Skip to content

fix: fixing dependnecies and addressing vulnerabilities#77

Merged
jkalandaibm merged 40 commits intomasterfrom
fix-build-failures2
May 24, 2023
Merged

fix: fixing dependnecies and addressing vulnerabilities#77
jkalandaibm merged 40 commits intomasterfrom
fix-build-failures2

Conversation

@jkalandaibm
Copy link
Copy Markdown
Collaborator

@jkalandaibm jkalandaibm commented May 12, 2023

PR summary

Fixes: https://github.com/IBM/networking-java-sdk/security/dependabot/4

Updated the vulnerable package, org.testng:testngto the latest, however it didn't play well with the jkd8 version.
Had to bump it up to 11, however other dependencies had to updated, which also included removing powermock dependencies from the test packages.

PR Checklist

Please make sure that your PR fulfills the following requirements:

  • The commit message follows the Angular Commit Message Guidelines.
  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been added / updated (for bug fixes / features)

PR Type

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • New tests
  • Build/CI related changes
  • Documentation content changes
  • [x ] Other (please describe)

Vulnerable package need to be updated to the latest.

What is the current behavior?

Security alert

What is the new behavior?

Dependebot registered a vulnerability related to the org.testng:testng package.

Does this PR introduce a breaking change?

  • Yes
  • No

Other information

@jkalandaibm jkalandaibm changed the title fix: fixing dependnecies and addressing vurnabilities more tweaks fix: fixing dependnecies and addressing vulnerabilities more tweaks May 12, 2023
@jkalandaibm
Copy link
Copy Markdown
Collaborator Author

Based the changes of off this https://github.com/IBM/platform-services-java-sdk
in particular this PR IBM/platform-services-java-sdk@c394460

@jkalandaibm jkalandaibm force-pushed the fix-build-failures2 branch 2 times, most recently from 2986fb7 to 2fb5141 Compare May 15, 2023 21:54
Joseph Kalandarishvili added 26 commits May 15, 2023 16:58
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Joseph Kalandarishvili added 14 commits May 15, 2023 16:58
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
Signed-off-by: Joseph Kalandarishvili <jkalanda@Josephs-MBP.hsd1.mn.comcast.net>
@jkalandaibm jkalandaibm changed the title fix: fixing dependnecies and addressing vulnerabilities more tweaks fix: fixing dependnecies and addressing vulnerabilities May 24, 2023
@jkalandaibm jkalandaibm merged commit e6e32ad into master May 24, 2023
MalarvizhiK pushed a commit that referenced this pull request May 24, 2023
## [0.32.1](0.32.0...0.32.1) (2023-05-24)

### Bug Fixes

* fixing dependnecies and addressing vulnerabilities ([#77](#77)) ([e6e32ad](e6e32ad))
@MalarvizhiK
Copy link
Copy Markdown
Member

🎉 This PR is included in version 0.32.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants