mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-09 22:45:04 +00:00
e90bde5a05
This PR upgrade the following dependencies to fix CVEs. - commons-codec:1.12 (->1.13) apache/commons-codec@48b6157 - ant:1.10.8 (->1.10.9) https://ant.apache.org/security.html - jackson-databind:2.10.4 (->2.11.0) FasterXML/jackson-databind#2589 - jackson-dataformat-cbor:2.10.4 (->2.11.0) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28491 - apache-httpclient:4.5.10 (->4.5.13) https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-13956 - checkstyle:8.20 (->8.29) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10782 - junit:4.12 (->4.13.1) https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - netty:4.1.49.Final (->4.1.59) https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2 Signed-off-by: Rabi Panda <adnapibar@gmail.com>
45 lines
1.1 KiB
Properties
45 lines
1.1 KiB
Properties
opensearch = 1.0.0
|
|
lucene = 8.8.2
|
|
|
|
bundled_jdk_vendor = adoptopenjdk
|
|
bundled_jdk = 15.0.1+9
|
|
|
|
checkstyle = 8.29
|
|
|
|
# optional dependencies
|
|
spatial4j = 0.7
|
|
jts = 1.15.0
|
|
jackson = 2.11.4
|
|
snakeyaml = 1.26
|
|
icu4j = 62.1
|
|
supercsv = 2.4.0
|
|
# when updating log4j, please update also docs/java-api/index.asciidoc
|
|
log4j = 2.11.1
|
|
slf4j = 1.6.2
|
|
|
|
# when updating the JNA version, also update the version in buildSrc/build.gradle
|
|
jna = 5.5.0
|
|
|
|
netty = 4.1.59.Final
|
|
joda = 2.10.4
|
|
|
|
# when updating this version, you need to ensure compatibility with:
|
|
# - plugins/ingest-attachment (transitive dependency, check the upstream POM)
|
|
# - distribution/tools/plugin-cli
|
|
# - x-pack/plugin/security
|
|
bouncycastle=1.64
|
|
# test dependencies
|
|
randomizedrunner = 2.7.1
|
|
junit = 4.12
|
|
httpclient = 4.5.13
|
|
httpcore = 4.4.12
|
|
httpasyncclient = 4.1.4
|
|
commonslogging = 1.1.3
|
|
commonscodec = 1.13
|
|
hamcrest = 2.1
|
|
securemock = 1.2
|
|
mocksocket = 1.2
|
|
|
|
# benchmark dependencies
|
|
jmh = 1.19
|