yujunjun/datahub
2
0
Fork 0
mirror of https://github.com/datahub-project/datahub.git synced 2025-06-27 05:03:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(docker): Fix dependency vulnerability (#2763)

Browse Source
This commit is contained in:
Dexter Lee 2021-06-24 23:00:55 -07:00 committed by GitHub
parent 7a93a415ce
commit 3caa09d21a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
build.gradle
View File

@ -38,6 +38,7 @@ project.ext.externalDependency = [
'cacheApi' : 'javax.cache:cache-api:1.1.0',
'commonsIo': 'commons-io:commons-io:2.4',
'commonsLang': 'commons-lang:commons-lang:2.6',
'commonsCollections': 'commons-collections:commons-collections:3.2.2',
'data' : 'com.linkedin.pegasus:data:' + pegasusVersion,
'ebean': 'io.ebean:ebean:11.33.3',
'ebeanAgent': 'io.ebean:ebean-agent:11.27.1',
@ -108,7 +109,7 @@ project.ext.externalDependency = [
'springBootStarterWeb': 'org.springframework.boot:spring-boot-starter-web:2.1.4.RELEASE',
'springBootStarterJetty': 'org.springframework.boot:spring-boot-starter-jetty:2.1.4.RELEASE',
'springKafka': 'org.springframework.kafka:spring-kafka:2.2.14.RELEASE',
'springActuator': 'org.springframework.boot:spring-boot-starter-actuator:2.1.2.RELEASE',
'springActuator': 'org.springframework.boot:spring-boot-starter-actuator:2.1.4.RELEASE',
'testng': 'org.testng:testng:7.3.0',
'testContainers': 'org.testcontainers:testcontainers:1.15.1',
'testContainersJunit': 'org.testcontainers:junit-jupiter:1.15.1',
@ -120,6 +121,11 @@ allprojects {
apply plugin: 'idea'
apply plugin: 'eclipse'
apply plugin: 'checkstyle'
configurations.all {
exclude group: "io.netty", module: "netty"
exclude group: "log4j", module: "log4j"
}
}
subprojects {

8
datahub-frontend/play.gradle
View File

@ -18,6 +18,14 @@ dependencies {
} else {
assets project(path: ':datahub-web-react', configuration: 'assets')
}
constraints {
play('org.springframework:spring-core:5.2.3.RELEASE')
play('com.fasterxml.jackson.core:jackson-databind:2.9.10.4')
play('com.nimbusds:nimbus-jose-jwt:7.9')
play('com.typesafe.akka:akka-actor_2.11:2.5.16')
play('net.minidev:json-smart:2.4.1')
}
play project(":datahub-dao")
play project(":datahub-graphql-core")

2
gms/impl/build.gradle
View File

@ -28,7 +28,6 @@ dependencies {
compile project(':li-utils')
compile project(':metadata-models')
compile project(':metadata-testing:metadata-test-utils')
compile project(':metadata-utils')
compile project(':metadata-io')
compile spec.product.pegasus.restliServer
@ -43,6 +42,7 @@ dependencies {
compileOnly externalDependency.lombok
testCompile project(':metadata-testing:metadata-test-utils')
testCompile externalDependency.parseqTest
testCompile externalDependency.mockito
testCompile externalDependency.testng

5
metadata-events/mxe-avro-1.7/build.gradle
View File

@ -8,6 +8,11 @@ apply plugin: 'java'
dependencies {
compile externalDependency.avro_1_7
compile externalDependency.avroCompiler_1_7
constraints {
implementation('commons-collections:commons-collections:3.2.2') {
because 'Vulnerability Issue'
}
}
avsc project(':metadata-events:mxe-schemas')
}