Skip to content

Commit

Permalink
add base dependency version to cve remediations for downstream runtim…
Browse files Browse the repository at this point in the history 
…e builds
  • Loading branch information
Brendan Doyle committed Feb 24, 2023
1 parent 6dd737d commit 453e498
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion core/monitoring/user-events/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ dependencies {

testImplementation "junit:junit:4.11"
testImplementation "org.scalatest:scalatest_${gradle.scala.depVersion}:3.0.8"
testImplementation "io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}"
testImplementation "io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}:2.4.0"
constraints {
testImplementation("io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}:2.4.0")
testImplementation('org.apache.avro:avro:1.11.1') {
Expand Down
2 changes: 1 addition & 1 deletion core/standalone/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@ dependencies {
implementation project(':tools:admin')
implementation "org.rogach:scallop_${gradle.scala.depVersion}:3.3.2"

implementation "io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}"
implementation "io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}:2.4.0"
constraints {
implementation("io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}:2.4.0")
implementation('org.apache.avro:avro:1.11.1') {
Expand Down
4 changes: 2 additions & 2 deletions tests/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -232,14 +232,14 @@ dependencies {
implementation ("org.apache.curator:curator-test:${gradle.curator.version}") {
exclude group: 'log4j'
}
implementation "com.atlassian.oai:swagger-request-validator-core"
implementation "com.atlassian.oai:swagger-request-validator-core:1.4.5"
constraints {
implementation("com.atlassian.oai:swagger-request-validator-core:1.4.5")
implementation("org.slf4j:slf4j-ext:1.7.36") {
because 'swagger-request-validator-core cannot be upgraded to 2.x where vuln is remediated'
}
}
implementation "io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}"
implementation "io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}:2.4.0"
constraints {
implementation("io.github.embeddedkafka:embedded-kafka_${gradle.scala.depVersion}:2.4.0")
implementation('org.apache.avro:avro:1.11.1') {
Expand Down

0 comments on commit 453e498

Please sign in to comment.