Upgrade sailor 3 3 1 (#56)

* Upgrade component wit Sailor 3.3.1 and dependency check fix
* Annual audit of the component code to check if it exposes sensitive data in the logs
* Annual npm vulnerabilities audit

Author: A3a3e1

.circleci/config.yml

@@ -14,7 +14,9 @@ jobs:
           paths:
             - ~/.gradle/caches
             - ~/.gradle/wrapper
-
+      - run:
+          name: Audit Dependencies
+          command: ./gradlew dependencyCheckAnalyze
       - run:
           name: Run Unit Tests
           command: ./gradlew test --daemon

CHANGELOG.md

@@ -1,9 +1,10 @@
-# JDBC Component
-## 2.4.1 (September 25, 2020)
+## 2.4.2 (November 20, 2020)
 
-* Remove sensitive data from component logs
+* Upgrade sailor to 3.3.1
+* Annual audit of the component code to check if it exposes a sensitive data in the logs
+* Annual dependencies vulnerabilities audit
 
-## 2.3.2 (October 21, 2019)
+## 2.4.1 (October 21, 2019)
 
 * Add rebound mechanism in case of deadlocks for actions: Insert, UpsertByPK, DeleteByPK
 

build.gradle

@@ -1,9 +1,10 @@
 group = 'io.elastic'
-version = '2.4.1'
+version = '2.4.2'
 apply plugin: 'java'
 apply plugin: 'idea'
 apply plugin: 'eclipse'
 apply plugin: 'groovy'
+apply plugin: org.owasp.dependencycheck.gradle.DependencyCheckPlugin
 
 sourceSets {
     integrationTest {
@@ -55,22 +56,38 @@ repositories {
 }
 
 dependencies {
-    compile "io.elastic:sailor-jvm:2.1.0"
-    compile "mysql:mysql-connector-java:8.0.11"
-    compile group: 'org.postgresql', name: 'postgresql', version: '42.2.4'
     compile files("./lib/ojdbc6.jar")
     compile files("./lib/sqljdbc4.jar")
-    compile group: 'com.google.code.gson', name: 'gson', version: '2.8.5'
-    compile group: 'com.microsoft.sqlserver', name: 'mssql-jdbc', version: '6.4.0.jre8'
-    compile 'com.fasterxml.jackson.core:jackson-core:2.7.3'
-    compile 'com.fasterxml.jackson.core:jackson-annotations:2.7.3'
-    compile 'com.fasterxml.jackson.core:jackson-databind:2.7.3'
+    // The following 3 dependencies are to workaround this: https://github.com/elasticio/sailor-jvm/issues/59
+    compile 'com.fasterxml.jackson.core:jackson-core:2.10.1'
+    compile 'com.fasterxml.jackson.core:jackson-annotations:2.10.1'
+    compile 'com.fasterxml.jackson.core:jackson-databind:2.10.1'
+    compile 'com.google.code.gson:gson:2.8.6'
+    compile 'com.microsoft.sqlserver:mssql-jdbc:6.4.0.jre8'
+    compile 'io.elastic:sailor-jvm:3.3.1'
+    compile 'mysql:mysql-connector-java:8.0.20'
+    compile 'org.postgresql:postgresql:42.2.18'
 
-    testCompile group: 'io.github.cdimascio', name: 'java-dotenv', version: '5.1.0'
-    testCompile "org.spockframework:spock-core:1.1-groovy-2.4"
+    testCompile 'io.github.cdimascio:java-dotenv:5.1.0'
     testCompile 'org.hsqldb:hsqldb:2.0.0'
+    testCompile 'org.spockframework:spock-core:1.1-groovy-2.4'
 }
 
+check.dependsOn dependencyCheckAnalyze
+
+dependencyCheck {
+    format = 'ALL'
+    failBuildOnCVSS = 7
+}
+
+buildscript {
+    repositories {
+        mavenCentral()
+    }
+    dependencies {
+        classpath 'org.owasp:dependency-check-gradle:6.0.3'
+    }
+}
 
 wrapper {
     gradleVersion = '5.4.1'

