Schema merge requests
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests
2023-05-13T05:06:36Z
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/396
Draft: Fix/gcp bootstrap job
2023-05-13T05:06:36Z
Aliaksandr Ramanovich (EPAM)
Draft: Fix/gcp bootstrap job
Debug and fix for osdu-gcp-containerize-bootstrap job
Debug and fix for osdu-gcp-containerize-bootstrap job
Aliaksandr Ramanovich (EPAM)
Aliaksandr Ramanovich (EPAM)
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/489
Schema Resiliency Enhacements
2023-05-18T11:44:08Z
Chahat Kumar
Schema Resiliency Enhacements
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/493
Draft: reverted the changes made in MR 469
2023-05-19T09:41:23Z
Deepa Kumari
Draft: reverted the changes made in MR 469
Deepa Kumari
Deepa Kumari
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/474
Full Upgrade of First Party Library Dependencies for Release 0.20
2023-05-22T15:50:40Z
David Diederich
d.diederich@opengroup.org
Full Upgrade of First Party Library Dependencies for Release 0.20
This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will ...
This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will often fail, since the upgrades were previously rejected for failing pipelines and have not been directly addressed yet.
This upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
This MR may co-exist with a separate, smaller upgrade MR.
If both pass, this one should be used instead.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: c6bc65a3773a3d009e7e9e2d7e3ac72cc663ad49
Maven: 0.21.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ---------------- | ---------- |
| core-lib-azure | 0.14.0-rc2 | 0.6.1 |
| core-lib-gcp | 0.19.0-rc3 | |
| os-core-lib-aws | 0.21.0-rc1 | 0.13.0 |
| obm | 0.18.0 | |
| oqm | 0.18.0 | |
| os-core-common | 0.19.0-rc6 | 0.19.0-rc6 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| osm | 0.18.0 | |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.yaml.snakeyaml | 1.30, 1.33, 1.26 | 1.30 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.springdoc.springdoc-openapi-ui == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-webmvc-core == 1.6.14
│ │ └─ org.springdoc.springdoc-openapi-common == 1.6.14
│ │ └─ org.springframework.boot.spring-boot-autoconfigure == 2.7.7
│ │ └─ io.swagger.core.v3.swagger-core == 2.2.7
│ │ └─ org.yaml.snakeyaml == 1.30
│ ├─ org.opengroup.osdu.os-schema-core == 0.21.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.os-schema-aws == 0.21.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-test == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.os-schema-gc == 0.21.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-test == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.os-schema-ibm == 0.21.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ │ └─ org.yaml.snakeyaml == 1.33
│ └─ org.opengroup.osdu.os-schema-azure == 0.21.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-test == 2.4.12
│ └─ org.springframework.boot.spring-boot-starter == 2.4.12
│ └─ org.yaml.snakeyaml == 1.26
└─ testing/
└─ org.opengroup.osdu.schema-test-core == 0.21.0-SNAPSHOT
└─ org.opengroup.osdu.os-schema-core == 0.21.0-SNAPSHOT
└─ org.springframework.boot.spring-boot-starter-web == 2.7.7
└─ org.springframework.boot.spring-boot-starter == 2.7.7
└─ org.yaml.snakeyaml == 1.30
```
```
Critical: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.os-schema-azure == 0.21.0-SNAPSHOT
└─ org.springframework.boot.spring-boot-starter-webflux == 2.6.6
└─ org.springframework.spring-webflux == 5.3.12
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-3
SHA: 79045808c04ca813e2d4e8374cb8514c5358821f
Maven: 0.21.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------ | ---------- | ---------- |
| core-lib-azure | 0.20.0 | 0.20.0 |
| core-lib-gc | 0.20.0 | |
| os-core-lib-aws | 0.21.0-rc2 | 0.21.0-rc2 |
| obm | 0.20.0 | |
| oqm | 0.20.0 | |
| os-core-common | 0.20.1 | 0.20.1 |
| os-core-lib-ibm | 0.20.0 | 0.20.0 |
| osm | 0.20.0 | |
| (3rd Party) org.yaml.snakeyaml | 1.30, 2.0 | 2.0 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
└─ _Root_
└─ org.springdoc.springdoc-openapi-ui == 1.6.14
└─ org.springdoc.springdoc-openapi-webmvc-core == 1.6.14
└─ org.springdoc.springdoc-openapi-common == 1.6.14
└─ org.springframework.boot.spring-boot-autoconfigure == 2.7.7
└─ io.swagger.core.v3.swagger-core == 2.2.7
└─ org.yaml.snakeyaml == 1.30
```
M18 - Release 0.21
Srinivasan Narayanan
Srinivasan Narayanan
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/481
Updated mappers.
