diff --git a/camel-dependencies/pom.xml b/camel-dependencies/pom.xml
index b83c3c85599c4..0ee371d686b5a 100644
--- a/camel-dependencies/pom.xml
+++ b/camel-dependencies/pom.xml
@@ -507,7 +507,7 @@
3.3.0
3.0.5
2.3
- 1.33
+ 2.0
2.6.3_1
8.11.2
[8,9)
diff --git a/components/camel-snakeyaml/src/generated/resources/org/apache/camel/component/snakeyaml/snakeYaml.json b/components/camel-snakeyaml/src/generated/resources/org/apache/camel/component/snakeyaml/snakeYaml.json
index d6b511caea75c..9cbdbc7ff9b53 100644
--- a/components/camel-snakeyaml/src/generated/resources/org/apache/camel/component/snakeyaml/snakeYaml.json
+++ b/components/camel-snakeyaml/src/generated/resources/org/apache/camel/component/snakeyaml/snakeYaml.json
@@ -16,7 +16,7 @@
"modelJavaType": "org.apache.camel.model.dataformat.YAMLDataFormat"
},
"properties": {
- "library": { "kind": "attribute", "displayName": "Library", "required": false, "type": "enum", "javaType": "org.apache.camel.model.dataformat.YAMLLibrary", "enum": [ "SnakeYAML" ], "deprecated": false, "autowired": false, "secret": false, "defaultValue": "SnakeYAML", "description": "Which yaml library to use. By default it is SnakeYAML" },
+ "library": { "kind": "attribute", "displayName": "Library", "required": false, "type": "enum", "javaType": "org.apache.camel.model.dataformat.YAMLLibrary", "enum": [ "snake-yaml" ], "deprecated": false, "autowired": false, "secret": false, "defaultValue": "SnakeYAML", "description": "Which yaml library to use. By default it is SnakeYAML" },
"unmarshalType": { "kind": "attribute", "displayName": "Unmarshal Type", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Class name of the java type to use when unmarshalling" },
"constructor": { "kind": "attribute", "displayName": "Constructor", "label": "advanced", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "BaseConstructor to construct incoming documents." },
"representer": { "kind": "attribute", "displayName": "Representer", "label": "advanced", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Representer to emit outgoing objects." },
diff --git a/components/camel-snakeyaml/src/main/java/org/apache/camel/component/snakeyaml/SnakeYAMLDataFormat.java b/components/camel-snakeyaml/src/main/java/org/apache/camel/component/snakeyaml/SnakeYAMLDataFormat.java
index 19cedf019f990..3fc93deac880d 100644
--- a/components/camel-snakeyaml/src/main/java/org/apache/camel/component/snakeyaml/SnakeYAMLDataFormat.java
+++ b/components/camel-snakeyaml/src/main/java/org/apache/camel/component/snakeyaml/SnakeYAMLDataFormat.java
@@ -47,6 +47,7 @@
import org.yaml.snakeyaml.constructor.BaseConstructor;
import org.yaml.snakeyaml.constructor.Constructor;
import org.yaml.snakeyaml.constructor.SafeConstructor;
+import org.yaml.snakeyaml.inspector.TrustedTagInspector;
import org.yaml.snakeyaml.nodes.Tag;
import org.yaml.snakeyaml.representer.Representer;
import org.yaml.snakeyaml.resolver.Resolver;
@@ -142,6 +143,7 @@ protected Yaml getYaml(CamelContext context) {
if (yaml == null) {
LoaderOptions options = new LoaderOptions();
+ options.setTagInspector(new TrustedTagInspector());
options.setAllowRecursiveKeys(allowRecursiveKeys);
options.setMaxAliasesForCollections(maxAliasesForCollections);
@@ -389,6 +391,7 @@ private BaseConstructor defaultConstructor(CamelContext context) {
}
LoaderOptions options = new LoaderOptions();
+ options.setTagInspector(new TrustedTagInspector());
options.setAllowRecursiveKeys(allowRecursiveKeys);
options.setMaxAliasesForCollections(maxAliasesForCollections);
@@ -416,7 +419,7 @@ private BaseConstructor defaultConstructor(CamelContext context) {
}
private Representer defaultRepresenter(CamelContext context) {
- Representer yamlRepresenter = new Representer();
+ Representer yamlRepresenter = new Representer(new DumperOptions());
if (classTags != null) {
for (Map.Entry, Tag> entry : classTags.entrySet()) {
@@ -443,7 +446,7 @@ private Resolver defaultResolver(CamelContext context) {
// ***************************
private static Constructor typeFilterConstructor(final Collection typeFilters, LoaderOptions options) {
- Constructor constructor = new Constructor(options) {
+ return new Constructor(options) {
@Override
protected Class> getClassForName(String name) throws ClassNotFoundException {
