-
Notifications
You must be signed in to change notification settings - Fork 93
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Forced ktlint to use logback-core:1.2.13, and logback-classic:1.2.13 to address CVE. #602
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…to address CVE. Signed-off-by: AWSHurneyt <[email protected]>
riysaxen-amzn
approved these changes
Feb 29, 2024
eirsep
approved these changes
Feb 29, 2024
AWSHurneyt
added a commit
to AWSHurneyt/common-utils
that referenced
this pull request
Feb 29, 2024
…to address CVE. (opensearch-project#602) Signed-off-by: AWSHurneyt <[email protected]>
5 tasks
AWSHurneyt
added a commit
to AWSHurneyt/common-utils
that referenced
this pull request
Feb 29, 2024
…to address CVE. (opensearch-project#602) Signed-off-by: AWSHurneyt <[email protected]>
AWSHurneyt
added a commit
that referenced
this pull request
Feb 29, 2024
…classic:1.2.13 to address CVE. #602 (#603) * Merge changes in the main branch to the 1.x branch. (#42) * Update Release Notes for GA (#36) * Update Release Notes for GA * Update Release Notes for GA include RC1 Changes as well. Signed-off-by: Aditya Jindal <[email protected]> * add method type in CustomWebhook data model (#39) Signed-off-by: Zhongnan Su <[email protected]> * Fix class loader issue for notifications response (#40) * Fix class loader issue for notifications Signed-off-by: Joshua Li <[email protected]> * Fix formatting Signed-off-by: Joshua Li <[email protected]> * Refactor creation of action listener object Signed-off-by: Joshua Li <[email protected]> * Fix indentation Signed-off-by: Joshua Li <[email protected]> * Remove unused suppresses Signed-off-by: Joshua Li <[email protected]> * Add UT for notification API Signed-off-by: Chen Dai <[email protected]> * Add UT for notification API Signed-off-by: Chen Dai <[email protected]> * Add UT for send notification API Signed-off-by: Chen Dai <[email protected]> * Fix Github workflow failure Signed-off-by: Chen Dai <[email protected]> * Fix Github workflow failure Signed-off-by: Chen Dai <[email protected]> * Refactor UT code Signed-off-by: Chen Dai <[email protected]> Co-authored-by: Joshua Li <[email protected]> Co-authored-by: Zhongnan Su <[email protected]> Co-authored-by: Chen Dai <[email protected]> Co-authored-by: Joshua Li <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * [1.x] Bumping common-utils to build with OpenSearch(1.x) 1.1.0 (#52) * Bumping common-utils to build with OpenSearch(main) 1.1.0 (#48) Signed-off-by: Sarat Vemulapalli <[email protected]> * Updating 1.x to work with OpenSearch 1.x Signed-off-by: Sarat Vemulapalli <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Backport 1.1 changes to 1.x (#72) * Add Commits related to Snapshot build of Common Utils on 1.1 (#67) * Using 1.1 snapshot version for OpenSearch (#57) Signed-off-by: Vacha <[email protected]> * Build snapshot build by default with the same version as OpenSearch. (#58) Signed-off-by: dblock <[email protected]> * Update build.gradle to reflect 1.1.0.0 version Co-authored-by: Vacha <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> * Build snapshot build by default with the same version as OpenSearch. (#58) (#69) Signed-off-by: dblock <[email protected]> * Adding an utility method that allows consumers to set custom thread context property in InjectSecurity class (#47) (#70) Signed-off-by: Ravi Thaluru <[email protected]> Co-authored-by: Ravi <[email protected]> * Add release notes for version 1.1.0.0 * Add release notes for version 1.1.0.0 Co-authored-by: Aditya Jindal <[email protected]> Co-authored-by: Vacha <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> Co-authored-by: Bowen Lan <[email protected]> Co-authored-by: Ravi <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Backport main changes to 1.x (#93) * Add themed logo to README (#41) Signed-off-by: Miki <[email protected]> * Updates common-utils version to 1.2 (#77) * Updates common-utils version to 1.2 and Uses Maven for 1.2 dependencies Signed-off-by: Clay Downs <[email protected]> * Publish .md5 and .sha1 signatures. (#79) (#80) * Publish .md5 and .sha1 signatures. Signed-off-by: dblock <[email protected]> * Use OpenSearch 1.1. Signed-off-by: dblock <[email protected]> * Publish source and javadoc checksums. (#81) Signed-off-by: dblock <[email protected]> * Update copyright notice (#90) Signed-off-by: Mohammad Qureshi <[email protected]> * Update maven publication to include cksums. (#91) This change adds a local staging repo task that will include cksums. It will also update build.sh to use this new task and copy the contents of