Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-12650 Upgraded json-path from 2.8.0 to 2.9.0 (#8282) 

- Upgraded json-smart from 2.4.11 to 2.5.0
- Added json-path to managed dependencies in root Maven configuration
- Suppressed OWASP Dependency Check finding resolved in json-path 2.9.0
This commit is contained in:
David Handermann 2024-01-22 12:18:28 -06:00 committed by GitHub
parent 5b9897cd4b
commit 93788f9281
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
nifi-commons/nifi-expression-language/pom.xml
View File

@ -114,7 +114,6 @@
<dependency>
<groupId>com.jayway.jsonpath</groupId>
<artifactId>json-path</artifactId>
<version>2.8.0</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>

5
nifi-dependency-check-maven/suppressions.xml
View File

@ -454,4 +454,9 @@
<packageUrl regex="true">^pkg:maven/software\.amazon\.ion/ion\-java@.*$</packageUrl>
<cpe>cpe:/a:amazon:ion</cpe>
</suppress>
<suppress>
<notes>JSON Path 2.9.0 resolves CVE-2023-51074</notes>
<packageUrl regex="true">^pkg:maven/com\.jayway\.jsonpath/json\-path@2.9.0$</packageUrl>
<vulnerabilityName>CVE-2023-51074</vulnerabilityName>
</suppress>
</suppressions>

1
nifi-nar-bundles/nifi-elasticsearch-bundle/nifi-elasticsearch-client-service/pom.xml
View File

@ -114,7 +114,6 @@
<dependency>
<groupId>com.jayway.jsonpath</groupId>
<artifactId>json-path</artifactId>
<version>2.8.0</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>

2
nifi-nar-bundles/nifi-elasticsearch-bundle/nifi-elasticsearch-restapi-processors/pom.xml
View File

@ -86,8 +86,6 @@ language governing permissions and limitations under the License. -->
<dependency>
<groupId>com.jayway.jsonpath</groupId>
<artifactId>json-path</artifactId>
<version>2.8.0</version>
<scope>compile</scope>
</dependency>
<!-- test dependencies -->

1
nifi-nar-bundles/nifi-extension-utils/nifi-record-utils/nifi-json-record-utils/pom.xml
View File

@ -37,7 +37,6 @@
<dependency>
<groupId>com.jayway.jsonpath</groupId>
<artifactId>json-path</artifactId>
<version>2.8.0</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>

5
nifi-nar-bundles/nifi-standard-bundle/pom.xml
View File

@ -140,11 +140,6 @@
<artifactId>derbytools</artifactId>
<version>${derby.version}</version>
</dependency>
<dependency>
<groupId>com.jayway.jsonpath</groupId>
<artifactId>json-path</artifactId>
<version>2.8.0</version>
</dependency>
<dependency>
<groupId>org.apache.tika</groupId>
<artifactId>tika-core</artifactId>

8
pom.xml
View File

@ -127,6 +127,7 @@
<org.bouncycastle.version>1.77</org.bouncycastle.version>
<testcontainers.version>1.19.3</testcontainers.version>
<org.slf4j.version>2.0.9</org.slf4j.version>
<com.jayway.jsonpath.version>2.9.0</com.jayway.jsonpath.version>
<derby.version>10.17.1.0</derby.version>
<ranger.version>2.4.0</ranger.version>
<jetty.version>12.0.5</jetty.version>
@ -136,7 +137,7 @@
<javax.annotation-api.version>1.3.2</javax.annotation-api.version>
<jakarta.xml.bind-api.version>4.0.1</jakarta.xml.bind-api.version>
<jakarta.ws.rs-api.version>3.1.0</jakarta.ws.rs-api.version>
<json.smart.version>2.4.11</json.smart.version>
<json.smart.version>2.5.0</json.smart.version>
<nifi.groovy.version>4.0.16</nifi.groovy.version>
<surefire.version>3.1.2</surefire.version>
<hadoop.version>3.3.6</hadoop.version>
@ -589,6 +590,11 @@
<artifactId>snakeyaml</artifactId>
<version>${snakeyaml.version}</version>
</dependency>
<dependency>
<groupId>com.jayway.jsonpath</groupId>
<artifactId>json-path</artifactId>
<version>${com.jayway.jsonpath.version}</version>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-bom</artifactId>