Schema merge requests
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests
2022-09-02T15:11:09Z
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/377
change version of azure core lib to 0.17.0-rc9 and add change gitlab-ci.yaml
2022-09-02T15:11:09Z
Akshat Joshi
change version of azure core lib to 0.17.0-rc9 and add change gitlab-ci.yaml
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/376
Adding AWS Helm Charts
2022-09-20T01:22:14Z
Marc Burnie [AWS]
Adding AWS Helm Charts
M14 - Release 0.17
Marc Burnie [AWS]
Marc Burnie [AWS]
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/375
Update deployments/scripts/ibm/bootstrap.sh
2022-08-22T09:24:25Z
Shrikant Garg
Update deployments/scripts/ibm/bootstrap.sh
M14 - Release 0.17
Shrikant Garg
Shrikant Garg
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/373
Merge branch 'fix-dependencies-m13' into 'master'
2022-08-18T19:00:18Z
Rustam Lotsmanenko (EPAM)
rustam_lotsmanenko@epam.com
Merge branch 'fix-dependencies-m13' into 'master'
upgrade jakson-databind and core-lib-gcp
See merge request osdu/platform/system/schema-service!370
(cherry picked from commit 831e153a36cfafacf70a60c8b5a29fe5035311ba)
b270684d upgrade jakson-databind and core-lib-gcp
5842234a resolve...
upgrade jakson-databind and core-lib-gcp
See merge request osdu/platform/system/schema-service!370
(cherry picked from commit 831e153a36cfafacf70a60c8b5a29fe5035311ba)
b270684d upgrade jakson-databind and core-lib-gcp
5842234a resolve jackson runtime conflicts
Rustam Lotsmanenko (EPAM)
rustam_lotsmanenko@epam.com
Rustam Lotsmanenko (EPAM)
rustam_lotsmanenko@epam.com
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/372
Fix white source vulnerabilities
2022-09-16T02:10:30Z
Tsvetelina Ivanova
Fix white source vulnerabilities
Fix WhiteSource vulnerabilities:
- spring-security-web
- spring-beans
- tomcat-embed-core
- jackson-databind
Fix WhiteSource vulnerabilities:
- spring-security-web
- spring-beans
- tomcat-embed-core
- jackson-databind
M14 - Release 0.17
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/371
Add CORS policy to Helm chart virtual service
2022-08-22T04:55:04Z
Sean Fisher
Add CORS policy to Helm chart virtual service
Sean Fisher
Sean Fisher
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/370
upgrade jakson-databind and core-lib-gcp
2022-09-10T10:41:39Z
Rustam Lotsmanenko (EPAM)
rustam_lotsmanenko@epam.com
upgrade jakson-databind and core-lib-gcp
M14 - Release 0.17
Rustam Lotsmanenko (EPAM)
rustam_lotsmanenko@epam.com
Rustam Lotsmanenko (EPAM)
rustam_lotsmanenko@epam.com
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/369
Cherry-pick 'Remove SNAPSHOT dependencies' into release/0.16
2022-08-17T09:11:39Z
David Diederich
d.diederich@opengroup.org
Cherry-pick 'Remove SNAPSHOT dependencies' into release/0.16
Original MR: !368
Original MR: !368
M13 - Release 0.16
David Diederich
d.diederich@opengroup.org
David Diederich
d.diederich@opengroup.org
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/368
Remove SNAPSHOT dependencies
2022-08-17T04:24:46Z
David Diederich
d.diederich@opengroup.org
Remove SNAPSHOT dependencies
This automated MR removes usage of `SNAPSHOT` versions in the first party library dependencies.
Since `SNAPSHOT` dependencies change frequently -- by their nature -- usage of them across projects is dangerous and should be avoided.
### ...
This automated MR removes usage of `SNAPSHOT` versions in the first party library dependencies.
