[Backport 1.3] Forced ktlint to use logback-core:1.2.13, and logback-classic:1.2.13 to address CVE. #602 #603
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AWSHurneyt
requested review from
lezzago,
qreshi,
bowenlan-amzn,
rishabhmaurya,
getsaurabh02,
eirsep,
sbcd90,
engechas and
riysaxen-amzn
as code owners
…ct#42) * Update Release Notes for GA (opensearch-project#36) * Update Release Notes for GA * Update Release Notes for GA include RC1 Changes as well. Signed-off-by: Aditya Jindal <[email protected]> * add method type in CustomWebhook data model (opensearch-project#39) Signed-off-by: Zhongnan Su <[email protected]> * Fix class loader issue for notifications response (opensearch-project#40) * Fix class loader issue for notifications Signed-off-by: Joshua Li <[email protected]> * Fix formatting Signed-off-by: Joshua Li <[email protected]> * Refactor creation of action listener object Signed-off-by: Joshua Li <[email protected]> * Fix indentation Signed-off-by: Joshua Li <[email protected]> * Remove unused suppresses Signed-off-by: Joshua Li <[email protected]> * Add UT for notification API Signed-off-by: Chen Dai <[email protected]> * Add UT for notification API Signed-off-by: Chen Dai <[email protected]> * Add UT for send notification API Signed-off-by: Chen Dai <[email protected]> * Fix Github workflow failure Signed-off-by: Chen Dai <[email protected]> * Fix Github workflow failure Signed-off-by: Chen Dai <[email protected]> * Refactor UT code Signed-off-by: Chen Dai <[email protected]> Co-authored-by: Joshua Li <[email protected]> Co-authored-by: Zhongnan Su <[email protected]> Co-authored-by: Chen Dai <[email protected]> Co-authored-by: Joshua Li <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
…earch-project#52) * Bumping common-utils to build with OpenSearch(main) 1.1.0 (opensearch-project#48) Signed-off-by: Sarat Vemulapalli <[email protected]> * Updating 1.x to work with OpenSearch 1.x Signed-off-by: Sarat Vemulapalli <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
* Add Commits related to Snapshot build of Common Utils on 1.1 (opensearch-project#67) * Using 1.1 snapshot version for OpenSearch (opensearch-project#57) Signed-off-by: Vacha <[email protected]> * Build snapshot build by default with the same version as OpenSearch. (opensearch-project#58) Signed-off-by: dblock <[email protected]> * Update build.gradle to reflect 1.1.0.0 version Co-authored-by: Vacha <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> * Build snapshot build by default with the same version as OpenSearch. (opensearch-project#58) (opensearch-project#69) Signed-off-by: dblock <[email protected]> * Adding an utility method that allows consumers to set custom thread context property in InjectSecurity class (opensearch-project#47) (opensearch-project#70) Signed-off-by: Ravi Thaluru <[email protected]> Co-authored-by: Ravi <[email protected]> * Add release notes for version 1.1.0.0 * Add release notes for version 1.1.0.0 Co-authored-by: Aditya Jindal <[email protected]> Co-authored-by: Vacha <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> Co-authored-by: Bowen Lan <[email protected]> Co-authored-by: Ravi <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
* Add themed logo to README (opensearch-project#41) Signed-off-by: Miki <[email protected]> * Updates common-utils version to 1.2 (opensearch-project#77) * Updates common-utils version to 1.2 and Uses Maven for 1.2 dependencies Signed-off-by: Clay Downs <[email protected]> * Publish .md5 and .sha1 signatures. (opensearch-project#79) (opensearch-project#80) * Publish .md5 and .sha1 signatures. Signed-off-by: dblock <[email protected]> * Use OpenSearch 1.1. Signed-off-by: dblock <[email protected]> * Publish source and javadoc checksums. (opensearch-project#81) Signed-off-by: dblock <[email protected]> * Update copyright notice (opensearch-project#90) Signed-off-by: Mohammad Qureshi <[email protected]> * Update maven publication to include cksums. (opensearch-project#91) This change adds a local staging repo task that will include cksums. It will also update build.sh to use this new task and copy the contents of the staging repo to the output directory. The maven publish plugin will not include these cksums when publishing to maven local but will when published to a separate folder. Signed-off-by: Marc Handalian <[email protected]> * Add release notes for version 1.2.0.0 (opensearch-project#92) * Add release notes for version 1.2.0.0 Signed-off-by: Ashish Agrawal <[email protected]> Co-authored-by: Miki <[email protected]> Co-authored-by: Clay Downs <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> Co-authored-by: Mohammad Qureshi <[email protected]> Co-authored-by: Marc Handalian <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
