Merge pull request #458 from zowe/unirest-jackson

Resolve security vulnerabilities in Jackson and Central publishing plugin dependencies

Author: frankgiordano

README.md

@@ -249,27 +249,27 @@ Thin JAR (recommended):
         <dependency>
           <groupId>org.zowe.client.java.sdk</groupId>
           <artifactId>zowe-client-java-sdk</artifactId>
-          <version>6.1.1</version>
+          <version>6.1.2</version>
         </dependency>
 
 Fat JAR (with dependencies):
 
         <dependency>
           <groupId>org.zowe.client.java.sdk</groupId>
           <artifactId>zowe-client-java-sdk</artifactId>
-          <version>6.1.1</version>
+          <version>6.1.2</version>
           <classifier>jar-with-dependencies</classifier>
         </dependency>  
 
 For a Gradle project add the SDK as a dependency by updating your `build.gradle` as follows:  
 
 Thin JAR (recommended):  
 
-    implementation group: 'org.zowe.client.java.sdk', name: 'zowe-client-java-sdk', version: '6.1.1'    
+    implementation group: 'org.zowe.client.java.sdk', name: 'zowe-client-java-sdk', version: '6.1.2'    
 
 Fat JAR (with dependencies):  
 
-    implementation group: 'org.zowe.client.java.sdk', name: 'zowe-client-java-sdk', version: '6.1.1', classifier: 'jar-with-dependencies'
+    implementation group: 'org.zowe.client.java.sdk', name: 'zowe-client-java-sdk', version: '6.1.2', classifier: 'jar-with-dependencies'
 
 ## Publishing to Maven Central  
 

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>org.zowe.client.java.sdk</groupId>
     <artifactId>zowe-client-java-sdk</artifactId>
-    <version>6.1.1</version>
+    <version>6.1.2</version>
 
     <packaging>jar</packaging>
     <name>${project.groupId}:${project.artifactId}</name>
@@ -90,14 +90,8 @@
         </dependency>
         <dependency>
             <groupId>com.konghq</groupId>
-            <artifactId>unirest-objectmapper-jackson</artifactId>
-            <version>4.2.4</version>
-        </dependency>
-        <dependency>
-            <groupId>org.sonatype.central</groupId>
-            <artifactId>central-publishing-maven-plugin</artifactId>
-            <version>0.8.0</version>
-            <scope>provided</scope>
+            <artifactId>unirest-modules-jackson-legacy</artifactId>
+            <version>4.8.1</version>
         </dependency>
 
         <!-- Test -->
@@ -222,6 +216,22 @@
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <groupId>org.sonatype.central</groupId>
+                <artifactId>central-publishing-maven-plugin</artifactId>
+                <version>0.10.0</version>
+                <extensions>true</extensions>
+                <configuration>
+                    <publishingServerId>central</publishingServerId>
+                </configuration>
+                <dependencies>
+                    <dependency>
+                        <groupId>org.codehaus.plexus</groupId>
+                        <artifactId>plexus-utils</artifactId>
+                        <version>4.0.3</version>
+                    </dependency>
+                </dependencies>
+            </plugin>
         </plugins>
     </build>
 

src/test/java/zowe/client/sdk/zostso/methods/TsoStartTest.java

@@ -103,7 +103,6 @@ public void tstTsoStartInvalidJsonThrowsZosmfRequestExceptionWithCorrectMessageF
             assertTrue(ex.getMessage().contains("Unrecognized token")
                             || ex.getMessage().toLowerCase().contains("json")
             );
-
         }
     }