Notification merge requestshttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests2023-10-11T07:00:17Zhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/436fix azure netty-handler, undertow, vulnerabilities and exclude document db2023-10-11T07:00:17ZVidyaDharani Lokamfix azure netty-handler, undertow, vulnerabilities and exclude document db# Change details
* excluded unused dependency `documentdb-bulkexecutor`
* upgrade `io.netty:netty-bom` version to `4.1.98.Final`
* upgrade `undertow-core` and `undertow-websockets-jsr` version to `2.2.26.Final`
# Changes in:
* [ ] GCP...# Change details
* excluded unused dependency `documentdb-bulkexecutor`
* upgrade `io.netty:netty-bom` version to `4.1.98.Final`
* upgrade `undertow-core` and `undertow-websockets-jsr` version to `2.2.26.Final`
# Changes in:
* [ ] GCP
* [x] Azure
* [ ] AWS
* [ ] IBMM21 - Release 0.24VidyaDharani LokamVidyaDharani Lokamhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/435Gonrg 7821 add healthcheck for notification service2023-10-04T13:42:11ZSiarhei Poliak [EPAM / GCP]Gonrg 7821 add healthcheck for notification service## Type of change
- [ ] Bug Fix
- [+] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provi...## Type of change
- [ ] Bug Fix
- [+] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [+] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [YNO]
## What is the current behavior?
unhealthy container does not restart
## What is the new/expected behavior?
unhealthy container will be restarted
## Have you added/updated Unit Tests and Integration Tests?
NI
## Any other useful information
add livenessProbe in deploymnet.yamlM21 - Release 0.24https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/434Full Upgrade of First Party Library Dependencies2023-10-17T10:22:28ZChad LeongFull Upgrade of First Party Library DependenciesThis generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the C...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the CI pipeline reports success.
If this MR has failed, we need to work with the maintainers and affected provider teams to find a solution.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 1f502839488bd0deac50b6981dbac98714dc82ba
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ------------------ | ------------------------ |
| core-lib-azure | 0.21.0 | 0.12.0-rc10 |
| core-lib-gc | 0.21.0 | |
| core-test-lib-gcp | | 0.0.2 |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| oqm | 0.21.0 | |
| os-core-common | 0.19.0-rc6, 0.21.0 | 0.3.4, 0.3.6, 0.22.0-rc4 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.4.6 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3, 2.11.1, 2.17.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.11.2, 2.17.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webmvc | 5.3.24 | 5.1.9.RELEASE, 5.3.24 |
| (3rd Party) org.yaml.snakeyaml | 1.30, 1.33, 2.0 | 1.23, 1.27, 1.30 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.projectlombok.lombok == 1.18.8
│ │ └─ org.springdoc.springdoc-openapi-ui == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-webmvc-core == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-common == 1.6.14
│ │ └─ io.swagger.core.v3.swagger-core == 2.2.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-core == 0.24.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.notification-gc == 0.24.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.os-core-common == 0.21.0
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-ibm == 0.24.0-SNAPSHOT
│ │ └─ org.yaml.snakeyaml == 1.33
│ └─ org.opengroup.osdu.notification-aws == 0.24.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-actuator == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.33
└─ testing/
├─ org.opengroup.osdu.notification.notification-test-core == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-azure == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core-lib-azure == 0.12.0-rc10
│ └─ org.springframework.boot.spring-boot-starter-aop == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
├─ org.opengroup.osdu.notification-test-gc == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-aws == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core.aws.os-core-lib-aws == 0.23.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
├─ org.opengroup.osdu.notification-test-ibm == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-lib-ibm == 0.15.2
│ └─ org.springframework.boot.spring-boot-starter-security == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
└─ org.opengroup.osdu.notification-test-baremetal == 0.24.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.3.6
└─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
└─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
└─ org.yaml.snakeyaml == 1.23
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: 984da13d420684c69caaeee23885cd22bd7861dd
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| --------------------------------------------------- | --------------- | --------------- |
| core-lib-azure | 0.23.2 | 0.23.2 |
| core-lib-gc | 0.23.1 | |
| core-test-lib-gcp | | 0.0.2 |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| oqm | 0.23.0 | |
| os-core-common | 0.23.3 | 0.23.3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 1.30, 2.0, 1.33 | 1.30, 1.27, 2.0 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.projectlombok.lombok == 1.18.8