* Fix copyright notice and add DCO check workflow (opensearch-project#94) Signed-off-by: Ashish Agrawal <[email protected]> * Update build.sh script to include optional platform param. (opensearch-project#95) Signed-off-by: Marc Handalian <[email protected]> * Add codeowners support for repo (opensearch-project#96) Signed-off-by: Ryan Bogan <[email protected]> * Bump version to 1.3 (opensearch-project#99) Signed-off-by: Ashish Agrawal <[email protected]> * Auto-increment version on new release tags. (opensearch-project#106) Signed-off-by: Daniel Doubrovkine (dB.) <[email protected]> * Remove jcenter repository (opensearch-project#115) Signed-off-by: Peter Nied <[email protected]> * Using Github App token to trigger CI for version increment PRs (opensearch-project#116) Signed-off-by: Vacha Shah <[email protected]> * Fixes copyright headers (opensearch-project#117) Signed-off-by: Drew Baugher <[email protected]> * Remove jcenter repository missed on first pass (opensearch-project#118) Signed-off-by: Peter Nied <[email protected]> * Run CI/CD on Java 8, 11, 14 and 17. (opensearch-project#121) * Run CI/CD on Java 8, 11, 14 and 17. Signed-off-by: Daniel Doubrovkine (dB.) <[email protected]> * Add JDK 17. Signed-off-by: Daniel Doubrovkine (dB.) <[email protected]> * Add .whitesource configuration file (opensearch-project#109) Co-authored-by: whitesource-for-github-com[bot] <50673670+whitesource-for-github-com[bot]@users.noreply.github.com> Co-authored-by: Ashish Agrawal <[email protected]> Co-authored-by: Marc Handalian <[email protected]> Co-authored-by: Ryan Bogan <[email protected]> Co-authored-by: Daniel Doubrovkine (dB.) <[email protected]> Co-authored-by: Peter Nied <[email protected]> Co-authored-by: Vacha Shah <[email protected]> Co-authored-by: Drew Baugher <[email protected]> Co-authored-by: Peter Nied <[email protected]> Co-authored-by: whitesource-for-github-com[bot] <50673670+whitesource-for-github-com[bot]@users.noreply.github.com> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: Saurabh Singh <[email protected]> Co-authored-by: Saurabh Singh <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: Sayali Gaikawad <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: Sayali Gaikawad <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
opensearch-project#150) Signed-off-by: Vacha Shah <[email protected]> (cherry picked from commit 6e78f69) Co-authored-by: Vacha Shah <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: dblock <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: Zelin Hao <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
…ensearch-project#208) * Version increment automation Signed-off-by: pgodithi <[email protected]> * Version increment automation: task rename updateVersion Signed-off-by: pgodithi <[email protected]> (cherry picked from commit 366bf16) Signed-off-by: prudhvigodithi <[email protected]> Signed-off-by: pgodithi <[email protected]> Signed-off-by: prudhvigodithi <[email protected]> Co-authored-by: Prudhvi Godithi <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: prudhvigodithi <[email protected]> Signed-off-by: prudhvigodithi <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
…pensearch-project#258) (opensearch-project#260) Signed-off-by: Peter Zhu <[email protected]> Signed-off-by: Peter Zhu <[email protected]> (cherry picked from commit 7dcb3a0) Co-authored-by: Peter Zhu <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
…ect#266) * disable detekt so that snakeyaml <= 1.31 is not used Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: Subhobrata Dey <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
* Increment version to 1.3.7-SNAPSHOT Signed-off-by: opensearch-ci-bot <[email protected]> * empty commit trigger Signed-off-by: Peter Zhu <[email protected]> Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: Peter Zhu <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Co-authored-by: Peter Zhu <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: Subhobrata Dey <[email protected]> Signed-off-by: Subhobrata Dey <[email protected]> Co-authored-by: Surya Sashank Nistala <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
…t#377) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit 89b7457) Co-authored-by: Craig Perkins <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: GitHub <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
Signed-off-by: opensearch-ci-bot <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
* Increment version to 1.3.15-SNAPSHOT Signed-off-by: opensearch-ci-bot <[email protected]> * Empty-Commit Signed-off-by: Ashish Agrawal <[email protected]> * Remove jdk 8 CI test Signed-off-by: Ashish Agrawal <[email protected]> --------- Signed-off-by: opensearch-ci-bot <[email protected]> Signed-off-by: Ashish Agrawal <[email protected]> Co-authored-by: opensearch-ci-bot <[email protected]> Co-authored-by: Ashish Agrawal <[email protected]> Signed-off-by: AWSHurneyt <[email protected]>
…to address CVE. (opensearch-project#602) Signed-off-by: AWSHurneyt <[email protected]>
AWSHurneyt
force-pushed
the
1.3-pr602-backport
branch
from
a611e3c to
10966b8
Compare
Signed-off-by: AWSHurneyt <[email protected]>
engechas
approved these changes
Feb 29, 2024
lezzago
approved these changes
Feb 29, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Manual backport of PR #602
Issues Resolved
[List any issues this PR will resolve]
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.