honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
55,646 Commits 7 Branches 6 Tags 546 MiB
Commit Graph

21 Commits

Author SHA1 Message Date
dependabot[bot] 25d81c5fd5
Bump google-oauth-client from 1.33.2 to 1.33.3 in /plugins/discovery-gce (#2943) 
* Bump google-oauth-client from 1.33.2 to 1.33.3 in /plugins/discovery-gce

Bumps [google-oauth-client](https://github.com/googleapis/google-oauth-java-client) from 1.33.2 to 1.33.3.
- [Release notes](https://github.com/googleapis/google-oauth-java-client/releases)
- [Changelog](https://github.com/googleapis/google-oauth-java-client/blob/main/CHANGELOG.md)
- [Commits](https://github.com/googleapis/google-oauth-java-client/compare/v1.33.2...v1.33.3)

---
updated-dependencies:
- dependency-name: com.google.oauth-client:google-oauth-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

* Fixing precommit failures

Signed-off-by: Vacha Shah <vachshah@amazon.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Co-authored-by: Vacha Shah <vachshah@amazon.com>
 2022-04-18 15:22:12 -07:00
dependabot[bot] d308795bf0
Bump google-oauth-client from 1.33.1 to 1.33.2 in /plugins/discovery-gce (#2828) 
* Bump google-oauth-client from 1.33.1 to 1.33.2 in /plugins/discovery-gce

Bumps [google-oauth-client](https://github.com/googleapis/google-oauth-java-client) from 1.33.1 to 1.33.2.
- [Release notes](https://github.com/googleapis/google-oauth-java-client/releases)
- [Changelog](https://github.com/googleapis/google-oauth-java-client/blob/main/CHANGELOG.md)
- [Commits](https://github.com/googleapis/google-oauth-java-client/compare/v1.33.1...v1.33.2)

---
updated-dependencies:
- dependency-name: com.google.oauth-client:google-oauth-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
 2022-04-11 11:49:32 -04:00
Yoann Rodière b5d5616d44
Update commons-logging to 1.2 (#2806) 
* Upgrade to Apache Commons Logging 1.2

Signed-off-by: Yoann Rodière <yoann@hibernate.org>

* Clarify that Apache HTTP/commons-* dependencies are not just for tests

Signed-off-by: Yoann Rodière <yoann@hibernate.org>
 2022-04-08 16:43:51 -04:00
dependabot[bot] 7d9cd3102f
Bump google-oauth-client from 1.31.0 to 1.33.1 in /plugins/discovery-gce (#2524) 
* Bump google-oauth-client from 1.31.0 to 1.33.1 in /plugins/discovery-gce

Bumps [google-oauth-client](https://github.com/googleapis/google-oauth-java-client) from 1.31.0 to 1.33.1.
- [Release notes](https://github.com/googleapis/google-oauth-java-client/releases)
- [Changelog](https://github.com/googleapis/google-oauth-java-client/blob/main/CHANGELOG.md)
- [Commits](https://github.com/googleapis/google-oauth-java-client/compare/v1.31.0...v1.33.1)

---
updated-dependencies:
- dependency-name: com.google.oauth-client:google-oauth-client
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

* Fixing precommit failure

Signed-off-by: Vacha Shah <vachshah@amazon.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Co-authored-by: Vacha Shah <vachshah@amazon.com>
 2022-03-21 18:02:55 -07:00
dependabot[bot] cdd74deeef
Bump jsr305 from 1.3.9 to 3.0.2 in /plugins/discovery-gce (#2137) 
* Bump jsr305 from 1.3.9 to 3.0.2 in /plugins/discovery-gce

Bumps jsr305 from 1.3.9 to 3.0.2.

---
updated-dependencies:
- dependency-name: com.google.code.findbugs:jsr305
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
 2022-03-19 13:01:59 -07:00
Andriy Redko 65804d25a6
Update to log4j 2.17.1 (#1820) 
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
 2021-12-28 17:06:42 -05:00
Andriy Redko ca27c8fd4f
Update to log4j 2.17.0 (#1771) 2021-12-18 09:36:59 -08:00
Andriy Redko 6db435412b
Upgrade to log4j 2.16.0 (#1721) 
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
 2021-12-14 07:34:45 -05:00
Andrew Ross 309649ce8a
Upgrade to logj4 2.15.0 (#1698) 
Signed-off-by: Andrew Ross <andrross@amazon.com>
 2021-12-10 13:03:41 -08:00
Sarat Vemulapalli e0e6995c4a
Updating Log4j to 2.11.2 (#1696) 
Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>
 2021-12-10 08:03:45 -08:00
Rabi Panda 50abf6d066
[CVE] Upgrade dependencies to mitigate CVEs (#657) 
This PR upgrade the following dependencies to fix CVEs.