│ │ └─ org.springdoc.springdoc-openapi-ui == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-webmvc-core == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-common == 1.6.14
│ │ └─ io.swagger.core.v3.swagger-core == 2.2.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-gc == 0.24.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.os-core-common == 0.23.3
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ └─ org.opengroup.osdu.notification-ibm == 0.24.0-SNAPSHOT
│ └─ org.yaml.snakeyaml == 1.33
└─ testing/
├─ org.opengroup.osdu.notification.notification-test-core == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.23.3
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
├─ org.opengroup.osdu.notification-test-azure == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core-lib-azure == 0.23.2
│ └─ org.redisson.redisson == 3.15.3
│ └─ org.yaml.snakeyaml == 1.27
├─ org.opengroup.osdu.notification-test-gc == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.23.3
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
├─ org.opengroup.osdu.notification-test-aws == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core.aws.os-core-lib-aws == 0.23.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
└─ org.opengroup.osdu.notification-test-baremetal == 0.24.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.23.3
└─ org.springframework.boot.spring-boot-starter-web == 2.7.7
└─ org.springframework.boot.spring-boot-starter == 2.7.7
└─ org.yaml.snakeyaml == 1.30
```M21 - Release 0.24https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/433Merge branch 'gc-fix-npe-during-delivery' into 'master'2023-09-29T06:46:57ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comMerge branch 'gc-fix-npe-during-delivery' into 'master'Original MR: !432
## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a ch...Original MR: !432
## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [ ] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [YES/NO]
## What is the current behavior?
## What is the new/expected behavior?
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful informationM20 - Release 0.23David Diederichd.diederich@opengroup.orgRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/432Fix NPE during delivery2023-09-28T20:57:58ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comFix NPE during delivery## Type of change
- [x] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provi...## Type of change
- [x] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [x] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [NO]
## What is the current behavior?
Subscription configs do not contain secret values, NPE is produced during the event delivery to the end consumer.
## What is the new/expected behavior?
Notification forcibly requests config with a secret from Register if it's not in the cache.
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful informationM20 - Release 0.23Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/431Upgrade First Party Library Dependencies for Release 0.232023-09-29T06:45:30ZChad LeongUpgrade First Party Library Dependencies for Release 0.23This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: ad71d5f646ff0ef41b0c8d34622fa08523a42efd
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ------------------ | ------------------------ |
| core-lib-azure | 0.21.0 | 0.12.0-rc10 |
| core-lib-gc | 0.21.0 | |
| core-test-lib-gcp | | 0.0.2 |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| oqm | 0.21.0 | |
| os-core-common | 0.19.0-rc6, 0.21.0 | 0.3.4, 0.3.6, 0.22.0-rc4 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.4.6 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3, 2.11.1, 2.17.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.11.2, 2.17.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webmvc | 5.3.24 | 5.1.9.RELEASE, 5.3.24 |
| (3rd Party) org.yaml.snakeyaml | 1.30, 1.33, 2.0 | 1.23, 1.27, 1.30 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.projectlombok.lombok == 1.18.8
│ │ └─ org.springdoc.springdoc-openapi-ui == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-webmvc-core == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-common == 1.6.14
│ │ └─ io.swagger.core.v3.swagger-core == 2.2.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-core == 0.24.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.notification-gc == 0.24.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.os-core-common == 0.21.0
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-ibm == 0.24.0-SNAPSHOT
│ │ └─ org.yaml.snakeyaml == 1.33
│ └─ org.opengroup.osdu.notification-aws == 0.24.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-actuator == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.33
└─ testing/
├─ org.opengroup.osdu.notification.notification-test-core == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-azure == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core-lib-azure == 0.12.0-rc10
│ └─ org.springframework.boot.spring-boot-starter-aop == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
├─ org.opengroup.osdu.notification-test-gc == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-aws == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core.aws.os-core-lib-aws == 0.23.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
├─ org.opengroup.osdu.notification-test-ibm == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-lib-ibm == 0.15.2
