Storage merge requestshttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests2024-03-28T14:31:20Zhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/862[#MSCOSDU-36924] feat: purge Record Versions API2024-03-28T14:31:20ZThulasi Dass Subramanian[#MSCOSDU-36924] feat: purge Record Versions API## Description
* Issue Reference: https://community.opengroup.org/osdu/platform/system/storage/-/issues/217 (related to Cosmos DB Throttling - Azure https://community.opengroup.org/osdu/platform/system/storage/-/issues/178)
* `Purge Rec...## Description
* Issue Reference: https://community.opengroup.org/osdu/platform/system/storage/-/issues/217 (related to Cosmos DB Throttling - Azure https://community.opengroup.org/osdu/platform/system/storage/-/issues/178)
* `Purge Record Versions`API to clean the older record version paths.
* As discussed in ADR current scope implementation is based on the `limit` parameter only.
## Changes in:
* [x] Core (Common code)
* [x] GCP
* [x] Azure
* [x] AWS
* [x] IBM
# Dev Checklist:
* [x] Added Unit Tests, for new code changes.
* [x] Added Integration Tests
* [x] Existing Tests pass
* [x] Verified functionality locally
* [x] Self Reviewed my code for formatting and complex business logic.M23 - Release 0.26Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/855Spring 6 Migration - Code changes2024-03-22T15:29:36ZGuillaume CailletSpring 6 Migration - Code changesJavax to Jakarta migration isolated into a dedicated MR: https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/854Javax to Jakarta migration isolated into a dedicated MR: https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/854M23 - Release 0.26Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/854Spring 6 Migration2024-03-25T15:29:33ZGuillaume CailletSpring 6 Migration# Merge request template# Merge request templateM23 - Release 0.26Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/843auth test cases fix2024-03-19T17:13:56ZNikhil Patilnikhil.patil5@ibm.comauth test cases fix# Merge request template# Merge request templateM23 - Release 0.26Nikhil Patilnikhil.patil5@ibm.comNikhil Patilnikhil.patil5@ibm.comhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/793Added /liveness_check (GONRG-9039)2024-01-04T14:52:35ZRiabokon Stanislav(EPAM)[GCP]Added /liveness_check (GONRG-9039)## Type of change
- [ ] Bug Fix
- [X] Feature
https://community.opengroup.org/osdu/platform/system/storage/-/issues/191
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provider ...## Type of change
- [ ] Bug Fix
- [X] Feature
https://community.opengroup.org/osdu/platform/system/storage/-/issues/191
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [x] AWS
- [x] Azure
- [x] GC
- [x] IBM
## Does this introduce a breaking change?
- [NO]
## What is the new/expected behavior?
Added /liveness_check
## Have you added/updated Unit Tests and Integration Tests?
YesM23 - Release 0.26Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/808Cherry-pick 'Full Upgrade of First Party Library Dependencies for Release 0.2...2023-12-16T10:24:13ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Full Upgrade of First Party Library Dependencies for Release 0.25' into release/0.25**Original MR**: !806
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !806
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/storage/-/pipelines/new?ref=cherry-pick-for-806)M22 - Release 0.25David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/806Full Upgrade of First Party Library Dependencies for Release 0.252023-12-15T20:06:24ZDavid Diederichd.diederich@opengroup.orgFull Upgrade of First Party Library Dependencies for Release 0.25This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will ...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will often fail, since the upgrades were previously rejected for failing pipelines and have not been directly addressed yet.
This upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
This MR may co-exist with a separate, smaller upgrade MR.
If both pass, this one should be used instead.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 47a0054bec9bb13be125f218c8f010a55af61dec
Maven: 0.26.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------- | ------------------ |
| core-lib-azure | 0.25.0-rc2 | |
| core-lib-gc | 0.24.0 | |
| os-core-lib-aws | 0.25.0-rc3 | 0.25.0-rc3 |
| obm | 0.24.0 | |
| oqm | 0.24.0 | |
| os-core-common | 0.25.0-rc3 | 0.25.0-rc3, 0.24.0 |
| os-core-lib-ibm | 0.24.0 | 0.24.0 |
| osm | 0.24.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 2.0 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: 754c7abbbd0c8cd7450616bf784b51cbf15d7c22
Maven: 0.26.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ------ | --------------- |
| core-lib-azure | 0.25.0 | |
| core-lib-gc | 0.25.0 | |
| os-core-lib-aws | 0.25.0 | 0.25.0 |
| obm | 0.25.0 | |
| oqm | 0.25.0 | |
| os-core-common | 0.25.0 | 0.25.0 |
| os-core-lib-ibm | 0.25.0 | 0.25.0 |
| osm | 0.25.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 2.0 |M22 - Release 0.25https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/792Update dependancy version to fix vulnerabilities2023-12-05T10:01:11ZSolomon AyalewUpdate dependancy version to fix vulnerabilities- pull latest version os-core-common
- fix CVE-2023-20863,CVE-2023-20883, CVE-2023-34034 and other org.springframework:spring-core/security vulnerabilities- pull latest version os-core-common
- fix CVE-2023-20863,CVE-2023-20883, CVE-2023-34034 and other org.springframework:spring-core/security vulnerabilitiesM22 - Release 0.25https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/784Cherry-pick 'Full Upgrade of First Party Library Dependencies' into release/0.242023-10-20T07:52:25ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Full Upgrade of First Party Library Dependencies' into release/0.24**Original MR**: !781
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !781
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/storage/-/pipelines/new?ref=cherry-pick-for-781)M21 - Release 0.24David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/782Cherry-pick 'Full Upgrade of First Party Library Dependencies' into release/0.242023-10-19T10:43:21ZChad LeongCherry-pick 'Full Upgrade of First Party Library Dependencies' into release/0.24**Original MR**: !773
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !773
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/storage/-/pipelines/new?ref=cherry-pick-for-773)M21 - Release 0.24David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/781Full Upgrade of First Party Library Dependencies2023-10-20T07:07:42ZChad LeongFull Upgrade of First Party Library DependenciesThis generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the C...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the CI pipeline reports success.
