Remove SNAPSHOT dependencies
This automated MR removes usage of SNAPSHOT versions in the first party library dependencies.
Since SNAPSHOT dependencies change frequently -- by their nature -- usage of them across projects is dangerous and should be avoided.
Dependency Information Before the Upgrade
Branch: master
SHA: be90ac7b801999729830d7d5ed1fb3c0748edce6
Maven: 0.18.0-SNAPSHOT| Maven Dependencies | Root | testing/ |
|---|---|---|
| core-lib-azure | 0.16.0 | 0.16.0 |
| core-lib-gcp | 0.17.0-rc5 | |
| os-core-lib-aws | 0.17.0-SNAPSHOT | 0.16.1 |
| obm | 0.17.0-rc2 | |
| oqm | 0.17.0-rc1 | |
| os-core-common | 0.17.0-rc4 | 0.16.0 |
| os-core-lib-ibm | 0.16.0 | 0.16.0 |
| osm | 0.17.0-rc1 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22, 5.3.12 | 5.3.22 |
Warning: Found Vulnerable Spring MVC dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.legal.legal-byoc == 0.18.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.17.0-rc4
└─ org.springframework.spring-webmvc == 5.3.12Warning: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.legal.legal-azure == 0.18.0-SNAPSHOT
└─ com.azure.spring.azure-spring-boot-starter-active-directory == 3.4.0
└─ org.springframework.boot.spring-boot-starter-webflux == 2.4.12
└─ org.springframework.spring-webflux == 5.3.12Dependency Information After the Upgrade
Branch: remove-snapshots
SHA: 43538d292cbd3c14d0590a45a00d97e1a831ae2a
Maven: 0.18.0-SNAPSHOT| Maven Dependencies | Root | testing/ |
|---|---|---|
| core-lib-azure | 0.16.0 | 0.16.0 |
| core-lib-gcp | 0.17.0-rc5 | |
| os-core-lib-aws | 0.17.0 | 0.17.0 |
| obm | 0.17.0-rc2 | |
| oqm | 0.17.0-rc1 | |
| os-core-common | 0.17.0-rc4 | 0.17.0, 0.16.0 |
| os-core-lib-ibm | 0.16.0 | 0.16.0 |
| osm | 0.17.0-rc1 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22, 5.3.12 | 5.3.22 |
Warning: Found Vulnerable Spring MVC dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.legal.legal-byoc == 0.18.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.17.0-rc4
└─ org.springframework.spring-webmvc == 5.3.12Warning: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.legal.legal-azure == 0.18.0-SNAPSHOT
└─ com.azure.spring.azure-spring-boot-starter-active-directory == 3.4.0
└─ org.springframework.boot.spring-boot-starter-webflux == 2.4.12
└─ org.springframework.spring-webflux == 5.3.12