You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flink.apache.org by gy...@apache.org on 2022/07/25 15:43:16 UTC
[flink-kubernetes-operator] branch main updated: [FLINK-28637] Set explicit version for okhttp to fix vulnerability
This is an automated email from the ASF dual-hosted git repository.
gyfora pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/flink-kubernetes-operator.git
The following commit(s) were added to refs/heads/main by this push:
new f8f8b962 [FLINK-28637] Set explicit version for okhttp to fix vulnerability
f8f8b962 is described below
commit f8f8b96273eae68b10bb24eff01c5d44db5b10f0
Author: Jeesmon Jacob <jj...@vmware.com>
AuthorDate: Fri Jul 22 12:11:43 2022 -0400
[FLINK-28637] Set explicit version for okhttp to fix vulnerability
Setting explicit version for okhttp until we can upgrade to
new version of JSODK with the fix.
Signed-off-by: Jeesmon Jacob <jj...@vmware.com>
---
flink-kubernetes-operator/pom.xml | 23 +++++++++++++++++++++++
flink-kubernetes-standalone/pom.xml | 23 +++++++++++++++++++++++
flink-kubernetes-webhook/pom.xml | 23 +++++++++++++++++++++++
pom.xml | 1 +
4 files changed, 70 insertions(+)
diff --git a/flink-kubernetes-operator/pom.xml b/flink-kubernetes-operator/pom.xml
index cc1bef15..d2577b15 100644
--- a/flink-kubernetes-operator/pom.xml
+++ b/flink-kubernetes-operator/pom.xml
@@ -143,6 +143,29 @@ under the License.
<version>${junit.jupiter.version}</version>
<scope>test</scope>
</dependency>
+
+ <!-- okhttp -->
+ <!--
+ Regarding the okhttp explicit version
+ see https://github.com/fabric8io/kubernetes-client/issues/4290
+ and https://issues.apache.org/jira/browse/FLINK-28637
+ -->
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>okhttp</artifactId>
+ <version>${okhttp.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>logging-interceptor</artifactId>
+ <version>${okhttp.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>mockwebserver</artifactId>
+ <version>${okhttp.version}</version>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<build>
diff --git a/flink-kubernetes-standalone/pom.xml b/flink-kubernetes-standalone/pom.xml
index 6125efe3..0b31f41e 100644
--- a/flink-kubernetes-standalone/pom.xml
+++ b/flink-kubernetes-standalone/pom.xml
@@ -79,5 +79,28 @@ under the License.
<version>${fabric8.version}</version>
<scope>test</scope>
</dependency>
+
+ <!-- okhttp -->
+ <!--
+ Regarding the okhttp explicit version
+ see https://github.com/fabric8io/kubernetes-client/issues/4290
+ and https://issues.apache.org/jira/browse/FLINK-28637
+ -->
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>okhttp</artifactId>
+ <version>${okhttp.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>logging-interceptor</artifactId>
+ <version>${okhttp.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>mockwebserver</artifactId>
+ <version>${okhttp.version}</version>
+ <scope>test</scope>
+ </dependency>
</dependencies>
</project>
diff --git a/flink-kubernetes-webhook/pom.xml b/flink-kubernetes-webhook/pom.xml
index 55e0cdfa..608c4123 100644
--- a/flink-kubernetes-webhook/pom.xml
+++ b/flink-kubernetes-webhook/pom.xml
@@ -73,6 +73,29 @@ under the License.
<version>${flink.version}</version>
<scope>test</scope>
</dependency>
+
+ <!-- okhttp -->
+ <!--
+ Regarding the okhttp explicit version
+ see https://github.com/fabric8io/kubernetes-client/issues/4290
+ and https://issues.apache.org/jira/browse/FLINK-28637
+ -->
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>okhttp</artifactId>
+ <version>${okhttp.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>logging-interceptor</artifactId>
+ <version>${okhttp.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.squareup.okhttp3</groupId>
+ <artifactId>mockwebserver</artifactId>
+ <version>${okhttp.version}</version>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<build>
diff --git a/pom.xml b/pom.xml
index 6eddd541..26ed748b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -85,6 +85,7 @@ under the License.
<hamcrest.version>1.3</hamcrest.version>
+ <okhttp.version>4.10.0</okhttp.version>
</properties>
<dependencyManagement>