Since `SNAPSHOT` dependencies change frequently -- by their nature -- usage of them across projects is dangerous and should be avoided.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 45ee5835fd1c5e522c70016d7f03f6fd0066563f
Maven: 0.17.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ---------------- |
| core-lib-azure | 0.14.0-rc2 | 0.6.1 |
| core-lib-gcp | 0.15.0 | |
| os-core-lib-aws | 0.16.0-SNAPSHOT | 0.13.0, 0.3.16 |
| obm | 0.15.0 | |
| oqm | 0.15.0 | |
| os-core-common | 0.13.0 | 0.13.0 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2, 0.7.0 |
| os-schema-core | 0.17.0-SNAPSHOT | 0.16.0-SNAPSHOT |
| os-schema-test-anthos | | 0.17.0-SNAPSHOT |
| os-schema-test-gcp | | 0.17.0-SNAPSHOT |
| osm | 0.15.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2, 2.11.4 | 2.13.2.2, 2.11.3 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22 | 5.3.22 |
```
Critical: Found Vulnerable Jackson Databind dependency (<2.12.6.1 || >=2.13.0 <2.13.2.1)
├─ _Root_
│ └─ org.opengroup.osdu.os-schema-gcp == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-schema-core == 0.17.0-SNAPSHOT
│ └─ com.fasterxml.jackson.core.jackson-databind == 2.11.4
└─ testing/
└─ org.opengroup.osdu.schema-test-azure == 0.17.0-SNAPSHOT
└─ org.opengroup.osdu.os-schema-core == 0.16.0-SNAPSHOT
└─ com.fasterxml.jackson.core.jackson-databind == 2.11.3
```
```
Critical: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.os-schema-azure == 0.17.0-SNAPSHOT
└─ com.azure.spring.azure-spring-boot-starter-active-directory == 3.4.0
└─ org.springframework.boot.spring-boot-starter-webflux == 2.4.12
└─ org.springframework.spring-webflux == 5.3.12
```
### Dependency Information After the Upgrade
```
Branch: remove-snapshot-dependencies
SHA: 56a9a5d20aceb322f62ce5d4827bcc7cd6a44380
Maven: 0.17.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ---------------- |
| core-lib-azure | 0.14.0-rc2 | 0.6.1 |
| core-lib-gcp | 0.15.0 | |
| os-core-lib-aws | 0.16.1 | 0.13.0, 0.3.16 |
| obm | 0.15.0 | |
| oqm | 0.15.0 | |
| os-core-common | 0.13.0 | 0.13.0 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2, 0.7.0 |
| os-schema-core | 0.17.0-SNAPSHOT | 0.16.0-SNAPSHOT |
| os-schema-test-anthos | | 0.17.0-SNAPSHOT |
| os-schema-test-gcp | | 0.17.0-SNAPSHOT |
| osm | 0.15.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2, 2.11.4 | 2.13.2.2, 2.11.3 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22 | 5.3.22 |
```
Critical: Found Vulnerable Jackson Databind dependency (<2.12.6.1 || >=2.13.0 <2.13.2.1)
├─ _Root_
│ └─ org.opengroup.osdu.os-schema-gcp == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-schema-core == 0.17.0-SNAPSHOT
│ └─ com.fasterxml.jackson.core.jackson-databind == 2.11.4
└─ testing/
└─ org.opengroup.osdu.schema-test-azure == 0.17.0-SNAPSHOT
└─ org.opengroup.osdu.os-schema-core == 0.16.0-SNAPSHOT
└─ com.fasterxml.jackson.core.jackson-databind == 2.11.3
```
```
Critical: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.os-schema-azure == 0.17.0-SNAPSHOT
└─ com.azure.spring.azure-spring-boot-starter-active-directory == 3.4.0
└─ org.springframework.boot.spring-boot-starter-webflux == 2.4.12
└─ org.springframework.spring-webflux == 5.3.12
```
M13 - Release 0.16
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/367
Update aws condition from 'true' to '1'
2022-08-17T14:56:12Z
Yifei Xu
Update aws condition from 'true' to '1'
M14 - Release 0.17
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/366
Merge branch 'jackson-databind-fix' into 'master'
2022-08-12T20:43:11Z
Ashwani Pandey
Merge branch 'jackson-databind-fix' into 'master'
fixing jackson databind issue
See merge request osdu/platform/system/schema-service!365
(cherry picked from commit 45ee5835fd1c5e522c70016d7f03f6fd0066563f)
6e7bfc03 fixing jackson databind issue
fixing jackson databind issue
See merge request osdu/platform/system/schema-service!365
(cherry picked from commit 45ee5835fd1c5e522c70016d7f03f6fd0066563f)
6e7bfc03 fixing jackson databind issue
M13 - Release 0.16
