From 7d4de5e708ae6c047c265feeba1c06c1067200b5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Jun 2024 15:22:57 +0200 Subject: [PATCH] Bump org.apache.commons:commons-jexl3 from 3.2.1 to 3.3 (#892) * Bump org.apache.commons:commons-jexl3 from 3.2.1 to 3.3 Bumps org.apache.commons:commons-jexl3 from 3.2.1 to 3.3. --- updated-dependencies: - dependency-name: org.apache.commons:commons-jexl3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * Use JEXL 3.2.1 permissions * Use JEXL 3.2.1 permissions * Use JEXL 3.2.1 permissions --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michel ten Voorde Co-authored-by: MichelTenVoorde --- .../dotwebstack/framework/core/jexl/JexlConfiguration.java | 2 ++ .../org/dotwebstack/framework/core/jexl/JexlHelperTest.java | 2 ++ pom.xml | 2 +- .../openapi/exception/OpenApiExceptionHandlerTest.java | 2 ++ .../service/openapi/helper/CoreRequestHelperTest.java | 4 +++- .../service/openapi/query/QueryArgumentBuilderTest.java | 2 ++ .../service/openapi/response/JsonBodyMapperTest.java | 2 ++ .../response/header/DefaultResponseHeaderResolverTest.java | 2 ++ 8 files changed, 16 insertions(+), 2 deletions(-) diff --git a/core/src/main/java/org/dotwebstack/framework/core/jexl/JexlConfiguration.java b/core/src/main/java/org/dotwebstack/framework/core/jexl/JexlConfiguration.java index 61b5f2e8a7..5b41eb9000 100644 --- a/core/src/main/java/org/dotwebstack/framework/core/jexl/JexlConfiguration.java +++ b/core/src/main/java/org/dotwebstack/framework/core/jexl/JexlConfiguration.java @@ -6,6 +6,7 @@ import lombok.extern.slf4j.Slf4j; import org.apache.commons.jexl3.JexlBuilder; import org.apache.commons.jexl3.JexlEngine; +import org.apache.commons.jexl3.introspection.JexlPermissions; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -21,6 +22,7 @@ public JexlEngine jexlBuilder(List jexlFunctions) { return new JexlBuilder().silent(false) .namespaces(namespaces) .strict(true) + .permissions(JexlPermissions.UNRESTRICTED) .create(); } } diff --git a/core/src/test/java/org/dotwebstack/framework/core/jexl/JexlHelperTest.java b/core/src/test/java/org/dotwebstack/framework/core/jexl/JexlHelperTest.java index 341da0e1f9..cfeaea7f3c 100644 --- a/core/src/test/java/org/dotwebstack/framework/core/jexl/JexlHelperTest.java +++ b/core/src/test/java/org/dotwebstack/framework/core/jexl/JexlHelperTest.java @@ -13,6 +13,7 @@ import org.apache.commons.jexl3.JexlContext; import org.apache.commons.jexl3.JexlEngine; import org.apache.commons.jexl3.MapContext; +import org.apache.commons.jexl3.introspection.JexlPermissions; import org.dotwebstack.framework.core.InvalidConfigurationException; import org.junit.jupiter.api.Test; @@ -21,6 +22,7 @@ class JexlHelperTest { private final JexlEngine jexlEngine = new JexlBuilder().silent(false) .strict(true) + .permissions(JexlPermissions.UNRESTRICTED) .create(); private final JexlHelper jexlHelper = new JexlHelper(this.jexlEngine); diff --git a/pom.xml b/pom.xml index b75c7d8b61..f587efafbd 100644 --- a/pom.xml +++ b/pom.xml @@ -50,7 +50,7 @@ 4.3.12 21.3 0.2.2 - 3.2.1 + 3.4.0 1.12.0 3.14.0 3.2.2 diff --git a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/exception/OpenApiExceptionHandlerTest.java b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/exception/OpenApiExceptionHandlerTest.java index 79e615cc58..817410b24b 100644 --- a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/exception/OpenApiExceptionHandlerTest.java +++ b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/exception/OpenApiExceptionHandlerTest.java @@ -19,6 +19,7 @@ import org.apache.commons.jexl3.JexlBuilder; import org.apache.commons.jexl3.JexlEngine; import org.apache.commons.jexl3.JexlScript; +import org.apache.commons.jexl3.introspection.JexlPermissions; import org.dotwebstack.framework.service.openapi.TestResources; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -211,6 +212,7 @@ void handle_exceptionRuleWithAcceptableMimeTypes_returnsEntity() { private JexlScript getJexlScript(String scriptText) { JexlEngine sjexl = new JexlBuilder().silent(false) .strict(true) + .permissions(JexlPermissions.UNRESTRICTED) .create(); return sjexl.createScript(scriptText); } diff --git a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/helper/CoreRequestHelperTest.java b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/helper/CoreRequestHelperTest.java index d2919356a0..5b496127aa 100644 --- a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/helper/CoreRequestHelperTest.java +++ b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/helper/CoreRequestHelperTest.java @@ -15,6 +15,7 @@ import java.util.Set; import org.apache.commons.jexl3.JexlBuilder; import org.apache.commons.jexl3.JexlEngine; +import org.apache.commons.jexl3.introspection.JexlPermissions; import org.dotwebstack.framework.core.jexl.JexlHelper; import org.dotwebstack.framework.core.query.GraphQlField; import org.dotwebstack.framework.service.openapi.exception.InvalidOpenApiConfigurationException; @@ -86,7 +87,8 @@ void addEvaluatedDwsParameters_addsEvaluatedJexlParams() { ServerRequest request = Mockito.mock(ServerRequest.class); when(request.path()).thenReturn("/path"); - JexlEngine jexlEngine = new JexlBuilder().create(); + JexlEngine jexlEngine = new JexlBuilder().permissions(JexlPermissions.UNRESTRICTED) + .create(); JexlHelper jexlHelper = new JexlHelper(jexlEngine); when(environmentProperties.getAllProperties()).thenReturn(Map.of("baseUrl", "https://dotwebstack.org/api")); diff --git a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/query/QueryArgumentBuilderTest.java b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/query/QueryArgumentBuilderTest.java index 3f8abdca18..091672699f 100644 --- a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/query/QueryArgumentBuilderTest.java +++ b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/query/QueryArgumentBuilderTest.java @@ -30,6 +30,7 @@ import java.util.Map; import java.util.stream.Stream; import org.apache.commons.jexl3.JexlBuilder; +import org.apache.commons.jexl3.introspection.JexlPermissions; import org.dotwebstack.framework.service.openapi.TestResources; import org.dotwebstack.framework.service.openapi.handler.OperationRequest; import org.dotwebstack.framework.service.openapi.mapping.EnvironmentProperties; @@ -55,6 +56,7 @@ class QueryArgumentBuilderTest { void beforeAll() { queryArgumentBuilder = new QueryArgumentBuilder(environmentProperties, new JexlBuilder().silent(false) .strict(true) + .permissions(JexlPermissions.UNRESTRICTED) .create()); } diff --git a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/response/JsonBodyMapperTest.java b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/response/JsonBodyMapperTest.java index 3e5897ba52..af601771b4 100644 --- a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/response/JsonBodyMapperTest.java +++ b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/response/JsonBodyMapperTest.java @@ -14,6 +14,7 @@ import java.util.Map; import java.util.stream.Stream; import org.apache.commons.jexl3.JexlBuilder; +import org.apache.commons.jexl3.introspection.JexlPermissions; import org.dotwebstack.framework.service.openapi.OpenApiProperties; import org.dotwebstack.framework.service.openapi.TestResources; import org.dotwebstack.framework.service.openapi.handler.OperationContext; @@ -53,6 +54,7 @@ void beforeEach() { var pagingLinkFunctions = new PagingFunctions(); bodyMapper = new JsonBodyMapper(TestResources.graphQl(), new JexlBuilder().silent(false) .strict(true) + .permissions(JexlPermissions.UNRESTRICTED) .namespaces(Map.of(pagingLinkFunctions.getNamespace(), pagingLinkFunctions)) .create(), properties, List.of(new GeometryTypeMapper(new OpenApiProperties()))); } diff --git a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/response/header/DefaultResponseHeaderResolverTest.java b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/response/header/DefaultResponseHeaderResolverTest.java index bb677d372c..e72890c303 100644 --- a/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/response/header/DefaultResponseHeaderResolverTest.java +++ b/service/openapi/src/test/java/org/dotwebstack/framework/service/openapi/response/header/DefaultResponseHeaderResolverTest.java @@ -13,6 +13,7 @@ import java.util.stream.Stream; import org.apache.commons.jexl3.JexlBuilder; import org.apache.commons.jexl3.JexlEngine; +import org.apache.commons.jexl3.introspection.JexlPermissions; import org.dotwebstack.framework.core.InvalidConfigurationException; import org.dotwebstack.framework.service.openapi.TestResources; import org.dotwebstack.framework.service.openapi.handler.OperationContext; @@ -47,6 +48,7 @@ void beforeEach() { openApi = TestResources.openApi("openapi.yaml"); jexlEngine = new JexlBuilder().silent(false) .strict(true) + .permissions(JexlPermissions.UNRESTRICTED) .create(); }