commit b5e34936cc893a3e0dad93f33b1864e7c8fe1cac
author ChrisC <christophe.closset@intl.att.com> Thu Apr 29 16:39:26 2021 +0200
committer ChrisC <christophe.closset@intl.att.com> Fri Apr 30 09:00:03 2021 +0200
tree 6144fe61c2d4ea51a10659205afa69fd485033c6
parent 414bc934cd53ab76cc63a6436478566d9a6163d7

Vulnerable packages update

Update SDC-BE-COMMON to new version 1.6.1
Update several packages to the seccom recommended version
updated tests to JUNIT5

Issue-ID: SDC-3572
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Change-Id: Ibf26663aac0e3de6a36df4c723baa963206cc1b7

security-util-lib/pom.xml

diff --git a/security-util-lib/pom.xml b/security-util-lib/pom.xml
index 5b07389..020e7c1 100644
--- a/security-util-lib/pom.xml
+++ b/security-util-lib/pom.xml
@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.onap.sdc.sdc-be-common</groupId>
         <artifactId>sdc-be-common-parent</artifactId>
-        <version>1.6.0-SNAPSHOT</version>
+        <version>1.6.1-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
@@ -19,11 +19,13 @@
         <!-- Nexus related properties -->
         <portal.version>2.5.0</portal.version>
         <lang3.version>3.3.2</lang3.version>
-        <guava.version>18.0</guava.version>
-        <httpclient.version>4.5.3</httpclient.version>
+        <guava.version>30.1.1-jre</guava.version>
+        <httpclient.version>4.5.13</httpclient.version>
         <jersey-bom.version>2.27</jersey-bom.version>
         <json-simple.version>1.1</json-simple.version>
         <functionaljava.version>4.7</functionaljava.version>
+        <jackson.version>2.12.3</jackson.version>
+        <esapi.version>2.2.3.0</esapi.version>
 
         <!-- Sonar properties -->
         <sonar.sourceEncoding>${project.build.sourceEncoding}</sonar.sourceEncoding>
@@ -38,12 +40,37 @@
     </properties>
 
    <dependencies>
-
+       <dependency>
+           <groupId>com.fasterxml.jackson.core</groupId>
+           <artifactId>jackson-core</artifactId>
+           <version>${jackson.version}</version>
+       </dependency>
+       <dependency>
+           <groupId>com.fasterxml.jackson.core</groupId>
+           <artifactId>jackson-annotations</artifactId>
+           <version>${jackson.version}</version>
+       </dependency>
+       <dependency>
+           <groupId>com.fasterxml.jackson.core</groupId>
+           <artifactId>jackson-databind</artifactId>
+           <version>${jackson.version}</version>
+       </dependency>
        <dependency>
            <groupId>org.functionaljava</groupId>
            <artifactId>functionaljava</artifactId>
            <version>${functionaljava.version}</version>
        </dependency>
+       <dependency>
+           <groupId>org.owasp.esapi</groupId>
+           <artifactId>esapi</artifactId>
+           <version>${esapi.version}</version>
+           <exclusions>
+               <exclusion>
+                   <groupId>org.slf4j</groupId>
+                   <artifactId>slf4j-simple</artifactId>
+               </exclusion>
+           </exclusions>
+       </dependency>
 
        <!-- Inserted for Portal Integration -->
        <dependency>
@@ -57,14 +84,34 @@
                    <artifactId>cambriaClient</artifactId>
                </exclusion>
                <exclusion>
+                   <groupId>com.fasterxml.jackson.core</groupId>
+                   <artifactId>jackson-core</artifactId>
+               </exclusion>
+               <exclusion>
+                   <groupId>com.fasterxml.jackson.core</groupId>
+                   <artifactId>jackson-annotations</artifactId>
+               </exclusion>
+               <exclusion>
+                   <groupId>com.fasterxml.jackson.core</groupId>
+                   <artifactId>jackson-databind</artifactId>
+               </exclusion>
+               <exclusion>
+                   <groupId>org.owasp.esapi</groupId>
+                   <artifactId>esapi</artifactId>
+               </exclusion>
+               <exclusion>
                    <artifactId>slf4j-log4j12</artifactId>
                    <groupId>org.slf4j</groupId>
                </exclusion>
                <exclusion>
-                   <artifactId>powermock-api-mockito</artifactId>
+                   <artifactId>powermock-module-junit4</artifactId>
                    <groupId>org.powermock</groupId>
                </exclusion>
                <exclusion>
+                   <groupId>org.junit.jupiter</groupId>
+                   <artifactId>junit-jupiter-api</artifactId>
+               </exclusion>
+               <exclusion>
                    <groupId> org.onap.aaf.authz</groupId>
                    <artifactId> aaf-cadi-aaf</artifactId>
                </exclusion>
@@ -121,7 +168,7 @@
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
-                <version>0.7.8</version>
+                <version>0.8.6</version>
                 <executions>
                     <!-- Unit-Tests -->
                     <execution>