You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by nf...@apache.org on 2023/08/02 14:57:50 UTC

[camel] branch camel-3.x updated: CAMEL-19695: camel-google-bigquery - Bump org.json to 20230618 (#10967)

This is an automated email from the ASF dual-hosted git repository.

nfilotto pushed a commit to branch camel-3.x
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/camel-3.x by this push:
     new dee37c785a8 CAMEL-19695: camel-google-bigquery - Bump org.json to 20230618 (#10967)
dee37c785a8 is described below

commit dee37c785a853a4037f5cffe8c01b74d96fef4d6
Author: Nicolas Filotto <es...@users.noreply.github.com>
AuthorDate: Wed Aug 2 16:57:44 2023 +0200

    CAMEL-19695: camel-google-bigquery - Bump org.json to 20230618 (#10967)
    
    ## Motivation
    
    The component `camel-google-bigquery` indirectly depends on `org.json:json:jar:20200518:compile` which has a know CVE https://nvd.nist.gov/vuln/detail/CVE-2022-45688 that can be fixed by upgrading it to `20230227` or higher.
    
    ## Modifications:
    
    * Add `org.json:json:20230618` to the dependencyManagement section
    * Replace `org.json:json:20200518` with `org.json:json:20230618` in `camel-google-bigquery`
---
 camel-dependencies/pom.xml                            | 1 +
 components/camel-google/camel-google-bigquery/pom.xml | 8 ++++++++
 parent/pom.xml                                        | 6 ++++++
 3 files changed, 15 insertions(+)

diff --git a/camel-dependencies/pom.xml b/camel-dependencies/pom.xml
index b8c4f072aa0..ab8aeb1e4f4 100644
--- a/camel-dependencies/pom.xml
+++ b/camel-dependencies/pom.xml
@@ -348,6 +348,7 @@
     <jslt-version>0.1.11</jslt-version>
     <jsmpp-version>2.3.11</jsmpp-version>
     <json-api>1.0</json-api>
+    <json-org-version>20230618</json-org-version>
     <json-patch-version>1.13</json-patch-version>
     <json-path-version>2.8.0</json-path-version>
     <json-schema-validator-version>2.2.14</json-schema-validator-version>
diff --git a/components/camel-google/camel-google-bigquery/pom.xml b/components/camel-google/camel-google-bigquery/pom.xml
index fe344a343dc..df1f9a5ccd2 100644
--- a/components/camel-google/camel-google-bigquery/pom.xml
+++ b/components/camel-google/camel-google-bigquery/pom.xml
@@ -76,8 +76,16 @@
                     <groupId>com.google.code.findbugs</groupId>
                     <artifactId>jsr305</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.json</groupId>
+                    <artifactId>json</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>org.json</groupId>
+            <artifactId>json</artifactId>
+        </dependency>
 
         <dependency>
             <groupId>org.apache.camel</groupId>
diff --git a/parent/pom.xml b/parent/pom.xml
index f2dcb739943..e8a626c6589 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -334,6 +334,7 @@
         <jsmpp-version>2.3.11</jsmpp-version>
         <jsch-version>0.2.1</jsch-version>
         <json-api>1.0</json-api>
+        <json-org-version>20230618</json-org-version>
         <jsonassert-version>1.5.1</jsonassert-version>
         <json-path-version>2.8.0</json-path-version>
         <json-patch-version>1.13</json-patch-version>
@@ -3234,6 +3235,11 @@
                 <artifactId>jaxp-ri</artifactId>
                 <version>1.4.5</version>
             </dependency>
+            <dependency>
+                <groupId>org.json</groupId>
+                <artifactId>json</artifactId>
+                <version>${json-org-version}</version>
+            </dependency>
 
             <!-- logging -->
             <dependency>