build: Update dependencies in hale-platform to resolve security issues

Resolve issues in security scan as far as possible w/o impacting hale functionality ING-4067
halestudio · Nov 29, 2023 · 16c9277 · 16c9277
1 parent 6e1be6e
commit 16c9277
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 17 deletions.
diff --git a/build/templates/products/client.yaml b/build/templates/products/client.yaml
@@ -27,7 +27,6 @@ HALE:
   - asm-tree
   - asm-util
   - au.com.bytecode.opencsv
-  - cal10n.api
   - cern.colt
   - ch.qos.logback.classic
   - ch.qos.logback.core

diff --git a/common/features/eu.esdihumboldt.hale.common.feature.base/feature.xml b/common/features/eu.esdihumboldt.hale.common.feature.base/feature.xml
@@ -58,13 +58,6 @@
          version="0.0.0"
          unpack="false"/>
 
-   <plugin
-         id="cal10n.api"
-         download-size="0"
-         install-size="0"
-         version="0.0.0"
-         unpack="false"/>
-
    <plugin
          id="org.eclipse.gemini.blueprint.extender"
          download-size="0"

diff --git a/common/plugins/eu.esdihumboldt.hale.common.test/Tests.product b/common/plugins/eu.esdihumboldt.hale.common.test/Tests.product
@@ -35,7 +35,6 @@
       <plugin id="assertj-core"/>
       <plugin id="bcpkix"/>
       <plugin id="bcprov"/>
-      <plugin id="cal10n.api"/>
       <plugin id="ch.qos.logback.classic"/>
       <plugin id="ch.qos.logback.core"/>
       <plugin id="colt"/>

diff --git a/doc/plugins/eu.esdihumboldt.hale.doc.application/Infocenter.product b/doc/plugins/eu.esdihumboldt.hale.doc.application/Infocenter.product
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <?pde version="3.5"?>
 
-<product name="halestudio Infocenter" uid="eu.esdihumboldt.hale.infocenter" id="eu.esdihumboldt.hale.doc.application.InfoCenter" application="eu.esdihumboldt.hale.doc.application.infocenterApplication" version="5.1.0.qualifier" useFeatures="false" includeLaunchers="true">
+<product name="halestudio Infocenter" uid="eu.esdihumboldt.hale.infocenter" id="eu.esdihumboldt.hale.doc.application.InfoCenter" application="eu.esdihumboldt.hale.doc.application.infocenterApplication" version="5.1.0.qualifier" useFeatures="false" includeLaunchers="true" autoIncludeRequirements="true">
 
    <configIni use="default">
    </configIni>
@@ -24,18 +24,18 @@
    <vm>
    </vm>
 
-
    <plugins>
       <plugin id="aopalliance"/>
       <plugin id="asm"/>
       <plugin id="asm.asm-analysis"/>
       <plugin id="asm.asm-tree"/>
       <plugin id="asm.asm-util"/>
-      <plugin id="cal10n.api"/>
       <plugin id="ch.qos.logback.classic"/>
       <plugin id="ch.qos.logback.core"/>
       <plugin id="colt"/>
       <plugin id="com.conversantmedia.disruptor"/>
+      <plugin id="com.fasterxml.jackson.core.jackson-core"/>
+      <plugin id="com.fasterxml.jackson.core.jackson-databind"/>
       <plugin id="com.google.guava"/>
       <plugin id="com.googlecode.json-simple"/>
       <plugin id="com.iabcinc.jmep"/>
@@ -198,9 +198,9 @@
       <plugin id="net.sourceforge.schemacrawler"/>
       <plugin id="org.apache.commons.codec"/>
       <plugin id="org.apache.commons.collections"/>
+      <plugin id="org.apache.commons.commons-io"/>
       <plugin id="org.apache.commons.commons-text"/>
       <plugin id="org.apache.commons.configuration"/>
-      <plugin id="org.apache.commons.io"/>
       <plugin id="org.apache.commons.jxpath"/>
       <plugin id="org.apache.commons.lang"/>
       <plugin id="org.apache.commons.lang3"/>

diff --git a/platform/hale-platform.target b/platform/hale-platform.target
@@ -48,8 +48,8 @@
 		<unit id="de.fhg.igd.equinox.test.feature.feature.group" version="1.2.0.202203220819"/>
 	</location>
 	<location includeAllPlatforms="false" includeConfigurePhase="false" includeMode="slicer" includeSource="true" type="InstallableUnit">
-		<repository location="https://gitlab.wetransform.to/hale/hale-build-support/raw/556667e05ea86da8d32e6aade07489e7872806bc/updatesites/platform"/>
-		<unit id="eu.esdihumboldt.hale.platform.feature.group" version="5.0.0.i202310282027"/>
+		<repository location="https://gitlab.wetransform.to/hale/hale-build-support/raw/7e9960b2eb198eff1d17ef72348d4495850de255/updatesites/platform"/>
+		<unit id="eu.esdihumboldt.hale.platform.feature.group" version="5.0.0.i20231129"/>
 	</location>
 </locations>
 </target>
diff --git a/util/plugins/eu.esdihumboldt.util.config/src/eu/esdihumboldt/util/config/ConfigYaml.groovy b/util/plugins/eu.esdihumboldt.util.config/src/eu/esdihumboldt/util/config/ConfigYaml.groovy
@@ -18,6 +18,7 @@ package eu.esdihumboldt.util.config
 import java.nio.charset.StandardCharsets
 
 import org.yaml.snakeyaml.DumperOptions
+import org.yaml.snakeyaml.LoaderOptions
 import org.yaml.snakeyaml.Yaml
 import org.yaml.snakeyaml.constructor.SafeConstructor
 
@@ -50,7 +51,8 @@ class ConfigYaml {
 	 * @return the loaded configuration
 	 */
 	static Config load(InputStream input) {
-		Yaml yaml = new Yaml(new SafeConstructor());
+		LoaderOptions loadOptions = new LoaderOptions();
+		Yaml yaml = new Yaml(new SafeConstructor(loadOptions));
 		Map result = yaml.load(input)
 		new Config(result ?: [:])
 	}
@@ -62,7 +64,8 @@ class ConfigYaml {
 	 * @return the loaded configuration
 	 */
 	static Config load(Reader reader) {
-		Yaml yaml = new Yaml(new SafeConstructor());
+		LoaderOptions loadOptions = new LoaderOptions();
+		Yaml yaml = new Yaml(new SafeConstructor(loadOptions));
 		Map result = yaml.load(reader)
 		new Config(result ?: [:])
 	}