│ └─ org.springframework.boot.spring-boot-starter-security == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
└─ org.opengroup.osdu.notification-test-baremetal == 0.24.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.3.6
└─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
└─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
└─ org.yaml.snakeyaml == 1.23
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: ad71d5f646ff0ef41b0c8d34622fa08523a42efd
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ------------------ | ------------------------ |
| core-lib-azure | 0.21.0 | 0.12.0-rc10 |
| core-lib-gc | 0.21.0 | |
| core-test-lib-gcp | | 0.0.2 |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| oqm | 0.21.0 | |
| os-core-common | 0.19.0-rc6, 0.21.0 | 0.3.4, 0.3.6, 0.22.0-rc4 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.4.6 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3, 2.11.1, 2.17.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.11.2, 2.17.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webmvc | 5.3.24 | 5.1.9.RELEASE, 5.3.24 |
| (3rd Party) org.yaml.snakeyaml | 1.30, 1.33, 2.0 | 1.23, 1.27, 1.30 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.projectlombok.lombok == 1.18.8
│ │ └─ org.springdoc.springdoc-openapi-ui == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-webmvc-core == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-common == 1.6.14
│ │ └─ io.swagger.core.v3.swagger-core == 2.2.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-core == 0.24.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.notification-gc == 0.24.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.os-core-common == 0.21.0
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-ibm == 0.24.0-SNAPSHOT
│ │ └─ org.yaml.snakeyaml == 1.33
│ └─ org.opengroup.osdu.notification-aws == 0.24.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-actuator == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.33
└─ testing/
├─ org.opengroup.osdu.notification.notification-test-core == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-azure == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core-lib-azure == 0.12.0-rc10
│ └─ org.springframework.boot.spring-boot-starter-aop == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
├─ org.opengroup.osdu.notification-test-gc == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-aws == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core.aws.os-core-lib-aws == 0.23.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
├─ org.opengroup.osdu.notification-test-ibm == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-lib-ibm == 0.15.2
│ └─ org.springframework.boot.spring-boot-starter-security == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
└─ org.opengroup.osdu.notification-test-baremetal == 0.24.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.3.6
└─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
└─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
└─ org.yaml.snakeyaml == 1.23
```M20 - Release 0.23https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/430Draft: add error handling to event consumers2023-09-25T09:08:37ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comDraft: add error handling to event consumers## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud p...## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [ ] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [YES/NO]
## What is the current behavior?
## What is the new/expected behavior?
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful informationhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/429Preventing dead lettering of messages when a notification fails to get delive...2023-09-12T11:44:58ZSabarish K R EPreventing dead lettering of messages when a notification fails to get delivered due to external subscriber being down.## Type of change
- [ ] Bug Fix
- [X] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud p...## Type of change
- [ ] Bug Fix
- [X] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [X] Azure
- [ ] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [YES/NO]
## What is the current behavior?
## What is the new/expected behavior?
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful informationhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/428Cherry-pick 'Update FOSSA NOTICE' into release/0.232023-09-06T06:59:22ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Update FOSSA NOTICE' into release/0.23**Original MR**: !427
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !427
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/notification/-/pipelines/new?ref=cherry-pick-for-427)M20 - Release 0.23David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/427Update FOSSA NOTICE2023-09-06T06:46:51ZDavid Diederichd.diederich@opengroup.orgUpdate FOSSA NOTICEThis MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these ...This MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these changes.M20 - Release 0.23https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/426Fix vulnerabilities for m18 branch2023-09-05T21:04:00ZVaibhavi KamaniFix vulnerabilities for m18 branch## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provi...## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [X] Azure
- [ ] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [NO]
## What is the current behavior?
## What is the new/expected behavior?
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful informationhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/425Cherry-pick 'Upgrade First Party Library Dependencies for Release 0.23' into ...2023-09-05T19:36:34ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Upgrade First Party Library Dependencies for Release 0.23' into release/0.23**Original MR**: !423
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !423
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/notification/-/pipelines/new?ref=cherry-pick-for-423)M20 - Release 0.23David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/424Cherry-pick 'Remediate guava vulnerability' into release/0.232023-08-31T13:01:11ZSrinivasan NarayananCherry-pick 'Remediate guava vulnerability' into release/0.23**Original MR**: !422
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !422
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/notification/-/pipelines/new?ref=cherry-pick-for-422)M20 - Release 0.23David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/423Upgrade First Party Library Dependencies for Release 0.232023-09-05T19:18:01ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.23This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 77d50099446ea00ac1dc0fbaff5aeebd97c27b86
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ------------------ | ------------------------ |
| core-lib-azure | 0.21.0 | 0.12.0-rc10 |
| core-lib-gc | 0.21.0 | |
| core-test-lib-gcp | | 0.0.2 |
| os-core-lib-aws | 0.23.0-rc2 | 0.23.0-rc2 |
| oqm | 0.21.0 | |
| os-core-common | 0.19.0-rc6, 0.21.0 | 0.3.4, 0.3.6, 0.22.0-rc4 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.4.6 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3, 2.11.1, 2.17.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.11.2, 2.17.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webmvc | 5.3.24 | 5.1.9.RELEASE, 5.3.24 |
| (3rd Party) org.yaml.snakeyaml | 1.30, 1.33, 2.0 | 1.23, 1.27, 1.30 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.projectlombok.lombok == 1.18.8
│ │ └─ org.springdoc.springdoc-openapi-ui == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-webmvc-core == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-common == 1.6.14
│ │ └─ io.swagger.core.v3.swagger-core == 2.2.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-core == 0.24.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.notification-gc == 0.24.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.os-core-common == 0.21.0
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-ibm == 0.24.0-SNAPSHOT
│ │ └─ org.yaml.snakeyaml == 1.33
│ └─ org.opengroup.osdu.notification-aws == 0.24.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-actuator == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.33
└─ testing/
├─ org.opengroup.osdu.notification.notification-test-core == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-azure == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core-lib-azure == 0.12.0-rc10
│ └─ org.springframework.boot.spring-boot-starter-aop == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
├─ org.opengroup.osdu.notification-test-gc == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-aws == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core.aws.os-core-lib-aws == 0.23.0-rc2
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
├─ org.opengroup.osdu.notification-test-ibm == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-lib-ibm == 0.15.2
│ └─ org.springframework.boot.spring-boot-starter-security == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
└─ org.opengroup.osdu.notification-test-baremetal == 0.24.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.3.6
└─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
└─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
└─ org.yaml.snakeyaml == 1.23
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: 52015cddc69dbde5dde49cd8d7a46ce57dfb3377
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ------------------ | ------------------------ |
| core-lib-azure | 0.21.0 | 0.12.0-rc10 |
| core-lib-gc | 0.21.0 | |
| core-test-lib-gcp | | 0.0.2 |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| oqm | 0.21.0 | |
| os-core-common | 0.19.0-rc6, 0.21.0 | 0.3.4, 0.3.6, 0.22.0-rc4 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.4.6 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3, 2.11.1, 2.17.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.11.2, 2.17.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webmvc | 5.3.24 | 5.1.9.RELEASE, 5.3.24 |
| (3rd Party) org.yaml.snakeyaml | 1.30, 1.33, 2.0 | 1.23, 1.27, 1.30 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.projectlombok.lombok == 1.18.8
│ │ └─ org.springdoc.springdoc-openapi-ui == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-webmvc-core == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-common == 1.6.14
│ │ └─ io.swagger.core.v3.swagger-core == 2.2.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-core == 0.24.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.notification-gc == 0.24.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.os-core-common == 0.21.0
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.notification-ibm == 0.24.0-SNAPSHOT
│ │ └─ org.yaml.snakeyaml == 1.33
│ └─ org.opengroup.osdu.notification-aws == 0.24.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-actuator == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.33
└─ testing/
