From 042f63cd17daa5fcb71a9a164fafea2dc17569a6 Mon Sep 17 00:00:00 2001 From: Maxim Lapan Date: Wed, 23 Oct 2024 12:48:25 +0200 Subject: [PATCH] Trying to upgrade jetty-http --- dependencies.md | 164 ++++++++++++++++++----------------- doc/changes/changes_1.7.8.md | 1 + pom.xml | 16 ++-- 3 files changed, 92 insertions(+), 89 deletions(-) diff --git a/dependencies.md b/dependencies.md index 2fb1898..a5cbf5d 100644 --- a/dependencies.md +++ b/dependencies.md @@ -22,51 +22,52 @@ ### Test Dependencies -| Dependency | License | -| ------------------------------------------ | ----------------------------------------- | -| [scalatest][21] | [the Apache License, ASL Version 2.0][22] | -| [scalatestplus-mockito][23] | [Apache-2.0][22] | -| [mockito-core][24] | [MIT][25] | -| [Test containers for Exasol on Docker][26] | [MIT License][27] | -| [Test Database Builder for Java][28] | [MIT License][29] | -| [Matcher for SQL Result Sets][30] | [MIT License][31] | -| [Extension integration tests library][32] | [MIT License][33] | -| [embedded-kafka-schema-registry][34] | [MIT][25] | -| [kafka-streams-avro-serde][35] | [Apache License 2.0][11] | -| [avro4s-core][36] | [MIT][25] | -| [Testcontainers :: Kafka][37] | [MIT][38] | -| [ClassGraph][39] | [The MIT License (MIT)][38] | -| [Protocol Buffers [Core]][40] | [BSD-3-Clause][41] | +| Dependency | License | +| ------------------------------------------ | -------------------------------------------------------------------------------------- | +| [scalatest][21] | [the Apache License, ASL Version 2.0][22] | +| [scalatestplus-mockito][23] | [Apache-2.0][22] | +| [mockito-core][24] | [MIT][25] | +| [Test containers for Exasol on Docker][26] | [MIT License][27] | +| [Test Database Builder for Java][28] | [MIT License][29] | +| [Matcher for SQL Result Sets][30] | [MIT License][31] | +| [Extension integration tests library][32] | [MIT License][33] | +| [embedded-kafka-schema-registry][34] | [MIT][25] | +| [Core :: HTTP][35] | [Eclipse Public License - Version 2.0][36]; [Apache Software License - Version 2.0][1] | +| [kafka-streams-avro-serde][37] | [Apache License 2.0][11] | +| [avro4s-core][38] | [MIT][25] | +| [Testcontainers :: Kafka][39] | [MIT][40] | +| [ClassGraph][41] | [The MIT License (MIT)][40] | +| [Protocol Buffers [Core]][42] | [BSD-3-Clause][43] | ### Plugin Dependencies | Dependency | License | | ------------------------------------------------------- | --------------------------------------------- | -| [SonarQube Scanner for Maven][42] | [GNU LGPL 3][43] | -| [Apache Maven Toolchains Plugin][44] | [Apache-2.0][5] | -| [Apache Maven Compiler Plugin][45] | [Apache-2.0][5] | -| [Apache Maven Enforcer Plugin][46] | [Apache-2.0][5] | -| [Maven Flatten Plugin][47] | [Apache Software Licenese][5] | -| [org.sonatype.ossindex.maven:ossindex-maven-plugin][48] | [ASL2][14] | -| [scala-maven-plugin][49] | [Public domain (Unlicense)][50] | -| [ScalaTest Maven Plugin][51] | [the Apache License, ASL Version 2.0][22] | -| [Apache Maven Javadoc Plugin][52] | [Apache-2.0][5] | -| [Maven Surefire Plugin][53] | [Apache-2.0][5] | -| [Versions Maven Plugin][54] | [Apache License, Version 2.0][5] | -| [duplicate-finder-maven-plugin Maven Mojo][55] | [Apache License 2.0][11] | -| [Apache Maven Assembly Plugin][56] | [Apache-2.0][5] | -| [Apache Maven JAR Plugin][57] | [Apache-2.0][5] | -| [Artifact reference checker and unifier][58] | [MIT License][59] | -| [Maven Failsafe Plugin][60] | [Apache-2.0][5] | -| [JaCoCo :: Maven Plugin][61] | [EPL-2.0][62] | -| [error-code-crawler-maven-plugin][63] | [MIT License][64] | -| [Reproducible Build Maven Plugin][65] | [Apache 2.0][14] | -| [Project Keeper Maven plugin][66] | [The MIT License][67] | -| [OpenFastTrace Maven Plugin][68] | [GNU General Public License v3.0][69] | -| [Scalastyle Maven Plugin][70] | [Apache 