<glassfish-management-api.version>3.2.3.payara-p1</glassfish-management-api.version>
<glassfish-corba.version>4.2.4.payara-p2</glassfish-corba.version>
Expand Down
26 changes: 24 additions & 2 deletions nucleus/packager/external/opentelemetry-repackaged/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,14 @@
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>3.14.9</version>
<version>${okhttp3-version}</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib</artifactId>
<version>${kotlin-version}</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
Expand Down Expand Up @@ -157,13 +164,17 @@
!dalvik.*,
io.opentelemetry.exporter.prometheus;resolution:=optional,
sun.security.ssl;resolution:=optional,
!kotlin.*,
!org.bouncycastle.*,
!org.openjsse.*,
*
</Import-Package>
<!-- Embed the dependencies and then shade them in next step -->
<Embed-Dependency>
*;groupId=com.squareup.*;inline=true,
*;groupId=io.opentelemetry;inline=true,
*;groupId=io.opentelemetry.instrumentation;inline=true
*;groupId=io.opentelemetry.instrumentation;inline=true,
*;groupId=org.jetbrains.kotlin.*;inline=true
</Embed-Dependency>
<Embed-Transitive>true</Embed-Transitive>
</instructions>
Expand Down Expand Up @@ -195,6 +206,7 @@
<artifactSet>
<includes>
<include>com.squareup.*:*</include>
<inclue>org.jetbrains.kotlin.*:*</inclue>
</includes>
</artifactSet>
<filters>
Expand All @@ -205,6 +217,12 @@
<exclude>**</exclude>
</excludes>
</filter>
<filter>
<artifact>org.jetbrains.kotlin.*:*</artifact>
<excludes>
<exclude>**</exclude>
</excludes>
</filter>
</filters>
<relocations>
<relocation>
Expand All @@ -215,6 +233,10 @@
<pattern>okio.</pattern>
<shadedPattern>fish.payara.shaded.okio.</shadedPattern>
</relocation>
<relocation>
<pattern>kotlin.</pattern>
<shadedPattern>fish.payara.shaded.kotlin.</shadedPattern>
</relocation>
</relocations>
</configuration>
</plugin>
Expand Down

0 comments on commit d54cbc2

Please sign in to comment.