├─ org.opengroup.osdu.notification.notification-test-core == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-azure == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core-lib-azure == 0.12.0-rc10
│ └─ org.springframework.boot.spring-boot-starter-aop == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
├─ org.opengroup.osdu.notification-test-gc == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
│ └─ org.yaml.snakeyaml == 1.23
├─ org.opengroup.osdu.notification-test-aws == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core.aws.os-core-lib-aws == 0.23.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
├─ org.opengroup.osdu.notification-test-ibm == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-lib-ibm == 0.15.2
│ └─ org.springframework.boot.spring-boot-starter-security == 2.4.5
│ └─ org.springframework.boot.spring-boot-starter == 2.4.5
│ └─ org.yaml.snakeyaml == 1.27
└─ org.opengroup.osdu.notification-test-baremetal == 0.24.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.3.6
└─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
└─ org.springframework.boot.spring-boot-starter == 2.1.7.RELEASE
└─ org.yaml.snakeyaml == 1.23
```M20 - Release 0.23https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/422Remediate guava vulnerability2023-08-31T12:47:37ZThulasi Dass SubramanianRemediate guava vulnerability# Change details
* upgrade `com.google.guava:guava` to latest version 32.1.2-jre
* To Resolve vulnerability [Details](https://github.com/advisories/GHSA-7g45-4rm6-3mm3)# Change details
* upgrade `com.google.guava:guava` to latest version 32.1.2-jre
* To Resolve vulnerability [Details](https://github.com/advisories/GHSA-7g45-4rm6-3mm3)M20 - Release 0.23Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/421Fixed getting subscription (GONRG-7693)2023-08-30T05:05:30ZYurii Ruban [EPAM / GCP]Fixed getting subscription (GONRG-7693)The method for getting subscriptions was called recursively when there were no subscriptions in the cache.
MR in master: https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/420The method for getting subscriptions was called recursively when there were no subscriptions in the cache.
MR in master: https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/420M20 - Release 0.23David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/420Fixed getting subscription2023-08-29T14:23:01ZYurii Ruban [EPAM / GCP]Fixed getting subscription# Description:
The method for getting subscriptions was called recursively when there were no subscriptions in the cache
# How to test:
Check the application is running
# Changes include:
- [ ] Bugfix (a non-breaking change that solv...# Description:
The method for getting subscriptions was called recursively when there were no subscriptions in the cache
# How to test:
Check the application is running
# Changes include:
- [ ] Bugfix (a non-breaking change that solves an issue).
# Changes in:
- [ ] GCPM20 - Release 0.23Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/419Fixing Vulnerabilities.2023-08-29T16:40:50ZHarsheet ShahFixing Vulnerabilities.## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud p...## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [ ] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [YES/NO]
## What is the current behavior?
## What is the new/expected behavior?
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful informationHarsheet ShahHarsheet Shahhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/418Improving logs to deal with negative case scenarios2023-10-11T10:39:01ZHarshika DhootImproving logs to deal with negative case scenarios## Type of change
- [X] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO] NO
## Does this introduce a change in the clou...## Type of change
- [X] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO] NO
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [X] Azure
- [ ] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [YES/NO] NO
## What is the current behavior?
Logs including correlation id, http method, url, request and response body weren't present for debugging any issue that arises
## What is the new/expected behavior?
To receive information like correlation id, http method, url, request and response body for better debugging and getting ahold of any issue that arises and empowering us to reach to the root cause
## Have you added/updated Unit Tests and Integration Tests? Added logs in Integration tests
## Any other useful information
Compatibility with ADME INSTANCE: all test cases in notification ran:![notificationsdme](/uploads/5154c8ad3660c3b46d0b0ff9f36c4520/notificationsdme.png)
test case scenarios
1. Green test case: ![registergreen](/uploads/9aeed22a13beb7d4ad22971407f0b91f/registergreen.png)
2. unknown host exception:
here we are getting url, correlation id, data partition id and http method for this exception
![notif1](/uploads/161ecf6d41df0a94acbe91aa44ff04b3/notif1.png)
3. socket timeout exception:
here we are getting the request send information and stack trace for socket timeout the retry after the socket timeout,![registersocket](/uploads/f0340b6fde550c0890077f22db8e4eb8/registersocket.png)
4. subscription request: ![regissubs](/uploads/4e342c2f18c47890fad9f88a564dcab0/regissubs.png)
5. subscription response:![regissubsres](/uploads/3602ed68e85997f9fd89afa91800e536/regissubsres.png)Harshika DhootHarshika Dhoothttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/417AWS sync dev to master2023-08-23T20:12:23ZLong ChengAWS sync dev to masterM20 - Release 0.23Long ChengLong Cheng