Skip to content

Commit f40315e

Browse files
sapessisapessi
committed
Added dependency check plugin for the library and updated dependencies in samples.
1 parent 526a35c commit f40315e

File tree

10 files changed

+131
-29
lines changed

10 files changed

+131
-29
lines changed

aws-serverless-java-container-core/pom.xml

Lines changed: 21 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@
2525
<dependency>
2626
<groupId>com.amazonaws</groupId>
2727
<artifactId>aws-lambda-java-core</artifactId>
28-
<version>1.1.0</version>
28+
<version>1.2.0</version>
2929
</dependency>
3030

3131
<!-- https://mvnrepository.com/artifact/javax.servlet/javax.servlet-api -->
@@ -53,7 +53,7 @@
5353
<dependency>
5454
<groupId>commons-fileupload</groupId>
5555
<artifactId>commons-fileupload</artifactId>
56-
<version>1.3.2</version>
56+
<version>1.3.3</version>
5757
</dependency>
5858

5959
<!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpmime -->
@@ -106,6 +106,25 @@
106106
</execution>
107107
</executions>
108108
</plugin>
109+
<plugin>
110+
<groupId>org.owasp</groupId>
111+
<artifactId>dependency-check-maven</artifactId>
112+
<version>3.1.1</version>
113+
<configuration>
114+
<skipProvidedScope>true</skipProvidedScope>
115+
<suppressionFiles>
116+
<suppressionFile>${project.basedir}/../owasp-suppression.xml</suppressionFile>
117+
</suppressionFiles>
118+
<failBuildOnCVSS>7</failBuildOnCVSS>
119+
</configuration>
120+
<executions>
121+
<execution>
122+
<goals>
123+
<goal>check</goal>
124+
</goals>
125+
</execution>
126+
</executions>
127+
</plugin>
109128
</plugins>
110129
</build>
111130

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/testutils/MockLambdaConsoleLogger.java

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,9 @@
1414

1515
import com.amazonaws.services.lambda.runtime.LambdaLogger;
1616

17+
import java.nio.charset.Charset;
18+
19+
1720
/**
1821
* Mock LambdaLogger object that prints output to the console
1922
*/
@@ -27,4 +30,10 @@ public class MockLambdaConsoleLogger implements LambdaLogger {
2730
public void log(String s) {
2831
System.out.println(s);
2932
}
33+
34+
35+
@Override
36+
public void log(byte[] bytes) {
37+
System.out.println(new String(bytes, Charset.defaultCharset()));
38+
}
3039
}

aws-serverless-java-container-jersey/pom.xml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,26 @@
119119
</execution>
120120
</executions>
121121
</plugin>
122+
<plugin>
123+
<groupId>org.owasp</groupId>
124+
<artifactId>dependency-check-maven</artifactId>
125+
<version>3.1.1</version>
126+
<configuration>
127+
<skipProvidedScope>true</skipProvidedScope>
128+
<suppressionFiles>
129+
<suppressionFile>${project.basedir}/../owasp-suppression.xml</suppressionFile>
130+
</suppressionFiles>
131+
<failBuildOnCVSS>7</failBuildOnCVSS>
132+
133+
</configuration>
134+
<executions>
135+
<execution>
136+
<goals>
137+
<goal>check</goal>
138+
</goals>
139+
</execution>
140+
</executions>
141+
</plugin>
122142
</plugins>
123143
</build>
124144

aws-serverless-java-container-spark/pom.xml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,26 @@
9191
</execution>
9292
</executions>
9393
</plugin>
94+
<plugin>
95+
<groupId>org.owasp</groupId>
96+
<artifactId>dependency-check-maven</artifactId>
97+
<version>3.1.1</version>
98+
<configuration>
99+
<skipProvidedScope>true</skipProvidedScope>
100+
<suppressionFiles>
101+
<suppressionFile>${project.basedir}/../owasp-suppression.xml</suppressionFile>
102+
</suppressionFiles>
103+
<failBuildOnCVSS>7</failBuildOnCVSS>
104+
105+
</configuration>
106+
<executions>
107+
<execution>
108+
<goals>
109+
<goal>check</goal>
110+
</goals>
111+
</execution>
112+
</executions>
113+
</plugin>
94114
</plugins>
95115
</build>
96116

aws-serverless-java-container-spring/pom.xml

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -207,6 +207,25 @@
207207
</execution>
208208
</executions>
209209
</plugin>
210+
<plugin>
211+
<groupId>org.owasp</groupId>
212+
<artifactId>dependency-check-maven</artifactId>
213+
<version>3.1.1</version>
214+
<configuration>
215+
<skipProvidedScope>true</skipProvidedScope>
216+
<suppressionFiles>
217+
<suppressionFile>${project.basedir}/../owasp-suppression.xml</suppressionFile>
218+
</suppressionFiles>
219+
<failBuildOnCVSS>7</failBuildOnCVSS>
220+
</configuration>
221+
<executions>
222+
<execution>
223+
<goals>
224+
<goal>check</goal>
225+
</goals>
226+
</execution>
227+
</executions>
228+
</plugin>
210229
</plugins>
211230
</build>
212231
</project>

