Skip to content

Commit 82bffb1

Browse files
authored
Fix hdfs-fixture kerb-admin & hadoop-minicluster dependencies are not being updated / false positive reports on CVEs (opensearch-project#14729)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
1 parent 17b7996 commit 82bffb1

File tree

1 file changed

+7
-2
lines changed

1 file changed

+7
-2
lines changed

test/fixtures/hdfs-fixture/build.gradle

+7-2
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ apply plugin: 'opensearch.java'
3333
group = 'hdfs'
3434

3535
versions << [
36-
'jetty': '9.4.53.v20231009'
36+
'jetty': '9.4.55.v20240627'
3737
]
3838

3939
dependencies {
@@ -73,7 +73,12 @@ dependencies {
7373
api "commons-net:commons-net:3.11.1"
7474
api "ch.qos.logback:logback-core:1.5.6"
7575
api "ch.qos.logback:logback-classic:1.2.13"
76-
api 'org.apache.kerby:kerb-admin:2.0.3'
76+
api "org.jboss.xnio:xnio-nio:3.8.16.Final"
77+
api 'org.jline:jline:3.26.2'
78+
api ('org.apache.kerby:kerb-admin:2.0.3') {
79+
exclude group: "org.jboss.xnio"
80+
exclude group: "org.jline"
81+
}
7782
runtimeOnly "com.google.guava:guava:${versions.guava}"
7883
runtimeOnly("com.squareup.okhttp3:okhttp:4.12.0") {
7984
exclude group: "com.squareup.okio"

0 commit comments

Comments
 (0)