Skip to content

Commit

Permalink
Armeria 1.25.2 (#3351)
Browse files Browse the repository at this point in the history 
Updates Armeria to 1.25.2. This also removes a Gradle resolution strategy which fixes some dependencies to specific versions. Instead, use a dependency version requirement which allows for using newer versions. Resolves #3069.

Signed-off-by: David Venable <[email protected]>
  • Loading branch information
@dlvenable
dlvenable authored Sep 20, 2023
1 parent b5ecfe8 commit a016b7a
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 9 deletions.
19 changes: 12 additions & 7 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,30 +163,35 @@ subprojects {
}
because 'CVE from transitive dependencies'
}
implementation('org.xerial.snappy:snappy-java') {
version {
require '1.1.10.1'
}
because 'Fixes CVE-2023-35165, CVE-2023-34455, CVE-2023-34453, CVE-2023-34454, CVE-2023-2976'
}
}
}
test {
useJUnitPlatform()
}

configurations.all {
resolutionStrategy.eachDependency { def details ->
if (details.requested.group == 'io.netty') {
if (details.requested.name == 'netty') {
details.useTarget group: 'io.netty', name: 'netty-all', version: '4.1.86.Final'
details.useTarget group: 'io.netty', name: 'netty-all', version: '4.1.96.Final'
// replace with your desired version
} else if (!details.requested.name.startsWith('netty-tcnative')) {
details.useVersion '4.1.86.Final'
details.useVersion '4.1.96.Final'
details.because 'Fixes CVE-2022-41881, CVE-2021-21290 and CVE-2022-41915.'
}
} else if (details.requested.group == 'log4j' && details.requested.name == 'log4j') {
details.useTarget group: 'org.apache.logging.log4j', name: 'log4j-1.2-api', version: '2.17.1'
} else if (details.requested.group == 'org.xerial.snappy' && details.requested.name == 'snappy-java') {
details.useTarget group: 'org.xerial.snappy', name: 'snappy-java', version: '1.1.10.1'
}
}
}

test {
useJUnitPlatform()
}

build.dependsOn test
jacocoTestReport {
dependsOn test // tests are required to run before generating the report
Expand Down
3 changes: 2 additions & 1 deletion .../src/test/java/org/opensearch/dataprepper/peerforwarder/PeerForwarder_ClientServerIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
import com.linecorp.armeria.common.ClosedSessionException;
import com.linecorp.armeria.common.HttpStatus;
import com.linecorp.armeria.server.Server;
import io.netty.handler.ssl.NotSslRecordException;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
Expand Down Expand Up @@ -326,7 +327,7 @@ void send_Events_to_server_when_expecting_SSL_should_throw(final boolean binaryC
() -> client.serializeRecordsAndSendHttpRequest(outgoingRecords, LOCALHOST, pluginId, pipelineName).get());

assertThat(actualException.getCause(), instanceOf(UnprocessedRequestException.class));
assertThat(actualException.getCause().getCause(), instanceOf(SSLHandshakeException.class));
assertThat(actualException.getCause().getCause(), instanceOf(NotSslRecordException.class));

final Collection<Record<Event>> receivedRecords = getServerSideRecords(peerForwarderProvider);
assertThat(receivedRecords, notNullValue());
Expand Down
2 changes: 1 addition & 1 deletion settings.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ dependencyResolutionManagement {
libs {
version('slf4j', '2.0.6')
library('slf4j-api', 'org.slf4j', 'slf4j-api').versionRef('slf4j')
version('armeria', '1.22.1')
version('armeria', '1.25.2')
library('armeria-core', 'com.linecorp.armeria', 'armeria').versionRef('armeria')
library('armeria-grpc', 'com.linecorp.armeria', 'armeria-grpc').versionRef('armeria')
library('armeria-junit', 'com.linecorp.armeria', 'armeria-junit5').versionRef('armeria')
Expand Down

0 comments on commit a016b7a

Please sign in to comment.