From 27e857d0d1dae4f58a07c4b2e88e3bc93cc0b186 Mon Sep 17 00:00:00 2001 From: Laurent Date: Tue, 14 Mar 2023 10:30:03 +0100 Subject: [PATCH] bump snakeyaml to 2.0 and jackson to 2.14.2 --- .../v3/parser/util/DeserializationUtils.java | 14 +++++++++----- pom.xml | 6 +++--- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/DeserializationUtils.java b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/DeserializationUtils.java index 7799d93fa0..9b686c445c 100644 --- a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/DeserializationUtils.java +++ b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/DeserializationUtils.java @@ -200,7 +200,7 @@ public static JsonNode readYamlTree(String contents) { public static JsonNode readYamlTree(String contents, ParseOptions parseOptions, SwaggerParseResult deserializationUtilsResult) { if (parseOptions != null && parseOptions.isLegacyYamlDeserialization()) { - org.yaml.snakeyaml.Yaml yaml = new org.yaml.snakeyaml.Yaml(new SafeConstructor()); + org.yaml.snakeyaml.Yaml yaml = new org.yaml.snakeyaml.Yaml(); return Json.mapper().convertValue(yaml.load(contents), JsonNode.class); } try { @@ -208,7 +208,7 @@ public static JsonNode readYamlTree(String contents, ParseOptions parseOptions, if (options.isValidateYamlInput()) { yaml = buildSnakeYaml(new CustomSnakeYamlConstructor()); } else { - yaml = buildSnakeYaml(new SafeConstructor()); + yaml = buildSnakeYaml(new SafeConstructor(new LoaderOptions())); } Object o = yaml.load(contents); if (options.isValidateYamlInput()) { @@ -244,7 +244,7 @@ public static T readYamlValue(String contents, Class expectedType) { return readYamlValue(contents, expectedType, false); } public static T readYamlValue(String contents, Class expectedType, boolean openapi31) { - org.yaml.snakeyaml.Yaml yaml = new org.yaml.snakeyaml.Yaml(new SafeConstructor()); + org.yaml.snakeyaml.Yaml yaml = new org.yaml.snakeyaml.Yaml(); ObjectMapper jsonMapper = openapi31 ? Json31.mapper() : Json.mapper(); return jsonMapper.convertValue(yaml.load(contents), expectedType); } @@ -265,7 +265,7 @@ public static org.yaml.snakeyaml.Yaml buildSnakeYaml(BaseConstructor constructor method.invoke(loaderOptions, false); method = LoaderOptions.class.getMethod("setCodePointLimit", int.class); method.invoke(loaderOptions, options.getMaxYamlCodePoints()); - org.yaml.snakeyaml.Yaml yaml = new org.yaml.snakeyaml.Yaml(constructor, new Representer(), new DumperOptions(), loaderOptions, new CustomResolver()); + org.yaml.snakeyaml.Yaml yaml = new org.yaml.snakeyaml.Yaml(constructor, new Representer(new DumperOptions()), new DumperOptions(), loaderOptions, new CustomResolver()); return yaml; } catch (ReflectiveOperationException e) { // @@ -396,7 +396,11 @@ public SnakeException(String message, Throwable cause) { static class CustomSnakeYamlConstructor extends SafeConstructor { - private boolean checkNode(MappingNode node, Integer depth) { + public CustomSnakeYamlConstructor() { + super(new LoaderOptions()); + } + + private boolean checkNode(MappingNode node, Integer depth) { if (node.getValue() == null) return true; if (depth > options.getMaxYamlDepth()) return false; int currentDepth = depth; diff --git a/pom.xml b/pom.xml index 8875231041..0d4e3716e6 100644 --- a/pom.xml +++ b/pom.xml @@ -402,7 +402,7 @@ - 1.33 + 2.0 1.0.64 2.11.0 1.7.30 @@ -414,8 +414,8 @@ 2.15.0 2.22.2 3.2.1 - 2.14.0 - 2.14.0 + 2.14.2 + 2.14.2 UTF-8 https://oss.sonatype.org/content/repositories/snapshots/