Remove jackson databind to avoid security issues
Fix security issues raised by LF
Issue-ID: VNFSDK-161
Change-Id: I3befd259e97d227c03f6dd8ddf2a0040db9aae0d
Signed-off-by: Murali-P <murali.p@huawei.com>
diff --git a/vnfmarket-be/vnf-sdk-marketplace/pom.xml b/vnfmarket-be/vnf-sdk-marketplace/pom.xml
index cce1564..6cc9688 100644
--- a/vnfmarket-be/vnf-sdk-marketplace/pom.xml
+++ b/vnfmarket-be/vnf-sdk-marketplace/pom.xml
@@ -51,28 +51,17 @@
<artifactId>log4j</artifactId>
<version>1.2.16</version>
</dependency>
-
- <dependency>
- <groupId>io.dropwizard</groupId>
- <artifactId>dropwizard-core</artifactId>
- <version>1.2.4</version>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
<dependency>
<groupId>io.dropwizard</groupId>
<artifactId>dropwizard-assets</artifactId>
<version>1.2.4</version>
</dependency>
<dependency>
- <groupId>io.dropwizard</groupId>
- <artifactId>dropwizard-hibernate</artifactId>
- <version>1.2.4</version>
+ <groupId>org.eclipse.persistence</groupId>
+ <artifactId>javax.persistence</artifactId>
+ <version>2.1.0</version>
</dependency>
+
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-jersey2-jaxrs</artifactId>
@@ -163,9 +152,9 @@
<artifactId>ant</artifactId>
<version>1.8.2</version>
<scope>test</scope>
- </dependency>
-
-
+ </dependency>
+
+
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-io</artifactId>