From 1127a04b7488d562233fa9c3409b61ec7e6f01c9 Mon Sep 17 00:00:00 2001 From: Kira Traynor Date: Tue, 16 Apr 2024 13:53:11 -0600 Subject: [PATCH 1/6] LC-406 - Upgrade vulnerable dependencies. --- lucille-core/pom.xml | 6 +++--- lucille-parent/pom.xml | 8 ++++---- lucille-plugins/lucille-ocr/pom.xml | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/lucille-core/pom.xml b/lucille-core/pom.xml index 7f02d2236..bc9cbbd45 100644 --- a/lucille-core/pom.xml +++ b/lucille-core/pom.xml @@ -68,7 +68,7 @@ com.google.guava guava - 31.0.1-jre + 32.0.1-jre @@ -178,7 +178,7 @@ com.jayway.jsonpath json-path - 2.6.0 + 2.9.0 @@ -275,7 +275,7 @@ com.h2database h2 - 1.4.200 + 2.2.220 test diff --git a/lucille-parent/pom.xml b/lucille-parent/pom.xml index 4f590ae1a..98651ecab 100644 --- a/lucille-parent/pom.xml +++ b/lucille-parent/pom.xml @@ -42,10 +42,10 @@ 3.3.2 3.3.0 3.0.1 - 2.12.2 + 2.13.5 9.7.0 - 9.3.0 + 9.4.1 1.2.0 0.1.0 2.6.0 @@ -60,8 +60,8 @@ 2.0.7 3.12.0 1.10.0 - 3.19.2 - 4.1.89.Final + 3.19.6 + 4.1.108.Final 1.53.0 UTF-8 diff --git a/lucille-plugins/lucille-ocr/pom.xml b/lucille-plugins/lucille-ocr/pom.xml index 9c8093a79..cafb19992 100644 --- a/lucille-plugins/lucille-ocr/pom.xml +++ b/lucille-plugins/lucille-ocr/pom.xml @@ -39,7 +39,7 @@ org.apache.pdfbox pdfbox - 2.0.22 + 2.0.24 org.slf4j From 6e9225e5c1aa5089f71336c198acbaf143aa2c80 Mon Sep 17 00:00:00 2001 From: Kira Traynor Date: Tue, 16 Apr 2024 14:19:22 -0600 Subject: [PATCH 2/6] LC-406 - Upgrade kafka client and kafka test utility dependencies. --- lucille-core/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lucille-core/pom.xml b/lucille-core/pom.xml index bc9cbbd45..e20acd15a 100644 --- a/lucille-core/pom.xml +++ b/lucille-core/pom.xml @@ -58,7 +58,7 @@ org.apache.kafka kafka-clients - 3.1.0 + 3.6.1 org.apache.curator @@ -267,7 +267,7 @@ net.mguenther.kafka kafka-junit - 3.1.0 + 3.6.0 test From 77180a559f5928fc9ce5ac8a65f8183525b5be66 Mon Sep 17 00:00:00 2001 From: Kira Traynor Date: Tue, 16 Apr 2024 14:39:52 -0600 Subject: [PATCH 3/6] LC-406 - In version 2.x or com.h2database, the term 'value' was added to the reserved keyword list so it has to be surrounded by backticks, showing that it is a column name. --- lucille-core/src/test/resources/db-test-start.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lucille-core/src/test/resources/db-test-start.sql b/lucille-core/src/test/resources/db-test-start.sql index 3e38e153e..93434126c 100755 --- a/lucille-core/src/test/resources/db-test-start.sql +++ b/lucille-core/src/test/resources/db-test-start.sql @@ -34,6 +34,6 @@ CREATE TABLE mixed(id VARCHAR, int_field INT, bool_field BIT); INSERT INTO mixed VALUES ('1', 3, 1); INSERT INTO mixed VALUES ('2', 4, 0); -create table table_with_id_column(id int, value int, other_id varchar(10)); +create table table_with_id_column(id int, `value` int, other_id varchar(10)); insert into