Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE fixes, Feb 2024 #174

Merged
merged 15 commits into from
Mar 16, 2024
Merged

CVE fixes, Feb 2024 #174

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
4e5971d
CVE fixes, closes #133
Feb 21, 2024
91995cc
Merge branch 'main' into issues/133
Haarolean Feb 21, 2024
25842f1
Merge branch 'main' into issues/133
Haarolean Mar 1, 2024
4d210d1
CVE fixes, closes #133
Mar 2, 2024
cefa86b
Merge remote-tracking branch 'origin/issues/133' into issues/133
Mar 2, 2024
e8830fc
CVE fixes, closes #133
Mar 2, 2024
e0512fe
CVE fixes, closes #133
Mar 3, 2024
52c67b3
CVE fixes, closes #133
Mar 3, 2024
adee159
Merge branch 'main' into issues/133
Haarolean Mar 7, 2024
e2cde5b
Update CVE checks workflow name
Haarolean Mar 7, 2024
a6276b8
Merge branch 'main' of github.com:kafbat/kafka-ui into issues/133
Mar 10, 2024
043df7b
CVE fixes, closes #133
Mar 11, 2024
52e80b4
Merge remote-tracking branch 'origin/issues/133' into issues/133
Mar 11, 2024
a46c914
Remove unused props
Haarolean Mar 16, 2024
5ed608d
Merge branch 'main' into issues/133
Haarolean Mar 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/cve.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: CVE checks docker main
name: "Infra: CVE checks"
on:
workflow_dispatch:
schedule:
Expand Down
2 changes: 1 addition & 1 deletion api/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#FROM azul/zulu-openjdk-alpine:17-jre-headless
FROM azul/zulu-openjdk-alpine@sha256:a36679ac0d28cb835e2a8c00e1e0d95509c6c51c5081c7782b85edb1f37a771a
FROM azul/zulu-openjdk-alpine@sha256:d59f1266db40341318e563fd76c21b2880ffa5d371f0c097c29d33f89c3a0010

RUN apk add --no-cache \
# snappy codec
Expand Down
24 changes: 24 additions & 0 deletions api/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,30 @@
<groupId>dev.cel</groupId>
<artifactId>cel</artifactId>
</dependency>
<!-- CVE fixes -->
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.4.12</version>
</dependency>
<!-- CVE fixes -->
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>1.4.12</version>
</dependency>
<!-- CVE fixes -->
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>logging-interceptor</artifactId>
<version>4.12.0</version>
</dependency>
<!-- CVE fixes -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
<version>1.26.0</version>
</dependency>

</dependencies>

Expand Down
7 changes: 6 additions & 1 deletion api/src/main/java/io/kafbat/ui/serdes/builtin/ProtobufFileSerde.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -365,7 +365,8 @@ private Map<String, ProtoFile> knownProtoFiles() {
loadKnownProtoFile("google/protobuf/struct.proto", StructProto.getDescriptor()),
loadKnownProtoFile("google/protobuf/timestamp.proto", TimestampProto.getDescriptor()),
loadKnownProtoFile("google/protobuf/type.proto", TypeProto.getDescriptor()),
loadKnownProtoFile("google/protobuf/wrappers.proto", WrappersProto.getDescriptor())
loadKnownProtoFile("google/protobuf/wrappers.proto", WrappersProto.getDescriptor()),
loadKnownProtoFile("wire/extensions.proto")
).collect(Collectors.toMap(p -> p.getLocation().getPath(), p -> p));
}

Expand All @@ -382,6 +383,10 @@ private ProtoFile loadKnownProtoFile(String path, Descriptors.FileDescriptor fil
return ProtoFile.Companion.get(ProtoParser.Companion.parse(Location.get(path), protoFileString));
}

private ProtoFile loadKnownProtoFile(String path) {
return ProtoFile.Companion.get(ProtoFileElement.empty(path));
}

private Loader createFilesLoader(Map<String, ProtoFile> files) {
return new Loader() {
@Override
Expand Down
4 changes: 2 additions & 2 deletions documentation/compose/postgres/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ ARG image

FROM ${image}

MAINTAINER Kafbat Team
Haarolean marked this conversation as resolved.
Show resolved Hide resolved
LABEL maintainer="Kafbat Team"

ADD data.sql /docker-entrypoint-initdb.d
COPY data.sql /docker-entrypoint-initdb.d

EXPOSE 5432
13 changes: 6 additions & 7 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,30 +32,29 @@
<antlr4-maven-plugin.version>4.12.0</antlr4-maven-plugin.version>
<apache.commons.version>2.12.0</apache.commons.version>
<assertj.version>3.25.3</assertj.version>
<avro.version>1.11.1</avro.version>
<avro.version>1.11.3</avro.version>
<byte-buddy.version>1.12.19</byte-buddy.version>
<confluent.version>7.4.0</confluent.version>
<confluent.version>7.4.4</confluent.version>
<datasketches-java.version>3.1.0</datasketches-java.version>
<groovy.version>3.0.13</groovy.version>
<jackson.version>2.14.0</jackson.version>
<kafka-clients.version>3.5.0</kafka-clients.version>
<kafka-clients.version>3.5.2</kafka-clients.version>
<org.mapstruct.version>1.5.5.Final</org.mapstruct.version>
<org.projectlombok.version>1.18.30</org.projectlombok.version>
<protobuf-java.version>3.23.3</protobuf-java.version>
<scala-lang.library.version>2.13.9</scala-lang.library.version>
<snakeyaml.version>2.0</snakeyaml.version>
<spring-boot.version>3.1.3</spring-boot.version>
<spring-boot.version>3.1.9</spring-boot.version>
<serde-api.version>1.0.0</serde-api.version>
<odd-oddrn-generator.version>0.1.17</odd-oddrn-generator.version>
<odd-oddrn-client.version>0.1.39</odd-oddrn-client.version>
<org.json.version>20230227</org.json.version>
<org.json.version>20231013</org.json.version>
<dev.cel.version>0.3.0</dev.cel.version>
<guava.version>33.0.0-jre</guava.version>

<!-- Test dependency versions -->
<junit.version>5.9.1</junit.version>
<mockito.version>5.3.1</mockito.version>
<okhttp3.mockwebserver.version>4.10.0</okhttp3.mockwebserver.version>
<okhttp3.mockwebserver.version>4.12.0</okhttp3.mockwebserver.version>
<testcontainers.version>1.19.5</testcontainers.version>

<!-- Frontend dependency versions -->
Expand Down
Loading