owasp-suppression.xml

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<!--
3+
~ Licensed to the Apache Software Foundation (ASF) under one
4+
~ or more contributor license agreements. See the NOTICE file
5+
~ distributed with this work for additional information
6+
~ regarding copyright ownership. The ASF licenses this file
7+
~ to you under the Apache License, Version 2.0 (the
8+
~ "License"); you may not use this file except in compliance
9+
~ with the License. You may obtain a copy of the License at
10+
~
11+
~ http://www.apache.org/licenses/LICENSE-2.0
12+
~
13+
~ Unless required by applicable law or agreed to in writing,
14+
~ software distributed under the License is distributed on an
15+
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16+
~ KIND, either express or implied. See the License for the
17+
~ specific language governing permissions and limitations
18+
~ under the License.
19+
-->
20+
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
21+
22+
<suppress>
23+
<notes><![CDATA[ Drupal issues for AWS is not relevant here ]]></notes>
24+
<cpe>cpe:/a:amazon_aws_project:amazon_aws:7.x-1.2::~~~drupal~~</cpe>
25+
</suppress>
26+
<suppress>
27+
<notes><![CDATA[ Drupal issues for AWS is not relevant here ]]></notes>
28+
<cpe>cpe:/a:restful_web_services_project:restful_web_services:7.x-2.1::~~~drupal~~</cpe>
29+
</suppress>
30+
31+
</suppressions>

samples/jersey/pet-store/pom.xml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,8 +26,7 @@
2626
<properties>
2727
<maven.compiler.source>1.8</maven.compiler.source>
2828
<maven.compiler.target>1.8</maven.compiler.target>
29-
<jersey.version>2.25.1</jersey.version>
30-
<jackson.version>2.8.5</jackson.version>
29+
<jersey.version>2.26</jersey.version>
3130
</properties>
3231

3332
<dependencies>
@@ -53,7 +52,7 @@
5352
<dependency>
5453
<groupId>io.symphonia</groupId>
5554
<artifactId>lambda-logging</artifactId>
56-
<version>1.0.0</version>
55+
<version>1.0.1</version>
5756
</dependency>
5857

5958
</dependencies>

samples/spark/pet-store/pom.xml

Lines changed: 2 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@
2626
<properties>
2727
<maven.compiler.source>1.8</maven.compiler.source>
2828
<maven.compiler.target>1.8</maven.compiler.target>
29-
<jackson.version>2.8.5</jackson.version>
29+
<jackson.version>2.9.4</jackson.version>
3030
<spark.version>2.7.1</spark.version>
3131
</properties>
3232

@@ -44,32 +44,18 @@
4444
<version>${spark.version}</version>
4545
</dependency>
4646

47-
<!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-core -->
48-
<dependency>
49-
<groupId>com.fasterxml.jackson.core</groupId>
50-
<artifactId>jackson-core</artifactId>
51-
<version>${jackson.version}</version>
52-
</dependency>
53-
5447
<!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-databind -->
5548
<dependency>
5649
<groupId>com.fasterxml.jackson.core</groupId>
5750
<artifactId>jackson-databind</artifactId>
5851
<version>${jackson.version}</version>
5952
</dependency>
6053

61-
<!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-annotations -->
62-
<dependency>
63-
<groupId>com.fasterxml.jackson.core</groupId>
64-
<artifactId>jackson-annotations</artifactId>
65-
<version>${jackson.version}</version>
66-
</dependency>
67-
6854
<!-- https://mvnrepository.com/artifact/io.symphonia/lambda-logging -->
6955
<dependency>
7056
<groupId>io.symphonia</groupId>
7157
<artifactId>lambda-logging</artifactId>
72-
<version>1.0.0</version>
58+
<version>1.0.1</version>
7359
</dependency>
7460
</dependencies>
7561

samples/spring/pet-store/pom.xml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,6 @@
2727
<maven.compiler.source>1.8</maven.compiler.source>
2828
<maven.compiler.target>1.8</maven.compiler.target>
2929
<spring.version>5.0.3.RELEASE</spring.version>
30-
<jackson.version>2.8.4</jackson.version>
3130
</properties>
3231

3332
<dependencies>
@@ -60,7 +59,7 @@
6059
<dependency>
6160
<groupId>io.symphonia</groupId>
6261
<artifactId>lambda-logging</artifactId>
63-
<version>1.0.0</version>
62+
<version>1.0.1</version>
6463
</dependency>
6564
</dependencies>
6665

samples/springboot/pet-store/pom.xml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,11 @@
1313
<version>1.5.9.RELEASE</version>
1414
</parent>
1515

16+
<properties>
17+
<maven.compiler.source>1.8</maven.compiler.source>
18+
<maven.compiler.target>1.8</maven.compiler.target>
19+
</properties>
20+
1621
<dependencies>
1722
<dependency>
1823
<groupId>org.springframework.boot</groupId>
@@ -29,15 +34,10 @@
2934
<dependency>
3035
<groupId>io.symphonia</groupId>
3136
<artifactId>lambda-logging</artifactId>
32-
<version>1.0.0</version>
37+
<version>1.0.1</version>
3338
</dependency>
3439
</dependencies>
3540

36-
<properties>
37-
<java.version>1.8</java.version>
38-
</properties>
39-
40-
4141
<build>
4242
<plugins>
4343
<plugin>

0 commit comments

Comments
 (0)