if (typeFilters.stream().noneMatch(f -> f.test(name))) {
@@ -453,13 +456,12 @@ protected Class> getClassForName(String name) throws ClassNotFoundException {
return super.getClassForName(name);
}
};
- return constructor;
}
private static Constructor typeFilterConstructor(
final ClassLoader classLoader, final Collection typeFilters,
LoaderOptions options) {
- CustomClassLoaderConstructor constructor = new CustomClassLoaderConstructor(classLoader, options) {
+ return new CustomClassLoaderConstructor(classLoader, options) {
@Override
protected Class> getClassForName(String name) throws ClassNotFoundException {
if (typeFilters.stream().noneMatch(f -> f.test(name))) {
@@ -469,6 +471,5 @@ protected Class> getClassForName(String name) throws ClassNotFoundException {
return super.getClassForName(name);
}
};
- return constructor;
}
}
diff --git a/components/camel-snakeyaml/src/main/java/org/apache/camel/component/snakeyaml/custom/CustomClassLoaderConstructor.java b/components/camel-snakeyaml/src/main/java/org/apache/camel/component/snakeyaml/custom/CustomClassLoaderConstructor.java
index 6ab8ceb3554fc..6ce32af73c59d 100644
--- a/components/camel-snakeyaml/src/main/java/org/apache/camel/component/snakeyaml/custom/CustomClassLoaderConstructor.java
+++ b/components/camel-snakeyaml/src/main/java/org/apache/camel/component/snakeyaml/custom/CustomClassLoaderConstructor.java
@@ -16,6 +16,8 @@
*/
package org.apache.camel.component.snakeyaml.custom;
+import java.util.Objects;
+
import org.yaml.snakeyaml.LoaderOptions;
import org.yaml.snakeyaml.constructor.Constructor;
@@ -24,14 +26,11 @@
*/
public class CustomClassLoaderConstructor extends Constructor {
- private ClassLoader loader = this.getClass().getClassLoader();
+ private final ClassLoader loader;
public CustomClassLoaderConstructor(ClassLoader theLoader, LoaderOptions options) {
super(Object.class, options);
- if (theLoader == null) {
- throw new NullPointerException("Loader must be provided.");
- }
- this.loader = theLoader;
+ this.loader = Objects.requireNonNull(theLoader, "Loader must be provided.");
}
@Override
diff --git a/components/camel-snakeyaml/src/test/java/org/apache/camel/component/snakeyaml/SnakeYAMLDoSTest.java b/components/camel-snakeyaml/src/test/java/org/apache/camel/component/snakeyaml/SnakeYAMLDoSTest.java
index 54320d9450aa9..386f16cb51b02 100644
--- a/components/camel-snakeyaml/src/test/java/org/apache/camel/component/snakeyaml/SnakeYAMLDoSTest.java
+++ b/components/camel-snakeyaml/src/test/java/org/apache/camel/component/snakeyaml/SnakeYAMLDoSTest.java
@@ -26,6 +26,7 @@
import org.apache.camel.component.mock.MockEndpoint;
import org.apache.camel.test.junit5.CamelTestSupport;
import org.junit.jupiter.api.Test;
+import org.yaml.snakeyaml.LoaderOptions;
import org.yaml.snakeyaml.Yaml;
import org.yaml.snakeyaml.constructor.SafeConstructor;
@@ -42,14 +43,15 @@ public void testReadingDataFromFile() throws Exception {
assertNotNull(mock);
mock.expectedMessageCount(1);
- InputStream is = this.getClass().getClassLoader().getResourceAsStream("data.yaml");
+ try (InputStream is = this.getClass().getClassLoader().getResourceAsStream("data.yaml")) {
- ProducerTemplate template = context.createProducerTemplate();
- String result = template.requestBody("direct:back", is, String.class);
- assertNotNull(result);
- assertEquals("{name=Colm, location=Dublin}", result.trim());
+ ProducerTemplate template = context.createProducerTemplate();
+ String result = template.requestBody("direct:back", is, String.class);
+ assertNotNull(result);
+ assertEquals("{name=Colm, location=Dublin}", result.trim());
- mock.assertIsSatisfied();
+ mock.assertIsSatisfied();
+ }
}
@Test
@@ -59,18 +61,19 @@ public void testAliasExpansion() throws Exception {
assertNotNull(mock);
mock.expectedMessageCount(0);
- InputStream is = this.getClass().getClassLoader().getResourceAsStream("data-dos.yaml");
+ try (InputStream is = this.getClass().getClassLoader().getResourceAsStream("data-dos.yaml")) {
- ProducerTemplate template = context.createProducerTemplate();
+ ProducerTemplate template = context.createProducerTemplate();
- Exception ex = assertThrows(CamelExecutionException.class,
- () -> template.requestBody("direct:back", is, String.class),
- "Failure expected on an alias expansion attack");
