upgrade kafka-clients library to 2.3.0 because of CVE-2018-17196, upg…

…rade docker images in example, added OWASP dependency check

README.md

@@ -12,7 +12,7 @@ How to quickly start using the Event Store Kafka with your Java EE 8 project.
     <dependency>
         <groupId>net.osomahe</groupId>
         <artifactId>eventstore-kafka</artifactId>
-        <version>0.4.0</version>
+        <version>0.4.3</version>
     </dependency>
     ```
 2. Added extensions `src/main/resources/META-INF/services/javax.enterprise.inject.spi.Extension`

examples/00-installation.md

@@ -21,13 +21,14 @@ Installation steps needs to be done prior the development.
 ```bash
 docker network create eventstore
 
-docker run -d --name es-zk --net eventstore -p 7072:7072 zookeeper:3.4.12
+docker run -d --name es-zk --net eventstore -p 7072:7072 zookeeper:3.5.5
 
 docker run -d --name es-kafka --net eventstore -p 9092:9092 -e KAFKA_ZOOKEEPER_CONNECT=es-zk:2181 \
 -e KAFKA_ADVERTISED_LISTENERS=PLAINTEXT://localhost:9092 -e KAFKA_BROKER_ID=0 \
 -e KAFKA_NUM_PARTITIONS=32 -e KAFKA_LOG_RETENTION_MS=-1 -e KAFKA_COMPRESSION_TYPE=gzip \
 -e KAFKA_DELETE_TOPIC_ENABLE=false -e KAFKA_LOG_CLEANUP_POLICY=compact \
--e KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR=1 -e KAFKA_HEAP_OPTS="-Xmx512m -Xms512m" confluentinc/cp-kafka:4.1.1
+-e KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR=1 -e KAFKA_HEAP_OPTS="-Xmx512m -Xms512m" \
+-e CONFLUENT_SUPPORT_METRICS_ENABLE=false confluentinc/cp-kafka:5.3.0
 
 docker exec es-kafka kafka-topics --zookeeper=es-zk:2181 --list
 
@@ -36,4 +37,4 @@ docker exec es-kafka kafka-streams-application-reset --application-id client-app
 
 docker exec es-kafka kafka-run-class kafka.tools.GetOffsetShell --broker-list localhost:9092 --topic eventstore
 
-```
+```

examples/01-todolist/README.md

@@ -22,4 +22,4 @@ Queries:
 * Get all ToDos
     ```bash
     curl http://localhost:9080/api/todo
-    ```
+    ```

examples/01-todolist/pom.xml

@@ -15,7 +15,7 @@
         <dependency>
             <groupId>net.osomahe</groupId>
             <artifactId>eventstore-kafka</artifactId>
-            <version>0.4.0-SNAPSHOT</version>
+            <version>0.5.0-SNAPSHOT</version>
         </dependency>
     </dependencies>
     <build>
@@ -26,4 +26,4 @@
         <maven.compiler.target>1.8</maven.compiler.target>
         <failOnMissingWebXml>false</failOnMissingWebXml>
     </properties>
-</project>
+</project>

examples/01-todolist/src/main/webapp/WEB-INF/jboss-webx.xml

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+    <context-root>/</context-root>
+</jboss-web>

pom.xml

@@ -42,7 +42,7 @@
         <dependency>
             <groupId>org.apache.kafka</groupId>
             <artifactId>kafka-clients</artifactId>
-            <version>2.0.0</version>
+            <version>2.3.0</version>
         </dependency>
 
         <dependency>
@@ -130,4 +130,23 @@
             </build>
         </profile>
     </profiles>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.owasp</groupId>
+                <artifactId>dependency-check-maven</artifactId>
+                <version>5.2.0</version>
+                <configuration>
+                    <failBuildOnCVSS>8</failBuildOnCVSS>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
 </project>