table_with_id_column values (1, 1, 'id1'); insert into table_with_id_column values (2, 2, 'id2'); From 90df3444ec0404e48f2b816185ac14d7db329a08 Mon Sep 17 00:00:00 2001 From: Kira Traynor Date: Tue, 16 Apr 2024 15:26:55 -0600 Subject: [PATCH 4/6] LC-406 - Upgrade lucene to same version that solr 9.4.1 uses. --- lucille-parent/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lucille-parent/pom.xml b/lucille-parent/pom.xml index 98651ecab..23d2f613c 100644 --- a/lucille-parent/pom.xml +++ b/lucille-parent/pom.xml @@ -44,7 +44,7 @@ 3.0.1 2.13.5 - 9.7.0 + 9.8.0 9.4.1 1.2.0 0.1.0 From d2d2315625b99e534257d9d265718cda28b8583c Mon Sep 17 00:00:00 2001 From: Rudi Seitz Date: Mon, 22 Apr 2024 11:56:15 -0400 Subject: [PATCH 5/6] close the Http2SolrClient created in SolrUtilsTest.getHttpClientTest() may contribute to fixing an ObjectReleaseTracker issue encountered in SolrIndexerIntegrationTest --- .../src/test/java/com/kmwllc/lucille/util/SolrUtilsTest.java | 1 + 1 file changed, 1 insertion(+) diff --git a/lucille-core/src/test/java/com/kmwllc/lucille/util/SolrUtilsTest.java b/lucille-core/src/test/java/com/kmwllc/lucille/util/SolrUtilsTest.java index a84cdc488..2bf21a07c 100644 --- a/lucille-core/src/test/java/com/kmwllc/lucille/util/SolrUtilsTest.java +++ b/lucille-core/src/test/java/com/kmwllc/lucille/util/SolrUtilsTest.java @@ -31,6 +31,7 @@ public void getHttpClientTest() throws Exception { Http2SolrClient client = SolrUtils.getHttpClient(config); // would like to inspect the solr client to confirm credentials are configured, but can’t do that so just checking it’s non-null assertNotNull(client); + client.close(); } @Test From e28108e9bc28b61bbb7b60a462f8c6a773d18ee6 Mon Sep 17 00:00:00 2001 From: Kira Traynor Date: Mon, 22 Apr 2024 20:19:10 -0400 Subject: [PATCH 6/6] LC-406 - Increase versions for packages that can be upgraded. --- lucille-core/pom.xml | 4 ++-- lucille-parent/pom.xml | 8 ++++---- lucille-plugins/lucille-ocr/pom.xml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lucille-core/pom.xml b/lucille-core/pom.xml index e20acd15a..8023838e5 100644 --- a/lucille-core/pom.xml +++ b/lucille-core/pom.xml @@ -68,7 +68,7 @@ com.google.guava guava - 32.0.1-jre + 33.1.0-jre @@ -275,7 +275,7 @@ com.h2database h2 - 2.2.220 + 2.2.224 test diff --git a/lucille-parent/pom.xml b/lucille-parent/pom.xml index 23d2f613c..d6c9f8fec 100644 --- a/lucille-parent/pom.xml +++ b/lucille-parent/pom.xml @@ -42,10 +42,10 @@ 3.3.2 3.3.0 3.0.1 - 2.13.5 + 2.17.0 - 9.8.0 - 9.4.1 + 9.9.2 + 9.5.0 1.2.0 0.1.0 2.6.0 @@ -60,7 +60,7 @@ 2.0.7 3.12.0 1.10.0 - 3.19.6 + 3.25.3 4.1.108.Final 1.53.0 UTF-8 diff --git a/lucille-plugins/lucille-ocr/pom.xml b/lucille-plugins/lucille-ocr/pom.xml index cafb19992..b51ac6ce5 100644 --- a/lucille-plugins/lucille-ocr/pom.xml +++ b/lucille-plugins/lucille-ocr/pom.xml @@ -39,7 +39,7 @@ org.apache.pdfbox pdfbox - 2.0.24 + 2.0.31 org.slf4j