the staging repo to the output directory. The maven publish plugin will not include these cksums when publishing to maven local but will when published to a separate folder. Signed-off-by: Marc Handalian <[email protected]> * Add release notes for version 1.2.0.0 (#92) * Add release notes for version 1.2.0.0 Signed-off-by: Ashish Agrawal <[email protected]> Co-authored-by: Miki <[email protected]> Co-authored-by: Clay Downs <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> Co-authored-by: Mohammad Qureshi <[email protected]> Co-authored-by: Marc Handalian <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Backport main changes to 1.x (#126) * Fix copyright notice and add DCO check workflow (#94) Signed-off-by: Ashish Agrawal <[email protected]> * Update build.sh script to include optional platform param. (#95) Signed-off-by: Marc Handalian <[email protected]> * Add codeowners support for repo (#96) Signed-off-by: Ryan Bogan <[email protected]> * Bump version to 1.3 (#99) Signed-off-by: Ashish Agrawal <[email protected]> * Auto-increment version on new release tags. (#106) Signed-off-by: Daniel Doubrovkine (dB.) <[email protected]> * Remove jcenter repository (#115) Signed-off-by: Peter Nied <[email protected]> * Using Github App token to trigger CI for version increment PRs (#116) Signed-off-by: Vacha Shah <[email protected]> * Fixes copyright headers (#117) Signed-off-by: Drew Baugher <[email protected]> * Remove jcenter repository missed on first pass (#118) Signed-off-by: Peter Nied <[email protected]> * Run CI/CD on Java 8, 11, 14 and 17. (#121) * Run CI/CD on Java 8, 11, 14 and 17. Signed-off-by: Daniel Doubrovkine (dB.) <[email protected]> * Add JDK 17. Signed-off-by: Daniel Doubrovkine (dB.) <[email protected]> * Add .whitesource configuration file (#109) Co-authored-by: whitesource-for-github-com[bot] <50673670+whitesource-for-github-com[bot]@users.noreply.github.com> Co-authored-by: Ashish Agrawal <[email protected]> Co-authored-by: Marc Handalian <[email protected]> Co-authored-by: Ryan Bogan <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> Co-authored-by: Peter Nied <[email protected]> Co-authored-by: Vacha Shah <[email protected]> Co-authored-by: Drew Baugher <[email protected]> Co-authored-by: Peter Nied <[email protected]> Co-authored-by: whitesource-for-github-com[bot] <50673670+whitesource-for-github-com[bot]@users.noreply.github.com> Signed-off-by: AWSHurneyt <[email protected]> * Add release notes for version 1.3.0.0 (#134) Signed-off-by: Saurabh Singh <[email protected]> Co-authored-by: Saurabh Singh <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Bump version to 1.3.1 (#145) Signed-off-by: Sayali Gaikawad <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Incremented version to 1.3.2 (#148) Signed-off-by: Sayali Gaikawad <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Adding signoff option for version workflow PR (#143) (#150) Signed-off-by: Vacha Shah <[email protected]> (cherry picked from commit 6e78f69) Co-authored-by: Vacha Shah <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Incremented version to 1.3.3. (#180) Signed-off-by: dblock <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Incremented version to 1.3.4. (#198) Signed-off-by: Zelin Hao <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Staging for version increment automation (#200) (#208) * Version increment automation Signed-off-by: pgodithi <[email protected]> * Version increment automation: task rename updateVersion Signed-off-by: pgodithi <[email protected]> (cherry picked from commit 366bf16) Signed-off-by: prudhvigodithi <[email protected]> Signed-off-by: pgodithi <[email protected]> Signed-off-by: prudhvigodithi <[email protected]> Co-authored-by: Prudhvi Godithi <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * release 1.3.5 (#219) Signed-off-by: prudhvigodithi <[email protected]> Signed-off-by: prudhvigodithi <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Increment version to 1.3.6-SNAPSHOT (#243) Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Change TrustStoreTest to use File.separator to support Windows path (#258) (#260) Signed-off-by: Peter Zhu <[email protected]> Signed-off-by: Peter Zhu <[email protected]> (cherry picked from commit 7dcb3a0) Co-authored-by: Peter Zhu <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * disable detekt so that snakeyaml <= 1.31 is not used (#266) * disable detekt so that snakeyaml <= 1.31 is not used Signed-off-by: AWSHurneyt <[email protected]> * add release-notes for 1.3.6 (#267) Signed-off-by: Subhobrata Dey <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * [AUTO] Increment version to 1.3.7-SNAPSHOT (#276) * Increment version to 1.3.7-SNAPSHOT Signed-off-by: opensearch-ci-bot <[email protected]> * empty commit trigger Signed-off-by: Peter Zhu <[email protected]> Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: Peter Zhu <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Co-authored-by: Peter Zhu <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Adding CI workflow for Windows OS (#333) Signed-off-by: Subhobrata Dey <[email protected]> Signed-off-by: Subhobrata Dey <[email protected]> Co-authored-by: Surya Sashank Nistala <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Increment version to 1.3.8-SNAPSHOT (#338) Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Add auto-release workflow (#376) (#377) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit 89b7457) Co-authored-by: Craig Perkins <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Increment version to 1.3.9-SNAPSHOT (#355) Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Incremented version to 1.3.10 (#388) Signed-off-by: GitHub <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Increment version to 1.3.11-SNAPSHOT (#453) Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Increment version to 1.3.12-SNAPSHOT (#471) Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Increment version to 1.3.13-SNAPSHOT (#504) Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Increment version to 1.3.14-SNAPSHOT (#540) Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * [AUTO] Increment version to 1.3.15-SNAPSHOT (#575) * Increment version to 1.3.15-SNAPSHOT Signed-off-by: opensearch-ci-bot <[email protected]> * Empty-Commit Signed-off-by: Ashish Agrawal <[email protected]> * Remove jdk 8 CI test Signed-off-by: Ashish Agrawal <[email protected]> --------- Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: Ashish Agrawal <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Co-authored-by: Ashish Agrawal <[email protected]> Signed-off-by: AWSHurneyt <[email protected]> * Forced ktlint to use logback-core:1.2.13, and logback-classic:1.2.13 to address CVE. (#602) Signed-off-by: AWSHurneyt <[email protected]> --------- Signed-off-by: AWSHurneyt <[email protected]> Signed-off-by: Sarat Vemulapalli <[email protected]> Signed-off-by: Sayali Gaikawad <[email protected]> Signed-off-by: dblock <[email protected]> Signed-off-by: Zelin Hao <[email protected]> Signed-off-by: pgodithi <[email protected]> Signed-off-by: prudhvigodithi <[email protected]> Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: Subhobrata Dey <[email protected]> Signed-off-by: Peter Zhu <[email protected]> Signed-off-by: GitHub <[email protected]> Signed-off-by: Ashish Agrawal <[email protected]> Co-authored-by: Aditya Jindal <[email protected]> Co-authored-by: Zhongnan Su <[email protected]> Co-authored-by: Chen Dai <[email protected]> Co-authored-by: Joshua Li <[email protected]> Co-authored-by: Sarat Vemulapalli <[email protected]> Co-authored-by: Sriram <[email protected]> Co-authored-by: Vacha <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> Co-authored-by: Bowen Lan <[email protected]> Co-authored-by: Ravi <[email protected]> Co-authored-by: Ashish Agrawal <[email protected]> Co-authored-by: Miki <[email protected]> Co-authored-by: Clay Downs <[email protected]> Co-authored-by: Mohammad Qureshi <[email protected]> Co-authored-by: Marc Handalian <[email protected]> Co-authored-by: Saurabh Singh <[email protected]> Co-authored-by: Ryan Bogan <[email protected]> Co-authored-by: Peter Nied <[email protected]> Co-authored-by: Drew Baugher <[email protected]> Co-authored-by: Peter Nied <[email protected]> Co-authored-by: whitesource-for-github-com[bot] <50673670+whitesource-for-github-com[bot]@users.noreply.github.com> Co-authored-by: Saurabh Singh <[email protected]> Co-authored-by: Sayali Gaikawad <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: opensearch-ci-bot <[email protected]> Co-authored-by: Daniel (dB.) Doubrovkine <[email protected]> Co-authored-by: Zelin Hao <[email protected]> Co-authored-by: Prudhvi Godithi <[email protected]> Co-authored-by: Peter Zhu <[email protected]> Co-authored-by: Subhobrata Dey <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Co-authored-by: Surya Sashank Nistala <[email protected]> Co-authored-by: Craig Perkins <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Forced ktlint to use logback-core:1.2.13, and logback-classic:1.2.13 to address CVE.
Issues Resolved
[List any issues this PR will resolve]
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.