Notification merge requestshttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests2022-12-12T05:11:02Zhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/295Upgrade spring-boot-maven-plugin to 2.7.62022-12-12T05:11:02ZNaveen RamachandraiahUpgrade spring-boot-maven-plugin to 2.7.6Upgrade spring-boot-maven-plugin to 2.7.6Upgrade spring-boot-maven-plugin to 2.7.6Naveen RamachandraiahNaveen Ramachandraiahhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/294Upgrade spring-boot-maven-plugin to 2.7.62022-12-14T12:21:59ZThulasi Dass SubramanianUpgrade spring-boot-maven-plugin to 2.7.6Upgrade spring-boot-maven-plugin to 2.7.6Upgrade spring-boot-maven-plugin to 2.7.6M15 - Release 0.18Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/292Aws integration merge2022-12-08T06:15:07ZMichael LinAws integration mergeM15 - Release 0.18Okoun-Ola Fabien HouetoMichael LinOkoun-Ola Fabien Houetohttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/288M14 Upgrade2022-12-10T14:40:17ZAnkur RawatM14 UpgradeM12 changes into M14M12 changes into M14Ankur RawatAnkur Rawathttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/286Update buildspec file2022-11-18T23:53:08ZMorris EstepaUpdate buildspec fileUpdate buildspec fileUpdate buildspec fileM15 - Release 0.18Morris EstepaMorris Estepahttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/285GONRG-5890-Change-to-GC2023-08-18T15:24:10ZEldor Pulatov [EPAM/GCP]GONRG-5890-Change-to-GC## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud p...## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [x] GCP
- [ ] IBM
## Does this introduce a breaking change?
- [YES/NO]
## What is the current behavior?
## What is the new/expected behavior?
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful informationM15 - Release 0.18Eldor Pulatov [EPAM/GCP]Eldor Pulatov [EPAM/GCP]https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/283Cherry-pick 'Adding the missing property for proper health check' into releas...2022-10-18T16:04:08ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Adding the missing property for proper health check' into release/0.17**Original MR**: !282
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !282
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/notification/-/pipelines/new?ref=cherry-pick-for-282)M14 - Release 0.17David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/282Adding the missing property for proper health check2022-11-15T21:09:55ZArturo Hernandez [EPAM]Adding the missing property for proper health check## Type of change
- [X] Bug Fix
- [ ] Feature
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [X] Azure
- [ ] GCP
- [ ] IB...## Type of change
- [X] Bug Fix
- [ ] Feature
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [X] Azure
- [ ] GCP
- [ ] IBM
## Does this introduce a breaking change?
- [NO]
## What is the current behavior?
- Deployment fails due missing health endpoint
## What is the new/expected behavior?
- Deployment working fine as bootspring actuator will return 200 on health check
## Have you added/updated Unit Tests and Integration Tests?
- __YES__
## Any other useful information
Troubleshooting notes:
```
Most likely issue in the helm-charts-azure deployment.
https://community.opengroup.org/osdu/platform/system/notification/-/jobs/1437437
Error started when used 0.17.0 version:
https://community.opengroup.org/osdu/platform/system/notification/-/jobs/1438010
Actuator health check it is not working due this missing property, that's why it is failing to be deployed, due unhealthy actuator endpoint.