2023-06-05T13:34:19Z
Riabokon Stanislav(EPAM)[GCP]
Updated mappers.
Riabokon Stanislav(EPAM)[GCP]
Riabokon Stanislav(EPAM)[GCP]
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/494
Reverted the changes made in MR 469
2023-06-05T14:58:20Z
Deepa Kumari
Reverted the changes made in MR 469
M19 - Release 0.22
Deepa Kumari
Deepa Kumari
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/513
Fix instance name
2023-06-29T15:34:31Z
Aleh Shubko [EPAM]
Fix instance name
M19 - Release 0.22
Madalyn Marabella
Madalyn Marabella
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/505
Updated Maven dependency
2023-07-05T13:39:49Z
Shreya Shah
Updated Maven dependency
# Fixes :
https://community.opengroup.org/osdu/platform/system/schema-service/-/security/vulnerabilities/19973
https://community.opengroup.org/osdu/platform/system/schema-service/-/security/vulnerabilities/21551
# Issues :
https://commu...
# Fixes :
https://community.opengroup.org/osdu/platform/system/schema-service/-/security/vulnerabilities/19973
https://community.opengroup.org/osdu/platform/system/schema-service/-/security/vulnerabilities/21551
# Issues :
https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/166
https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/167
M19 - Release 0.22
Shreya Shah
Shreya Shah
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/517
Syncing AWS Code Commit to Gitlab
2023-07-06T22:03:14Z
Solomon Ayalew
Syncing AWS Code Commit to Gitlab
Syncing AWS Code changes to Gitlab
Syncing AWS Code changes to Gitlab
Solomon Ayalew
Solomon Ayalew
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/518
GONRG-7492: fix helm version
2023-07-19T07:33:28Z
Yauheni Rykhter (EPAM)
GONRG-7492: fix helm version
M20 - Release 0.23
Yauheni Rykhter (EPAM)
Yauheni Rykhter (EPAM)
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/527
Draft: Az/ss refactoring
2023-07-21T09:59:13Z
Shreya Shah
Draft: Az/ss refactoring
Shreya Shah
Shreya Shah
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/528
Draft: Refactored code
2023-07-25T07:51:45Z
Shreya Shah
Draft: Refactored code
Shreya Shah
Shreya Shah
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/531
Trusted schematestresiliency2
2023-07-26T11:34:33Z
Abhiram Bondada
Trusted schematestresiliency2
Abhiram Bondada
Abhiram Bondada
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/449
Adding logs to schema service - latency issues (PBI - 9012)
2023-08-25T22:29:13Z
Abhiram Bondada
Adding logs to schema service - latency issues (PBI - 9012)
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/423
Upgrade schema service for the corelib changes
2023-08-25T22:29:16Z
Nishant Vidyasagar
Upgrade schema service for the corelib changes
Nishant Vidyasagar
Nishant Vidyasagar
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/544
Draft: resolving netty dependency issue.
2023-09-04T02:05:08Z
Nishant Vidyasagar
Draft: resolving netty dependency issue.
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/543
Draft: Removing netty depedendcy
2023-09-04T02:05:21Z
Nishant Vidyasagar
Draft: Removing netty depedendcy
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/550
Fix s360 vulnerabilities on m18
2023-09-06T16:53:54Z
Christophe Mongin
Fix s360 vulnerabilities on m18
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/556
Draft: Introduce variable for java version
2023-09-21T04:57:25Z
saketh somaraju
Draft: Introduce variable for java version
* This MR introduces a variable to manage java version in azure ci-cd job and removes redundant `azure_test` inheritance
* This change would help in configuring azure integration test seamlessly
* This MR introduces a variable to manage java version in azure ci-cd job and removes redundant `azure_test` inheritance
* This change would help in configuring azure integration test seamlessly
M21 - Release 0.24
saketh somaraju
saketh somaraju
https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/560
Draft: vulnerability fixes
2023-09-26T16:16:55Z
VidyaDharani Lokam
Draft: vulnerability fixes
M21 - Release 0.24
VidyaDharani Lokam
VidyaDharani Lokam