From 3518dfa9f867ff59d8598c8a58f7d66bc9516de0 Mon Sep 17 00:00:00 2001 From: "FOLIO3PK\\muhammadnoman" Date: Tue, 15 Sep 2020 19:47:31 +0500 Subject: [PATCH 1/7] testing --- .travis.yml | 1 - core-api/build.gradle | 5 ++++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index f53c61158..c648dfb8b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -74,7 +74,6 @@ jobs: FULLSTACK_TEST_REPO=ProdTesting - stage: 'Source Clear' - if: type = cron addons: srcclr: true before_install: skip diff --git a/core-api/build.gradle b/core-api/build.gradle index d2609a97d..d5dfd0939 100644 --- a/core-api/build.gradle +++ b/core-api/build.gradle @@ -1,5 +1,8 @@ dependencies { - compile group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion + compile (group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion) { + exclude group: 'log4j:log4j' + } + compile group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: jacksonVersion compile group: 'com.google.code.findbugs', name: 'annotations', version: findbugsAnnotationVersion From 2bc8d5a924a5ad04ba417c595834a06fa7c3c827 Mon Sep 17 00:00:00 2001 From: "FOLIO3PK\\muhammadnoman" Date: Tue, 15 Sep 2020 19:54:17 +0500 Subject: [PATCH 2/7] slf4j to 1.7.30 --- gradle.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle.properties b/gradle.properties index c67b677d9..4292d6172 100644 --- a/gradle.properties +++ b/gradle.properties @@ -17,7 +17,7 @@ jacksonVersion = 2.11.2 jsonVersion = 20190722 jsonSimpleVersion = 1.1.1 logbackVersion = 1.2.3 -slf4jVersion = 1.7.30 +slf4jVersion = 2.0.0-alpha1 # Style Packages findbugsAnnotationVersion = 3.0.1 From 7ad9b9f48979caa7c45ce2f1f7dccd537f09c5d5 Mon Sep 17 00:00:00 2001 From: "FOLIO3PK\\muhammadnoman" Date: Tue, 15 Sep 2020 20:34:54 +0500 Subject: [PATCH 3/7] testing --- gradle.properties | 2 +- java-quickstart/build.gradle | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/gradle.properties b/gradle.properties index 4292d6172..c67b677d9 100644 --- a/gradle.properties +++ b/gradle.properties @@ -17,7 +17,7 @@ jacksonVersion = 2.11.2 jsonVersion = 20190722 jsonSimpleVersion = 1.1.1 logbackVersion = 1.2.3 -slf4jVersion = 2.0.0-alpha1 +slf4jVersion = 1.7.30 # Style Packages findbugsAnnotationVersion = 3.0.1 diff --git a/java-quickstart/build.gradle b/java-quickstart/build.gradle index 30a3a8b2b..5a49d8f06 100644 --- a/java-quickstart/build.gradle +++ b/java-quickstart/build.gradle @@ -4,7 +4,6 @@ dependencies { compile group: 'com.google.code.gson', name: 'gson', version: '2.8.6' compile group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.12' - compile group: 'org.slf4j', name: 'slf4j-log4j12', version: '1.7.30' testCompile group: 'junit', name: 'junit', version: '4.12' } From 0a12554d06071b3e0077dd5d8f876fd1835a6896 Mon Sep 17 00:00:00 2001 From: "FOLIO3PK\\muhammadnoman" Date: Tue, 15 Sep 2020 20:38:09 +0500 Subject: [PATCH 4/7] testing --- core-api/build.gradle | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/core-api/build.gradle b/core-api/build.gradle index d5dfd0939..a31bc738b 100644 --- a/core-api/build.gradle +++ b/core-api/build.gradle @@ -1,7 +1,5 @@ dependencies { - compile (group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion) { - exclude group: 'log4j:log4j' - } + compile group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion compile group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: jacksonVersion From 1d327a0b606095db3ef13b4e4380f43f125d0111 Mon Sep 17 00:00:00 2001 From: "FOLIO3PK\\muhammadnoman" Date: Tue, 15 Sep 2020 20:51:39 +0500 Subject: [PATCH 5/7] testing --- java-quickstart/build.gradle | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/java-quickstart/build.gradle b/java-quickstart/build.gradle index 5a49d8f06..709529b3a 100644 --- a/java-quickstart/build.gradle +++ b/java-quickstart/build.gradle @@ -4,6 +4,10 @@ dependencies { compile group: 'com.google.code.gson', name: 'gson', version: '2.8.6' compile group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.12' + compile (group: 'org.slf4j', name: 'slf4j-log4j12', version: '1.7.30') { + exclude group: 'log4j:log4j' + } + testCompile group: 'junit', name: 'junit', version: '4.12' } From 02030b06a4ec18cb7bcbd30b21faeedda276d6ec Mon Sep 17 00:00:00 2001 From: "FOLIO3PK\\muhammadnoman" Date: Tue, 15 Sep 2020 21:25:17 +0500 Subject: [PATCH 6/7] Replaced compile (group: 'org.slf4j', name: 'slf4j-log4j12', version: '1.7.30') with compile group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: '2.13.3' as due to transitive property of log4j 1.2.17 its causing vulnerability issue --- java-quickstart/build.gradle | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/java-quickstart/build.gradle b/java-quickstart/build.gradle index 709529b3a..8f16c3100 100644 --- a/java-quickstart/build.gradle +++ b/java-quickstart/build.gradle @@ -4,10 +4,7 @@ dependencies { compile group: 'com.google.code.gson', name: 'gson', version: '2.8.6' compile group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.12' - compile (group: 'org.slf4j', name: 'slf4j-log4j12', version: '1.7.30') { - exclude group: 'log4j:log4j' - } - + compile group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: '2.13.3' testCompile group: 'junit', name: 'junit', version: '4.12' } From 42c8b5393a80fda353cc507bbc84de72a5d19021 Mon Sep 17 00:00:00 2001 From: "FOLIO3PK\\muhammadnoman" Date: Tue, 15 Sep 2020 21:36:09 +0500 Subject: [PATCH 7/7] Reverting unwanted changes --- .travis.yml | 1 + core-api/build.gradle | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index c648dfb8b..f53c61158 100644 --- a/.travis.yml +++ b/.travis.yml @@ -74,6 +74,7 @@ jobs: FULLSTACK_TEST_REPO=ProdTesting - stage: 'Source Clear' + if: type = cron addons: srcclr: true before_install: skip diff --git a/core-api/build.gradle b/core-api/build.gradle index a31bc738b..d2609a97d 100644 --- a/core-api/build.gradle +++ b/core-api/build.gradle @@ -1,6 +1,5 @@ dependencies { compile group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion - compile group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: jacksonVersion compile group: 'com.google.code.findbugs', name: 'annotations', version: findbugsAnnotationVersion