Gitiles
Code Review Sign In
gerrit.nordix.org / onap / appc / 76b6ff1ce84d4c2ab4518dd5f154083b91680245^! / . / appc-inbound / appc-design-services / provider / pom.xml
commit76b6ff1ce84d4c2ab4518dd5f154083b91680245[log] [tgz]
authorTaka Cho <tc012c@att.com>Sat Aug 18 15:56:57 2018 -0400
committerPatrick Brady <pb071s@att.com>Mon Aug 20 16:14:15 2018 +0000
tree31e389244c01c8bc1527acf8f0f52d4ab668e74b
parent8678a53099f255c1c9a12da4f156d97f87b0ac59 [diff] [blame]
resolving logback-classic 1.13 from security issue

cdp-pal and eelf are the jar using logback-classic 1.1.3.
need to use exclusions option in pom file

Issue-ID: APPC-1018
Change-Id: I00b41f9c366a5ead3f4205cd6fa6b9eb74599767
Signed-off-by: Taka Cho <tc012c@att.com>

diff --git a/appc-inbound/appc-design-services/provider/pom.xml b/appc-inbound/appc-design-services/provider/pom.xml
index 7197c06..2adfd30 100755
--- a/appc-inbound/appc-design-services/provider/pom.xml
+++ b/appc-inbound/appc-design-services/provider/pom.xml

@@ -114,10 +114,20 @@
             <artifactId>sal-binding-broker-impl</artifactId>
             <scope>test</scope>
         </dependency>
-
+        <dependency>
+         <groupId>ch.qos.logback</groupId>
+         <artifactId>logback-classic</artifactId>
+	 <version>${logback.version}</version>
+        </dependency>
         <dependency>
             <groupId>com.att.eelf</groupId>
             <artifactId>eelf-core</artifactId>
+            <exclusions>
+                 <exclusion>
+                      <groupId>ch.qos.logback</groupId>
+                      <artifactId>logback-classic</artifactId>
+                 </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.onap.ccsdk.sli.adaptors</groupId>