Skip to content

Commit

Permalink
#82: Fix CVE-2023-4043 in test dependency `org.eclipse.parsson:parsso…
Browse files Browse the repository at this point in the history 
…n` (#83)
  • Loading branch information
@kaklakariada
kaklakariada authored Nov 20, 2023
1 parent 0f77aa7 commit b46bdb6
Show file tree
Hide file tree
Showing 8 changed files with 148 additions and 97 deletions.
23 changes: 19 additions & 4 deletions .github/workflows/dependencies_check.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

107 changes: 53 additions & 54 deletions dependencies.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions doc/changes/changelog.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 40 additions & 0 deletions doc/changes/changes_2.1.1.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# Exasol AWS Glue Connector 2.1.1, released 2023-11-20

Code name: Fix CVE-2023-4043 in test dependency `org.eclipse.parsson:parsson`

## Summary

This release fixes vulnerability CVE-2023-4043 in test dependency `org.eclipse.parsson:parsson`.

## Security

* #82: Fixed CVE-2023-4043 in test dependency `org.eclipse.parsson:parsson`

## Dependency Updates

### Compile Dependency Updates

* Updated `software.amazon.awssdk:s3:2.21.8` to `2.21.26`

### Test Dependency Updates

* Updated `com.amazonaws:aws-java-sdk-s3:1.12.574` to `1.12.592`
* Updated `com.exasol:exasol-testcontainers:6.6.2` to `6.6.3`
* Updated `com.exasol:hamcrest-resultset-matcher:1.6.1` to `1.6.2`
* Updated `com.exasol:test-db-builder-java:3.5.1` to `3.5.2`
* Updated `nl.jqno.equalsverifier:equalsverifier:3.15.2` to `3.15.3`
* Updated `org.apache.logging.log4j:log4j-api:2.21.1` to `2.22.0`
* Updated `org.apache.logging.log4j:log4j-core:2.21.1` to `2.22.0`
* Updated `org.junit.jupiter:junit-jupiter-api:5.10.0` to `5.10.1`
* Updated `org.junit.jupiter:junit-jupiter:5.10.0` to `5.10.1`
* Updated `org.mockito:mockito-core:5.6.0` to `5.7.0`
* Updated `org.mockito:mockito-junit-jupiter:5.6.0` to `5.7.0`
* Updated `org.testcontainers:junit-jupiter:1.19.1` to `1.19.2`
* Updated `org.testcontainers:localstack:1.19.1` to `1.19.2`

### Plugin Dependency Updates

* Updated `com.exasol:project-keeper-maven-plugin:2.9.14` to `2.9.16`
* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.1.2` to `3.2.2`
* Updated `org.apache.maven.plugins:maven-shade-plugin:3.5.0` to `3.5.1`
* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.1.2` to `3.2.2`
4 changes: 2 additions & 2 deletions doc/developers_guide/developers_guide.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,11 +40,11 @@ To test connector by creating a custom connector, please follow these steps.

### Creating an Assembly Jar

By running `mvn verify` or `mvn package` create a connector artifact. For example, `target/exasol-glue-connector-2.1.0-assembly.jar`.
By running `mvn verify` or `mvn package` create a connector artifact. For example, `target/exasol-glue-connector-2.1.1-assembly.jar`.

### Uploading the Artifact to S3 Bucket

Upload the JAR artifact from previous step into an S3 bucket. For instance, `s3://exasol-artifacts/glue-connector/exasol-glue-connector-2.1.0-assembly.jar`.
Upload the JAR artifact from previous step into an S3 bucket. For instance, `s3://exasol-artifacts/glue-connector/exasol-glue-connector-2.1.1-assembly.jar`.

### Creating a Glue Studio Custom Connector

Expand Down
15 changes: 10 additions & 5 deletions pk_generated_parent.pom
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit b46bdb6

Please sign in to comment.