David Diederich
d.diederich@opengroup.org
Debasis Chatterjee
Chad Leong
David Diederich
d.diederich@opengroup.org
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/365
fixing jackson databind issue
2022-09-10T10:47:06Z
Ashwani Pandey
fixing jackson databind issue
fixing jackson databind issue
fixing jackson databind issue
M13 - Release 0.16
Ashwani Pandey
Ashwani Pandey
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/364
Merge branch 'shrikgar-master-patch-30375' into 'master'
2022-08-11T20:10:15Z
Shrikant Garg
Merge branch 'shrikgar-master-patch-30375' into 'master'
Update devops/ibm/bootstrap.yaml
See merge request osdu/platform/system/schema-service!363
(cherry picked from commit c1c809d22d08f688bf27cd62f3c66093495dd30b)
da249c39 Update devops/ibm/bootstrap.yaml
Update devops/ibm/bootstrap.yaml
See merge request osdu/platform/system/schema-service!363
(cherry picked from commit c1c809d22d08f688bf27cd62f3c66093495dd30b)
da249c39 Update devops/ibm/bootstrap.yaml
M13 - Release 0.16
David Diederich
d.diederich@opengroup.org
Chad Leong
David Diederich
d.diederich@opengroup.org
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/363
Update devops/ibm/bootstrap.yaml
2022-08-11T10:38:48Z
Shrikant Garg
Update devops/ibm/bootstrap.yaml
M13 - Release 0.16
Shrikant Garg
Shrikant Garg
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/362
Cherry-pick 'update to DD schema repo SHA 8b96be9fb00a80374db4ab9129db16f68e9...
2022-08-11T18:11:20Z
David Diederich
d.diederich@opengroup.org
Cherry-pick 'update to DD schema repo SHA 8b96be9fb00a80374db4ab9129db16f68e9c8e11 2022-07-22' into release/0.16
Original MR: !344
Original MR: !344
M13 - Release 0.16
David Diederich
d.diederich@opengroup.org
David Diederich
d.diederich@opengroup.org
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/361
Merge branch 'IBM-Jackson-upgrade' into 'master'
2022-08-11T18:11:09Z
Ashwani Pandey
Merge branch 'IBM-Jackson-upgrade' into 'master'
jackson-databind version upgrade
See merge request osdu/platform/system/schema-service!360
(cherry picked from commit 4f79bcdbd859aafd8244f636aa5fb2c76e0023f9)
7930a0d8 jackson-databind version upgrade
jackson-databind version upgrade
See merge request osdu/platform/system/schema-service!360
(cherry picked from commit 4f79bcdbd859aafd8244f636aa5fb2c76e0023f9)
7930a0d8 jackson-databind version upgrade
M13 - Release 0.16
David Diederich
d.diederich@opengroup.org
Debasis Chatterjee
Chad Leong
David Diederich
d.diederich@opengroup.org
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/360
jackson-databind version upgrade
2023-08-18T21:55:21Z
Ashwani Pandey
jackson-databind version upgrade
jackson-databind version upgrade
jackson-databind version upgrade
M14 - Release 0.17
Ashwani Pandey
Ashwani Pandey
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/359
The M12 fixes.
2022-08-10T10:49:42Z
Akshat Joshi
The M12 fixes.
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/358
Cherry-pick 'Remove schema-reference from .fossa-yml modules' into release/0.16
2022-08-10T17:23:45Z
David Diederich
d.diederich@opengroup.org
Cherry-pick 'Remove schema-reference from .fossa-yml modules' into release/0.16
Original MR: !357
Original MR: !357
M13 - Release 0.16
David Diederich
d.diederich@opengroup.org
David Diederich
d.diederich@opengroup.org
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/357
Remove schema-reference from .fossa-yml modules
2022-09-25T13:24:38Z
David Diederich
d.diederich@opengroup.org
Remove schema-reference from .fossa-yml modules
The reference module was removed in !343, but the fossa configuration was missed. As a result, the
`fossa-analyze` steps were failing, unable to list dependencies in the non-existent project.
The reference module was removed in !343, but the fossa configuration was missed. As a result, the
`fossa-analyze` steps were failing, unable to list dependencies in the non-existent project.
M13 - Release 0.16
David Diederich
d.diederich@opengroup.org
David Diederich
d.diederich@opengroup.org