+ Exception ex = assertThrows(CamelExecutionException.class,
+ () -> template.requestBody("direct:back", is, String.class),
+ "Failure expected on an alias expansion attack");
- Throwable cause = ex.getCause();
- assertEquals("Number of aliases for non-scalar nodes exceeds the specified max=50", cause.getMessage());
+ Throwable cause = ex.getCause();
+ assertEquals("Number of aliases for non-scalar nodes exceeds the specified max=50", cause.getMessage());
- mock.assertIsSatisfied();
+ mock.assertIsSatisfied();
+ }
}
@Test
@@ -139,7 +142,7 @@ private String createDump(int size) {
f.put(f, "a");
f.put("g", root);
- Yaml yaml = new Yaml(new SafeConstructor());
+ Yaml yaml = new Yaml(new SafeConstructor(new LoaderOptions()));
return yaml.dump(f);
}
diff --git a/parent/pom.xml b/parent/pom.xml
index 3d69fb1788d1e..95caac3ac7b3e 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -493,7 +493,7 @@
3.0.5
3.3.0
5.6.0
- 1.33
+ 2.0
2.3
2.6.3_1
diff --git a/tooling/maven/camel-restdsl-openapi-plugin/src/main/java/org/apache/camel/maven/generator/openapi/AbstractGenerateMojo.java b/tooling/maven/camel-restdsl-openapi-plugin/src/main/java/org/apache/camel/maven/generator/openapi/AbstractGenerateMojo.java
index 545b44847e215..4498f07a2071d 100644
--- a/tooling/maven/camel-restdsl-openapi-plugin/src/main/java/org/apache/camel/maven/generator/openapi/AbstractGenerateMojo.java
+++ b/tooling/maven/camel-restdsl-openapi-plugin/src/main/java/org/apache/camel/maven/generator/openapi/AbstractGenerateMojo.java
@@ -21,6 +21,7 @@
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
@@ -56,8 +57,10 @@
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.project.MavenProject;
import org.twdata.maven.mojoexecutor.MojoExecutor;
+import org.yaml.snakeyaml.LoaderOptions;
import org.yaml.snakeyaml.Yaml;
import org.yaml.snakeyaml.constructor.SafeConstructor;
+import org.yaml.snakeyaml.inspector.TrustedTagInspector;
import static org.apache.commons.lang3.StringUtils.isNotEmpty;
import static org.twdata.maven.mojoexecutor.MojoExecutor.artifactId;
@@ -172,8 +175,8 @@ DestinationGenerator createDestinationGenerator() throws MojoExecutionException
final DestinationGenerator destinationGeneratorObject;
try {
- destinationGeneratorObject = destinationGeneratorClass.newInstance();
- } catch (InstantiationException | IllegalAccessException e) {
+ destinationGeneratorObject = destinationGeneratorClass.getDeclaredConstructor().newInstance();
+ } catch (InstantiationException | IllegalAccessException | NoSuchMethodException | InvocationTargetException e) {
throw new MojoExecutionException(
"The given destinationGenerator class (" + destinationGenerator
+ ") cannot be instantiated, make sure that it is declared as public and that all dependencies are present on the COMPILE classpath scope of the project",
@@ -226,7 +229,7 @@ void generateDto(final String language) throws MojoExecutionException {
version(swaggerCodegenMavenPluginVersion)),
goal("generate"),
configuration(
- elements.toArray(new MojoExecutor.Element[elements.size()])),
+ elements.toArray(new MojoExecutor.Element[0])),
executionEnvironment(
mavenProject,
mavenSession,
@@ -243,7 +246,7 @@ protected String detectRestComponentFromClasspath() {
for (final Dependency dep : mavenProject.getDependencies()) {
if ("org.apache.camel".equals(dep.getGroupId()) || "org.apache.camel.springboot".equals(dep.getGroupId())) {
final String aid = dep.getArtifactId();
- final Optional comp = Arrays.asList(DEFAULT_REST_CONSUMER_COMPONENTS).stream()
+ final Optional comp = Arrays.stream(DEFAULT_REST_CONSUMER_COMPONENTS)
.filter(c -> aid.startsWith("camel-" + c)).findFirst();
if (comp.isPresent()) {
return comp.get();
@@ -340,7 +343,9 @@ OasDocument readOpenApiDoc(String specificationUri) throws Exception {
String suffix = ".yaml";
if (specificationUri.regionMatches(true, specificationUri.length() - suffix.length(), suffix, 0, suffix.length())) {
- Yaml loader = new Yaml(new SafeConstructor());
+ LoaderOptions options = new LoaderOptions();
+ options.setTagInspector(new TrustedTagInspector());
+ Yaml loader = new Yaml(new SafeConstructor(options));
Map map = loader.load(is);
JsonNode node = mapper.convertValue(map, JsonNode.class);
return (OasDocument) Library.readDocument(node);