```M14 - Release 0.17Arturo Hernandez [EPAM]shivani karipeArturo Hernandez [EPAM]https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/281fix whitesource vulnerabilities2023-03-23T19:03:16ZYauheni Lesnikaufix whitesource vulnerabilitiesFix next whitesource vulnerabilities for the notificatiom-core and notification-azure:
jackson-databind - CVE-2020-36518, CVE-2022-42004, CVE-2022-42003
undertow-core - CVE-2020-36518, CVE-2021-3859
spring-security-web - CVE-2022-229...Fix next whitesource vulnerabilities for the notificatiom-core and notification-azure:
jackson-databind - CVE-2020-36518, CVE-2022-42004, CVE-2022-42003
undertow-core - CVE-2020-36518, CVE-2021-3859
spring-security-web - CVE-2022-22978
spring-beans - CVE-2022-22965
google-oauth-client - CVE-2021-22573
json - WS-2017-3805
snakeyaml - CVE-2022-25857M15 - Release 0.18Yauheni LesnikauYauheni Lesnikauhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/280Cherry-pick 'upgrading spring version for avoiding issue related of "org/spr...2022-10-13T17:21:57ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'upgrading spring version for avoiding issue related of "org/springframework/core/log/logmessage "' into release/0.17**Original MR**: !278
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !278
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/notification/-/pipelines/new?ref=cherry-pick-for-278)M14 - Release 0.17David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/278upgrading spring version for avoiding issue related of "org/springframework/...2022-10-13T16:42:20ZAshwani Pandeyupgrading spring version for avoiding issue related of "org/springframework/core/log/logmessage "spring-security-config and spring-security-web version upgrade to 5.7.3 to avoid issue related of **org/springframework/core/log/logmessage class not found**spring-security-config and spring-security-web version upgrade to 5.7.3 to avoid issue related of **org/springframework/core/log/logmessage class not found**M14 - Release 0.17Ashwani PandeyAshwani Pandeyhttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/277Cherry-pick 'Update FOSSA NOTICE' into release/0.172022-10-10T18:11:18ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Update FOSSA NOTICE' into release/0.17**Original MR**: !275
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !275
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/notification/-/pipelines/new?ref=cherry-pick-for-275)M14 - Release 0.17David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/276Cherry-pick 'Merge ibm helm' into release/0.172022-10-10T18:11:23ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Merge ibm helm' into release/0.17**Original MR**: !274
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !274
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/notification/-/pipelines/new?ref=cherry-pick-for-274)M14 - Release 0.17David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/275Update FOSSA NOTICE2022-10-10T06:31:57ZDavid Diederichd.diederich@opengroup.orgUpdate FOSSA NOTICEThis MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these ...This MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these changes.M14 - Release 0.17https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/274Merge ibm helm2022-10-10T06:04:04ZManish SinghMerge ibm helm## Type of change
- [ ] Bug Fix
- [x] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud p...## Type of change
- [ ] Bug Fix
- [x] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [ ] GCP
- [x] IBM
## Does this introduce a breaking change?
- [YES/NO]
## What is the current behavior?
## What is the new/expected behavior?
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful information
Merge ibm helm to masterM14 - Release 0.17Shrikant GargShrikant Garghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/273Removed google cloud libs from the core part.2022-11-03T11:17:13ZRiabokon Stanislav(EPAM)[GCP]Removed google cloud libs from the core part.## Type of change