- commons-codec:1.12 (->1.13) apache/commons-codec@48b6157
- ant:1.10.8 (->1.10.9) https://ant.apache.org/security.html
- jackson-databind:2.10.4 (->2.11.0) FasterXML/jackson-databind#2589
- jackson-dataformat-cbor:2.10.4 (->2.11.0) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28491
- apache-httpclient:4.5.10 (->4.5.13) https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-13956
- checkstyle:8.20 (->8.29) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10782
- junit:4.12 (->4.13.1) https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp
- netty:4.1.49.Final (->4.1.59) https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
 2021-05-18 11:37:24 -07:00
Rabi Panda 6550e099b3
[CVE-2020-7692] Upgrade google-oauth clients for goolge cloud plugins (#662) 
For discovery-gce and repository-gcs plugins update the google-oauth-client library to version 1.31.0. See CVE details at https://nvd.nist.gov/vuln/detail/CVE-2020-7692

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
 2021-05-13 12:19:57 -07:00
Luca Cavanna e57756492a Update http-core and http-client dependencies (#46549) 
Relates to #45808
Closes #45577
 2019-09-12 09:45:29 +02:00
Jason Tedor 371cb9a8ce
Remove Log4j 1.2 API as a dependency (#42702) 
We had this as a dependency for legacy dependencies that still needed
the Log4j 1.2 API. This appears to no longer be necessary, so this
commit removes this artifact as a dependency.

To remove this dependency, we had to fix a few places where we were
accidentally relying on Log4j 1.2 instead of Log4j 2 (easy to do, since
both APIs were on the compile-time classpath).

Finally, we can remove our custom Netty logger factory. This was needed
when we were on Log4j 1.2 and handled logging in our own unique
way. When we migrated to Log4j 2 we could have dropped this
dependency. However, even then Netty would still pick up Log4j 1.2 since
it was on the classpath, thus the advantage to removing this as a
dependency now.
 2019-05-30 16:08:07 -04:00
Jay Modi f34663282c
Update apache httpclient to version 4.5.8 (#40875) 
This change updates our version of httpclient to version 4.5.8, which
contains the fix for HTTPCLIENT-1968, which is a bug where the client
started re-writing paths that contained encoded reserved characters
with their unreserved form.
 2019-04-05 13:48:10 -06:00
Jay Modi 54dbf9469c
Update httpclient for JDK 11 TLS engine (#37994) 
The apache commons http client implementations recently released
versions that solve TLS compatibility issues with the new TLS engine
that supports TLSv1.3 with JDK 11. This change updates our code to
use these versions since JDK 11 is a supported JDK and we should
allow the use of TLSv1.3.
 2019-01-30 14:24:29 -07:00
Tanguy Leroux 50a2459adf
Update Google SDK to version 1.23 (#27381) 
This commit updates the google-api-client library to version 1.23.0.

Related to #26636
 2017-11-15 15:30:27 +01:00
javanna 118a14fbe3 Build: upgrade httpcore version to 4.4.5 
Closes #19127
 2016-07-19 15:11:40 +02:00
javanna 63c5b31449 update shas for httpclient and httpcore 2016-05-20 14:10:55 +02:00
Ryan Ernst 4b5f87cb7d Build: Remove transitive dependencies 
Transitive dependencies can be confusing and hard to deal with when
conflicts arise between them. This change removes transitive
dependencies from elasticsearch, and forces any dependency conflicts to
be resolved manually, instead of automatically by gradle.

closes #14627
 2015-11-10 15:01:41 -08:00
David Pilato c73ab50df1 Rename cloud-gce plugin to discovery-gce plugin 
Follow up azure and aws splits, we need to be consistent and rename `cloud-gce` to `discovery-gce`.
 2015-10-08 06:53:37 +02:00