component.json

@@ -15,7 +15,7 @@
           "oracle": "Oracle",
           "mssql": "MSSQL"
         },
-        "prompt": "Please Select Database Type"
+        "note": "Please Select Database Type"
       },
       "host": {
         "viewClass": "TextFieldView",
@@ -64,14 +64,14 @@
       "fields": {
         "tableName": {
           "viewClass": "SelectView",
-          "prompt": "Select a Table",
+          "note": "Select a Table",
           "label": "Tables List",
           "required": true,
           "model": "io.elastic.jdbc.providers.TableNameProvider"
         },
         "pollingField": {
           "viewClass": "SelectView",
-          "prompt": "Select a Timestamp (or similar) Column",
+          "note": "Select a Timestamp (or similar) Column",
           "label": "Timestamp (or similar) Column",
           "model": "io.elastic.jdbc.providers.TimeStampColumnNamesProvider",
           "required": true,
@@ -81,7 +81,8 @@
         },
         "pollingValue": {
           "viewClass": "TextFieldView",
-          "label": "Start Polling From (optional)",
+          "label": "Start Polling From",
+          "note": "Current date is used if no value is specified",
           "required": false,
           "placeholder": "1970-01-01 00:00:00.000"
         }
@@ -119,14 +120,14 @@
       "fields": {
         "tableName": {
           "viewClass": "SelectView",
-          "prompt": "Select a Table",
+          "note": "Select a Table",
           "label": "Tables List",
           "required": true,
           "model": "io.elastic.jdbc.providers.TableNameProviderOld"
         },
         "orderField": {
           "viewClass": "SelectView",
-          "prompt": "Select a field to order rows",
+          "note": "Select a field to order rows",
           "label": "Order Column",
           "model": "io.elastic.jdbc.providers.ColumnNamesProviderOld",
           "required": true,
@@ -177,7 +178,7 @@
       "fields": {
         "tableName": {
           "viewClass": "SelectView",
-          "prompt": "Select a Table",
+          "note": "Select a Table",
           "label": "Table",
           "required": true,
           "model": "io.elastic.jdbc.providers.TableNameProvider"
@@ -196,14 +197,14 @@
       "fields": {
         "tableName": {
           "viewClass": "SelectView",
-          "prompt": "Select a Table",
+          "note": "Select a Table",
           "label": "Table",
           "required": true,
           "model": "io.elastic.jdbc.providers.TableNameProvider"
         },
         "reboundEnabled" : {
           "viewClass": "SelectView",
-          "prompt": "Default is No",
+          "note": "Default is No",
           "label": "Enable Rebound",
           "required": false,
           "model" : {
@@ -221,14 +222,14 @@
       "fields": {
         "tableName": {
           "viewClass": "SelectView",
-          "prompt": "Select a Table",
+          "note": "Select a Table",
           "label": "Table",
           "required": true,
           "model": "io.elastic.jdbc.providers.TableNameProvider"
         },
         "reboundEnabled" : {
           "viewClass": "SelectView",
-          "prompt": "Default is No",
+          "note": "Default is No",
           "label": "Enable Rebound",
           "required": false,
           "model" : {
@@ -246,7 +247,7 @@
       "fields": {
         "tableName": {
           "viewClass": "SelectView",
-          "prompt": "Select a Table",
+          "note": "Select a Table",
           "label": "Tables",
           "required": true,
           "model": "io.elastic.jdbc.providers.TableNameProvider"
@@ -257,7 +258,7 @@
         },
         "reboundEnabled" : {
           "viewClass": "SelectView",
-          "prompt": "Default is No",
+          "note": "Default is No",
           "label": "Enable Rebound",
           "required": false,
           "model" : {
@@ -295,14 +296,14 @@
       "fields": {
         "tableName": {
           "viewClass": "SelectView",
-          "prompt": "Select a Table",
+          "note": "Select a Table",
           "label": "Tables",
           "required": true,
           "model": "io.elastic.jdbc.providers.TableNameProviderOld"
         },
         "idColumn": {
           "viewClass": "SelectView",
-          "prompt": "Select an ID column",
+          "note": "Select an ID column",
           "label": "ID Column",
           "model": "io.elastic.jdbc.providers.ColumnNamesProviderOld",
           "required": true,
@@ -320,14 +321,14 @@
       "fields": {
         "schemaName": {
           "viewClass": "SelectView",
-          "prompt": "Select a Schema",
+          "note": "Select a Schema",
           "label": "DB Schema",
           "required": true,
           "model": "io.elastic.jdbc.providers.SchemasProvider"
         },
         "procedureName": {
           "viewClass": "SelectView",
-          "prompt": "Select a stored procedure name",
+          "note": "Select a stored procedure name",
           "label": "Stored procedure",
           "model": "io.elastic.jdbc.providers.ProcedureFieldsNameProvider",
           "required": true,

gradle/wrapper/gradle-wrapper.jar

@@ -1,6 +1,5 @@
-#Tue Aug 13 13:58:37 EEST 2019
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-5.4.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-5.4.1-all.zip