FLA-1566 Critical Vulnerabilies. Bumped Java -> 17, Sprint -> 3 #348
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
KDNeufeld
changed the title
KDNeufeld
changed the title
KDNeufeld
commented
Sep 20, 2023
| </plugin> | ||
|
|
||
| <!--openapi server autogen--> | ||
| <plugin> | ||
| <groupId>org.openapitools</groupId> | ||
| <artifactId>openapi-generator-maven-plugin</artifactId> | ||
| <version>5.1.1</version> | ||
| <!-- Anything >= 6.3.0 is broken. Spring seems to scan for components twice which breaks at runtime when trying to create the application context. --> | ||
| <version>6.2.1</version> |
There was a problem hiding this comment.
This one was tricky. 7.0.0 is the latest version, however for some reason nothing > 6.2.1 seems to work for this project as the spring context cannot load - a component scans seems to happen twice (but only for this project, not for others, like mail-it). This is fortunate since 6.1.0 is the version <useJakartaEe> was added to support Java 17.
KDNeufeld
force-pushed
the
feature/FLA-1566
branch
2 times, most recently
from
c29997b
to
cab52fb
Compare
KDNeufeld
force-pushed
the
feature/FLA-1566
branch
6 times, most recently
from
eb8ee00
to
55c7066
Compare
KDNeufeld
commented
Sep 20, 2023
| @@ -110,7 +112,7 @@ services: | |||
| #### KEYCLOAK ### | |||
| ############################################################################################## | |||
| keycloak: | |||
| image: quay.io/keycloak/keycloak | |||
| image: quay.io/keycloak/keycloak:legacy | |||
There was a problem hiding this comment.
docker-compose up did not work locally for keycloak or redis unless I made these 2 small changes.
KDNeufeld
commented
Sep 20, 2023
| <!-- LOG everything at INFO level --> | ||
| <root level="info"> | ||
| <appender-ref ref="Console"/> | ||
| <if condition='isDefined("SPLUNK_URL")'> |
There was a problem hiding this comment.
An if element is not valid inside a root element. The new version of spring enforces correct xml or logging won't work at all.
KDNeufeld
force-pushed
the
feature/FLA-1566
branch
from
55c7066
to
f370dc0
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
FLA-1566 attempts to address a great many critical vulnerabilities with this project.
Since this is a major change, bumped project version from 1.1.1 to 2.0.0.
Note:
Several environment variables are now deprecated with the removal of the Keycloak library and one new variable. This will likely need to be a DevOps task to get the containers running in OpenShift.
To Add:
To Remove:
TODO: Cucumber is still running java 1.8, spring 2