2.0][11] | -| [spotless-maven-plugin][71] | [The Apache Software License, Version 2.0][5] | -| [scalafix-maven-plugin][72] | [BSD-3-Clause][41] | -| [Exec Maven Plugin][73] | [Apache License 2][5] | +| [SonarQube Scanner for Maven][44] | [GNU LGPL 3][45] | +| [Apache Maven Toolchains Plugin][46] | [Apache-2.0][5] | +| [Apache Maven Compiler Plugin][47] | [Apache-2.0][5] | +| [Apache Maven Enforcer Plugin][48] | [Apache-2.0][5] | +| [Maven Flatten Plugin][49] | [Apache Software Licenese][5] | +| [org.sonatype.ossindex.maven:ossindex-maven-plugin][50] | [ASL2][14] | +| [scala-maven-plugin][51] | [Public domain (Unlicense)][52] | +| [ScalaTest Maven Plugin][53] | [the Apache License, ASL Version 2.0][22] | +| [Apache Maven Javadoc Plugin][54] | [Apache-2.0][5] | +| [Maven Surefire Plugin][55] | [Apache-2.0][5] | +| [Versions Maven Plugin][56] | [Apache License, Version 2.0][5] | +| [duplicate-finder-maven-plugin Maven Mojo][57] | [Apache License 2.0][11] | +| [Apache Maven Assembly Plugin][58] | [Apache-2.0][5] | +| [Apache Maven JAR Plugin][59] | [Apache-2.0][5] | +| [Artifact reference checker and unifier][60] | [MIT License][61] | +| [Maven Failsafe Plugin][62] | [Apache-2.0][5] | +| [JaCoCo :: Maven Plugin][63] | [EPL-2.0][36] | +| [error-code-crawler-maven-plugin][64] | [MIT License][65] | +| [Reproducible Build Maven Plugin][66] | [Apache 2.0][14] | +| [Project Keeper Maven plugin][67] | [The MIT License][68] | +| [OpenFastTrace Maven Plugin][69] | [GNU General Public License v3.0][70] | +| [Scalastyle Maven Plugin][71] | [Apache 2.0][11] | +| [spotless-maven-plugin][72] | [The Apache Software License, Version 2.0][5] | +| [scalafix-maven-plugin][73] | [BSD-3-Clause][43] | +| [Exec Maven Plugin][74] | [Apache License 2][5] | ## Extension @@ -74,7 +75,7 @@ | Dependency | License | | ----------------------------------------- | ------- | -| [@exasol/extension-manager-interface][74] | MIT | +| [@exasol/extension-manager-interface][75] | MIT | [0]: https://www.scala-lang.org/ [1]: https://www.apache.org/licenses/LICENSE-2.0 @@ -111,43 +112,44 @@ [32]: https://github.com/exasol/extension-manager/ [33]: https://github.com/exasol/extension-manager/blob/main/LICENSE [34]: https://github.com/embeddedkafka/embedded-kafka-schema-registry -[35]: http://confluent.io/kafka-streams-avro-serde -[36]: https://github.com/sksamuel/avro4s -[37]: https://java.testcontainers.org -[38]: http://opensource.org/licenses/MIT -[39]: https://github.com/classgraph/classgraph -[40]: https://developers.google.com/protocol-buffers/protobuf-java/ -[41]: https://opensource.org/licenses/BSD-3-Clause -[42]: http://sonarsource.github.io/sonar-scanner-maven/ -[43]: http://www.gnu.org/licenses/lgpl.txt -[44]: https://maven.apache.org/plugins/maven-toolchains-plugin/ -[45]: https://maven.apache.org/plugins/maven-compiler-plugin/ -[46]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ -[47]: https://www.mojohaus.org/flatten-maven-plugin/ -[48]: https://sonatype.github.io/ossindex-maven/maven-plugin/ -[49]: http://github.com/davidB/scala-maven-plugin -[50]: http://unlicense.org/ -[51]: https://www.scalatest.org/user_guide/using_the_scalatest_maven_plugin -[52]: https://maven.apache.org/plugins/maven-javadoc-plugin/ -[53]: https://maven.apache.org/surefire/maven-surefire-plugin/ -[54]: https://www.mojohaus.org/versions/versions-maven-plugin/ -[55]: https://basepom.github.io/duplicate-finder-maven-plugin -[56]: https://maven.apache.org/plugins/maven-assembly-plugin/ -[57]: https://maven.apache.org/plugins/maven-jar-plugin/ -[58]: https://github.com/exasol/artifact-reference-checker-maven-plugin/ -[59]: https://github.com/exasol/artifact-reference-checker-maven-plugin/blob/main/LICENSE -[60]: https://maven.apache.org/surefire/maven-failsafe-plugin/ -[61]: https://www.jacoco.org/jacoco/trunk/doc/maven.html -[62]: https://www.eclipse.org/legal/epl-2.0/ -[63]: https://github.com/exasol/error-code-crawler-maven-plugin/ -[64]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE -[65]: http://zlika.github.io/reproducible-build-maven-plugin -[66]: https://github.com/exasol/project-keeper/ -[67]: https://github.com/exasol/project-keeper/blob/main/LICENSE -[68]: https://github.com/itsallcode/openfasttrace-maven-plugin -[69]: https://www.gnu.org/licenses/gpl-3.0.html -[70]: http://www.scalastyle.org -[71]: https://github.com/diffplug/spotless -[72]: https://github.com/evis/scalafix-maven-plugin -[73]: https://www.mojohaus.org/exec-maven-plugin -[74]: https://registry.npmjs.org/@exasol/extension-manager-interface/-/extension-manager-interface-0.4.1.tgz +[35]: https://jetty.org/jetty-core/jetty-http +[36]: https://www.eclipse.org/legal/epl-2.0/ +[37]: http://confluent.io/kafka-streams-avro-serde +[38]: https://github.com/sksamuel/avro4s +[39]: https://java.testcontainers.org +[40]: http://opensource.org/licenses/MIT +[41]: https://github.com/classgraph/classgraph +[42]: https://developers.google.com/protocol-buffers/protobuf-java/ +[43]: https://opensource.org/licenses/BSD-3-Clause +[44]: http://sonarsource.github.io/sonar-scanner-maven/ +[45]: http://www.gnu.org/licenses/lgpl.txt +[46]: https://maven.apache.org/plugins/maven-toolchains-plugin/ +[47]: https://maven.apache.org/plugins/maven-compiler-plugin/ +[48]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ +[49]: https://www.mojohaus.org/flatten-maven-plugin/ +[50]: https://sonatype.github.io/ossindex-maven/maven-plugin/ +[51]: http://github.com/davidB/scala-maven-plugin +[52]: http://unlicense.org/ +[53]: https://www.scalatest.org/user_guide/using_the_scalatest_maven_plugin +[54]: https://maven.apache.org/plugins/maven-javadoc-plugin/ +[55]: https://maven.apache.org/surefire/maven-surefire-plugin/ +[56]: https://www.mojohaus.org/versions/versions-maven-plugin/ +[57]: https://basepom.github.io/duplicate-finder-maven-plugin +[58]: https://maven.apache.org/plugins/maven-assembly-plugin/ +[59]: https://maven.apache.org/plugins/maven-jar-plugin/ +[60]: https://github.com/exasol/artifact-reference-checker-maven-plugin/ +[61]: https://github.com/exasol/artifact-reference-checker-maven-plugin/blob/main/LICENSE +[62]: https://maven.apache.org/surefire/maven-failsafe-plugin/ +[63]: https://www.jacoco.org/jacoco/trunk/doc/maven.html +[64]: https://github.com/exasol/error-code-crawler-maven-plugin/ +[65]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE +[66]: http://zlika.github.io/reproducible-build-maven-plugin +[67]: https://github.com/exasol/project-keeper/ +[68]: https://github.com/exasol/project-keeper/blob/main/LICENSE +[69]: https://github.com/itsallcode/openfasttrace-maven-plugin +[70]: https://www.gnu.org/licenses/gpl-3.0.html +[71]: http://www.scalastyle.org +[72]: https://github.com/diffplug/spotless +[73]: https://github.com/evis/scalafix-maven-plugin +[74]: https://www.mojohaus.org/exec-maven-plugin +[75]: https://registry.npmjs.org/@exasol/extension-manager-interface/-/extension-manager-interface-0.4.1.tgz diff --git a/doc/changes/changes_1.7.8.md b/doc/changes/changes_1.7.8.md index 7ed480b..92e3c25 100644 --- a/doc/changes/changes_1.7.8.md +++ b/doc/changes/changes_1.7.8.md @@ -28,4 +28,5 @@ Code name: * Removed `org.apache.zookeeper:zookeeper:3.9.2` * Removed `org.bitbucket.b_c:jose4j:0.9.6` * Removed `org.eclipse.jetty.http2:http2-server:9.4.54.v20240208` +* Added `org.eclipse.jetty:jetty-http:12.0.14` * Removed `org.json:json:20240303` diff --git a/pom.xml b/pom.xml index 97413d7..8d49e44 100644 --- a/pom.xml +++ b/pom.xml @@ -224,13 +224,13 @@ - - - - - - - + + + org.eclipse.jetty + jetty-http + 12.0.14 + test + @@ -477,7 +477,7 @@ ossindex-maven-plugin - CVE-2024-6763 + CVE-2023-36479 CVE-2024-8184