From f6c86df1f5ad310698ca13e4e5b5833af08c96eb Mon Sep 17 00:00:00 2001
From: pankajmahato-visa <154867659+pankajmahato-visa@users.noreply.github.com>
Date: Fri, 10 Jan 2025 00:45:09 +0530
Subject: [PATCH] chore(deps): Migrate EOL vulnerability of javax.mail to
 jakarta.mail (#12282)

---
 build.gradle                                                  | 4 +++-
 .../java/com/linkedin/entity/client/RestliEntityClient.java   | 4 ++--
 metadata-utils/build.gradle                                   | 4 ++++
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/build.gradle b/build.gradle
index eff36ee3a79775..5b6613d3057f3e 100644
--- a/build.gradle
+++ b/build.gradle
@@ -286,7 +286,8 @@ project.ext.externalDependency = [
     'annotationApi': 'javax.annotation:javax.annotation-api:1.3.2',
     'jakartaAnnotationApi': 'jakarta.annotation:jakarta.annotation-api:3.0.0',
     'classGraph': 'io.github.classgraph:classgraph:4.8.172',
-    'mustache': 'com.github.spullara.mustache.java:compiler:0.9.14'
+    'mustache': 'com.github.spullara.mustache.java:compiler:0.9.14',
+    'javaxMail': 'com.sun.mail:jakarta.mail:1.6.7'
 ]
 
 allprojects {
@@ -374,6 +375,7 @@ configure(subprojects.findAll {! it.name.startsWith('spark-lineage')}) {
     exclude group: "org.slf4j", module: "slf4j-nop"
     exclude group: "org.slf4j", module: "slf4j-ext"
     exclude group: "org.codehaus.jackson", module: "jackson-mapper-asl"
+    exclude group: "javax.mail", module: "mail"
 
     resolutionStrategy.force externalDependency.antlr4Runtime
     resolutionStrategy.force externalDependency.antlr4
diff --git a/metadata-service/restli-client/src/main/java/com/linkedin/entity/client/RestliEntityClient.java b/metadata-service/restli-client/src/main/java/com/linkedin/entity/client/RestliEntityClient.java
index 8d4c5e9228a71c..ca775619220831 100644
--- a/metadata-service/restli-client/src/main/java/com/linkedin/entity/client/RestliEntityClient.java
+++ b/metadata-service/restli-client/src/main/java/com/linkedin/entity/client/RestliEntityClient.java
@@ -103,10 +103,10 @@
 import java.util.stream.StreamSupport;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
-import javax.mail.MethodNotSupportedException;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.NotImplementedException;
+import org.apache.http.MethodNotSupportedException;
 import org.opensearch.core.common.util.CollectionUtils;
 
 @Slf4j
@@ -1195,7 +1195,7 @@ public DataMap getRawAspect(
       @Nonnull String aspect,
       @Nonnull Long version)
       throws RemoteInvocationException {
-    throw new MethodNotSupportedException();
+    throw new MethodNotSupportedException("Method not supported");
   }
 
   @Override
diff --git a/metadata-utils/build.gradle b/metadata-utils/build.gradle
index 07ce50993655d2..4b24eeac50b0b7 100644
--- a/metadata-utils/build.gradle
+++ b/metadata-utils/build.gradle
@@ -26,6 +26,7 @@ dependencies {
 
   implementation externalDependency.slf4jApi
   compileOnly externalDependency.lombok
+  runtimeOnly externalDependency.javaxMail
 
   annotationProcessor externalDependency.lombok
 
@@ -40,6 +41,9 @@ dependencies {
       implementation(externalDependency.log4jApi) {
         because("previous versions are vulnerable to CVE-2021-45105")
     }
+    implementation(externalDependency.javaxMail) {
+      because("previous versions are vulnerable")
+    }
   }
   implementation externalDependency.logbackClassic