You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@helix.apache.org by ne...@apache.org on 2022/10/20 16:48:59 UTC
[helix] branch master updated: Upgrade dependencies to fix vulnerability issues in helix-rest (#2248)
This is an automated email from the ASF dual-hosted git repository.
nealsun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/helix.git
The following commit(s) were added to refs/heads/master by this push:
new f71996d24 Upgrade dependencies to fix vulnerability issues in helix-rest (#2248)
f71996d24 is described below
commit f71996d2445f89906ca77d34b7a1ca35760bf35c
Author: Qi (Quincy) Qu <qq...@linkedin.com>
AuthorDate: Thu Oct 20 09:48:53 2022 -0700
Upgrade dependencies to fix vulnerability issues in helix-rest (#2248)
Upgrade dependencies to fix vulnerability issues in helix-rest, test improvement and config typo fix.
---
helix-admin-webapp/pom.xml | 2 +-
helix-rest/pom.xml | 33 ++++++----------------
.../helix/rest/server/TestHelixRestServer.java | 24 ++++++++--------
zookeeper-api/pom.xml | 2 +-
4 files changed, 24 insertions(+), 37 deletions(-)
diff --git a/helix-admin-webapp/pom.xml b/helix-admin-webapp/pom.xml
index c1cea5d34..e82c752ae 100644
--- a/helix-admin-webapp/pom.xml
+++ b/helix-admin-webapp/pom.xml
@@ -40,7 +40,7 @@
org.slf4j*;version="[1.7,2)",
org.apache.logging.log4j*;version="[2.17,3)",
org.apache.logging.slf4j*;version="[2.17,3)",
- org.apache.zookeeper*;version="[3.6,3)",
+ org.apache.zookeeper*;version="[3.6,3.7)",
*
</osgi.import>
<osgi.export>org.apache.helix.webapp*;version="${project.version};-noimport:=true</osgi.export>
diff --git a/helix-rest/pom.xml b/helix-rest/pom.xml
index e041b6c4b..631d98e18 100644
--- a/helix-rest/pom.xml
+++ b/helix-rest/pom.xml
@@ -37,7 +37,7 @@
org.slf4j*;version="[1.7,2)",
org.apache.logging.log4j*;version="[2.17,3)",
org.apache.logging.slf4j*;version="[2.17,3)",
- org.apache.zookeeper*;version="[3.6,3)",
+ org.apache.zookeeper*;version="[3.6,3.7)",
org.apache.commons.io*;version="[1.4,2)",
*
</osgi.import>
@@ -77,42 +77,27 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
- <version>9.1.0.RC0</version>
+ <version>9.4.48.v20220622</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-server</artifactId>
- <version>2.10</version>
- </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-servlet</artifactId>
- <version>9.1.0.RC0</version>
+ <version>2.15</version>
</dependency>
<dependency>
- <groupId>org.glassfish.jersey.containers</groupId>
- <artifactId>jersey-container-jetty-http</artifactId>
- <version>2.9</version>
+ <groupId>org.glassfish.jersey.test-framework</groupId>
+ <artifactId>jersey-test-framework-core</artifactId>
+ <version>2.15</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.containers</groupId>
<artifactId>jersey-container-servlet-core</artifactId>
- <version>2.9</version>
- </dependency>
- <dependency>
- <groupId>org.glassfish.jersey.containers</groupId>
- <artifactId>jersey-container-grizzly2-servlet</artifactId>
- <version>2.9</version>
- </dependency>
- <dependency>
- <groupId>org.glassfish.jersey.test-framework</groupId>
- <artifactId>jersey-test-framework-core</artifactId>
<version>2.15</version>
</dependency>
<dependency>
- <groupId>org.glassfish.jersey.test-framework.providers</groupId>
- <artifactId>jersey-test-framework-provider-grizzly2</artifactId>
- <version>2.11</version>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-servlet</artifactId>
+ <version>9.4.48.v20220622</version>
</dependency>
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
diff --git a/helix-rest/src/test/java/org/apache/helix/rest/server/TestHelixRestServer.java b/helix-rest/src/test/java/org/apache/helix/rest/server/TestHelixRestServer.java
index 190e9786f..358399057 100644
--- a/helix-rest/src/test/java/org/apache/helix/rest/server/TestHelixRestServer.java
+++ b/helix-rest/src/test/java/org/apache/helix/rest/server/TestHelixRestServer.java
@@ -23,6 +23,7 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import org.apache.helix.HelixException;
import org.apache.helix.TestHelper;
import org.apache.helix.rest.common.HelixRestNamespace;
import org.apache.helix.rest.server.auditlog.AuditLogger;
@@ -69,19 +70,20 @@ public class TestHelixRestServer extends AbstractTestClass {
} catch (IllegalArgumentException e) {
// OK
}
+ }
+ @Test(dependsOnMethods = "testInvalidHelixRestServerInitialization",
+ expectedExceptions = {IllegalStateException.class, HelixException.class},
+ expectedExceptionsMessageRegExp = ".*Multiple servlets map to path.*")
+ public void testDefaultNamespaceFail() throws InterruptedException {
// More than 1 default namespace shall cause failure
- try {
- List<HelixRestNamespace> invalidManifest4 = new ArrayList<>();
- invalidManifest4.add(
- new HelixRestNamespace("test4-1", HelixRestNamespace.HelixMetadataStoreType.ZOOKEEPER, ZK_ADDR, true));
- invalidManifest4.add(
- new HelixRestNamespace("test4-2", HelixRestNamespace.HelixMetadataStoreType.ZOOKEEPER, ZK_ADDR, true));
- HelixRestServer svr = new HelixRestServer(invalidManifest4, 10250, "/", Collections.<AuditLogger>emptyList());
- Assert.assertFalse(true, "InvalidManifest4 test failed");
- } catch (IllegalStateException e) {
- // OK
- }
+ List<HelixRestNamespace> invalidManifest4 = new ArrayList<>();
+ invalidManifest4.add(
+ new HelixRestNamespace("test4-1", HelixRestNamespace.HelixMetadataStoreType.ZOOKEEPER, ZK_ADDR, true));
+ invalidManifest4.add(
+ new HelixRestNamespace("test4-2", HelixRestNamespace.HelixMetadataStoreType.ZOOKEEPER, ZK_ADDR, true));
+ HelixRestServer svr = new HelixRestServer(invalidManifest4, 10250, "/", Collections.<AuditLogger>emptyList());
+ svr.start();
System.out.println("End test :" + TestHelper.getTestMethodName());
}
diff --git a/zookeeper-api/pom.xml b/zookeeper-api/pom.xml
index ed11416bf..646bbd975 100644
--- a/zookeeper-api/pom.xml
+++ b/zookeeper-api/pom.xml
@@ -32,7 +32,7 @@
<properties>
<osgi.import>
org.slf4j*;version="[1.7,2)",
- org.apache.zookeeper*;version="[3.6,3)",
+ org.apache.zookeeper*;version="[3.6,3.7)",
*
</osgi.import>
<osgi.export>org.apache.helix.zookeeper*;version="${project.version};-noimport:=true</osgi.export>