Skip to content

Commit 2b54733

Browse files
pyek-botpyek-bot
authored
Fix CVE for commons-lang3 dependency (opensearch-project#4099)
* fix: cve for commons-lang3 dependency Signed-off-by: Pavan Yekbote <[email protected]> * refactor: use variable from core Signed-off-by: Pavan Yekbote <[email protected]> --------- Signed-off-by: Pavan Yekbote <[email protected]>
1 parent 185664b commit 2b54733

File tree

2 files changed

+3
-3
lines changed

2 files changed

+3
-3
lines changed

plugin/build.gradle

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,7 @@ dependencies {
8484
exclude group: 'com.google.errorprone', module: 'error_prone_annotations'
8585
}
8686
implementation group: 'com.google.code.gson', name: 'gson', version: '2.11.0'
87-
implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.10'
87+
implementation group: 'org.apache.commons', name: 'commons-lang3', version: "${versions.commonslang}"
8888
implementation group: 'org.apache.commons', name: 'commons-math3', version: '3.6.1'
8989
implementation group: 'org.apache.commons', name: 'commons-text', version: '1.10.0'
9090
implementation "org.apache.logging.log4j:log4j-slf4j-impl:2.19.0"
@@ -426,7 +426,7 @@ check.dependsOn jacocoTestCoverageVerification
426426
configurations.all {
427427
exclude group: "org.jetbrains", module: "annotations"
428428
exclude group: "com.google.guava", module: "failureaccess"
429-
resolutionStrategy.force 'org.apache.commons:commons-lang3:3.10'
429+
resolutionStrategy.force "org.apache.commons:commons-lang3:${versions.commonslang}"
430430
resolutionStrategy.force 'commons-logging:commons-logging:1.2'
431431
resolutionStrategy.force 'org.objenesis:objenesis:3.2'
432432
resolutionStrategy.force 'net.java.dev.jna:jna:5.11.0'

search-processors/build.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ dependencies {
3131
implementation project(path: ":${rootProject.name}-common", configuration: 'shadow')
3232
compileOnly group: 'org.opensearch', name: 'opensearch', version: "${opensearch_version}"
3333
compileOnly group: 'com.google.code.gson', name: 'gson', version: '2.11.0'
34-
implementation 'org.apache.commons:commons-lang3:3.12.0'
34+
implementation "org.apache.commons:commons-lang3:${versions.commonslang}"
3535
implementation project(':opensearch-ml-memory')
3636
implementation group: 'org.opensearch', name: 'common-utils', version: "${common_utils_version}"
3737
// https://mvnrepository.com/artifact/org.apache.httpcomponents.core5/httpcore5

0 commit comments

Comments
 (0)