- [x] Bug Fix
- [ ] Feature
https://community.opengroup.org/osdu/platform/system/notification/-/issues/50
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provi...## Type of change
- [x] Bug Fix
- [ ] Feature
https://community.opengroup.org/osdu/platform/system/notification/-/issues/50
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [x] AWS
- [x] Azure
- [x] GCP
- [x] IBM
## Does this introduce a breaking change?
- [YES]
Removed GCP cloud libs from Core Part.M15 - Release 0.18Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/272Cherry-pick 'Upgrade Springframework' into release/0.172022-10-06T18:23:01ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Upgrade Springframework' into release/0.17**Original MR**: !271
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !271
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/notification/-/pipelines/new?ref=cherry-pick-for-271)M14 - Release 0.17David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/271Upgrade Springframework2022-10-06T16:11:15ZXiangliang MengUpgrade SpringframeworkM14 - Release 0.17Okoun-Ola Fabien HouetoXiangliang MengOkoun-Ola Fabien Houetohttps://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/270Update FOSSA NOTICE2022-10-02T21:37:39ZDavid Diederichd.diederich@opengroup.orgUpdate FOSSA NOTICEThis MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these ...This MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these changes.M14 - Release 0.17https://community.opengroup.org/osdu/platform/system/notification/-/merge_requests/269Upgrade First Party Library Dependencies for Release 0.172022-10-07T12:15:51ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.17This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 45145af65ff72876217458186a80096fed97a4ca
Maven: 0.17.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------------- | -------------- |
| core-lib-azure | 0.16.0-rc5 | 0.0.22 |
| core-lib-gcp | 0.16.0 | |
| core-test-lib-gcp | | 0.0.2 |
| os-core-lib-aws | 0.14.0 | 0.14.0-rc2 |
| obm | 0.16.0 | |
| oqm | 0.16.0 | |
| os-core-common | 0.14.0 | 0.3.4, 0.3.6 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| osm | 0.16.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.13.2.2 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.12.1, 2.11.1 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.12.1 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.12.1 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.12.1 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.11.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.1.19.RELEASE, 5.3.22 | 5.1.9.RELEASE |
```
Warning: Found Vulnerable Spring MVC dependency (<5.2.20 || >=5.3.0 <5.3.18)
├─ _Root_
│ ├─ org.opengroup.osdu.notification-core == 0.17.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ │ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
│ ├─ org.opengroup.osdu.notification-gcp == 0.17.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.os-core-common == 0.14.0
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.1.18.RELEASE
│ │ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
│ └─ org.opengroup.osdu.notification-ibm == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.notification-core == 0.17.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.18.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
└─ testing/
├─ org.opengroup.osdu.notification.notification-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
├─ org.opengroup.osdu.notification-test-azure == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.notification.notification-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
├─ org.opengroup.osdu.notification-test-gcp == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
├─ org.opengroup.osdu.notification-test-aws == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
├─ org.opengroup.osdu.notification-test-ibm == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
└─ org.opengroup.osdu.notification-test-anthos == 0.17.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.3.6
└─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
└─ org.springframework.spring-webmvc == 5.1.9.RELEASE
```
```
Warning: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.notification-azure == 0.17.0-SNAPSHOT
└─ com.azure.spring.azure-spring-boot-starter-active-directory == 3.4.0
└─ org.springframework.boot.spring-boot-starter-webflux == 2.5.12
└─ org.springframework.spring-webflux == 5.3.12
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: f62c20fee7b788c4351b67b947a44f45250644c2
Maven: 0.17.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------------- | -------------- |
| core-lib-azure | 0.16.0-rc5 | 0.0.22 |
| core-lib-gcp | 0.17.0 | |
| core-test-lib-gcp | | 0.0.2 |
| os-core-lib-aws | 0.14.0 | 0.14.0-rc2 |
| obm | 0.17.0 | |
| oqm | 0.17.0 | |
| os-core-common | 0.14.0 | 0.3.4, 0.3.6 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| osm | 0.17.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.13.2.2 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.12.1, 2.11.1 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.12.1 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.12.1 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.12.1 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.11.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.1.19.RELEASE, 5.3.22 | 5.1.9.RELEASE |
```
Warning: Found Vulnerable Spring MVC dependency (<5.2.20 || >=5.3.0 <5.3.18)
├─ _Root_
│ ├─ org.opengroup.osdu.notification-core == 0.17.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ │ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
│ ├─ org.opengroup.osdu.notification-gcp == 0.17.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.os-core-common == 0.14.0
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.1.18.RELEASE
│ │ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
│ └─ org.opengroup.osdu.notification-ibm == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.notification-core == 0.17.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.18.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
└─ testing/
├─ org.opengroup.osdu.notification.notification-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
├─ org.opengroup.osdu.notification-test-azure == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.notification.notification-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.4
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
├─ org.opengroup.osdu.notification-test-gcp == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
├─ org.opengroup.osdu.notification-test-aws == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
├─ org.opengroup.osdu.notification-test-ibm == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.3.6
│ └─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
│ └─ org.springframework.spring-webmvc == 5.1.9.RELEASE
└─ org.opengroup.osdu.notification-test-anthos == 0.17.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.3.6
└─ org.springframework.boot.spring-boot-starter-web == 2.1.7.RELEASE
└─ org.springframework.spring-webmvc == 5.1.9.RELEASE
```
```
Warning: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.notification-azure == 0.17.0-SNAPSHOT
└─ com.azure.spring.azure-spring-boot-starter-active-directory == 3.4.0
└─ org.springframework.boot.spring-boot-starter-webflux == 2.5.12
└─ org.springframework.spring-webflux == 5.3.12
```M15 - Release 0.18Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]