If this MR has failed, we need to work with the maintainers and affected provider teams to find a solution.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 45a9f988aeed17fdf4efd590ad065be923c0eba5
Maven: 0.25.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ------ | --------------- |
| core-lib-azure | 0.24.0 | |
| core-lib-gc | 0.23.1 | |
| os-core-lib-aws | 0.24.0 | 0.23.0 |
| obm | 0.24.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.24.0 | 0.24.0, 0.23.3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| osm | 0.23.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 2.0 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-2
SHA: af1c589f53396abf0d2b1ecb0dba36eabed59f95
Maven: 0.25.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ------ | --------------- |
| core-lib-azure | 0.24.0 | |
| core-lib-gc | 0.24.0 | |
| os-core-lib-aws | | 0.24.0 |
| obm | 0.24.0 | |
| oqm | 0.24.0 | |
| os-core-common | 0.24.0 | 0.24.0 |
| os-core-lib-ibm | | 0.24.0 |
| osm | 0.24.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 2.0 |M21 - Release 0.24https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/773Full Upgrade of First Party Library Dependencies2023-10-19T10:42:56ZChad LeongFull Upgrade of First Party Library DependenciesThis generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the C...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the CI pipeline reports success.
If this MR has failed, we need to work with the maintainers and affected provider teams to find a solution.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: e487b2ac3f8348b989c10f422959f4d4a0fef752
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------- | -------------------------- |
| core-lib-azure | 0.24.0-rc2 | |
| core-lib-gc | 0.21.0-rc4 | |
| os-core-lib-aws | 0.23.0 | 0.21.0-rc5 |
| obm | 0.21.0-rc2 | |
| oqm | 0.21.0-rc5 | |
| os-core-common | 0.23.1 | 0.23.1, 0.13.0, 0.18.0-rc3 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.21.0-rc3 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: 1b9de6fc64ca78a9fc8dc3679cc95353a61b258d
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------- | --------------- |
| core-lib-azure | 0.24.0-rc2 | |
| core-lib-gc | 0.23.1 | |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.3 | 0.23.3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| osm | 0.23.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 2.0 |M21 - Release 0.24https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/740Migration to JDK 17 (GONRG-7527)2024-01-25T13:47:33ZRiabokon Stanislav(EPAM)[GCP]Migration to JDK 17 (GONRG-7527)## Type of change
- [x] Bug Fix
- [ ] Feature
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [x] AWS
- [x] Azure
- [x] GCP
- [x] I...## Type of change
- [x] Bug Fix
- [ ] Feature
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [x] AWS
- [x] Azure
- [x] GCP
- [x] IBM
## Does this introduce a breaking change?
- [YES]
* Migration to Java 17.
* Unit test fixes with build run args and dependency upgrades.
* Refactored with Apache's `CloseableHttpClient` supporting all HTTP methods (including PATCH).M20 - Release 0.23Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/727Cherry-pick 'Override test case' into release/0.222023-07-14T11:49:14ZChad LeongCherry-pick 'Override test case' into release/0.22**Original MR**: !717
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !717
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/storage/-/pipelines/new?ref=cherry-pick-for-717)M19 - Release 0.22David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/717Override test case2023-07-14T11:42:19ZIsha KumariOverride test case# Merge request template# Merge request templateM19 - Release 0.22Isha KumariIsha Kumarihttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/658Vulnerability fix for IBM2023-03-31T09:39:34ZDevdatta SantraVulnerability fix for IBMVulnerability fix for IBM for spring, tomcat and netty libs
| CVE-2022-31692 | https://nvd.nist.gov/vuln/detail/CVE-2022-31692 |
|----------------|-------------------------------------------------|
| CVE-2022-31690 | https://nvd.nist.go...Vulnerability fix for IBM for spring, tomcat and netty libs
| CVE-2022-31692 | https://nvd.nist.gov/vuln/detail/CVE-2022-31692 |
|----------------|-------------------------------------------------|
| CVE-2022-31690 | https://nvd.nist.gov/vuln/detail/CVE-2022-31690 |
| CVE-2022-45143 | https://nvd.nist.gov/vuln/detail/CVE-2022-45143 |
| CVE-2022-41881 | https://nvd.nist.gov/vuln/detail/CVE-2022-41881 |M17 - Release 0.20Devdatta SantraDevdatta Santrahttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/600Ibm policy fix2023-01-20T15:31:43ZAshwani PandeyIbm policy fixfixing test case after enabling policyfixing test case after enabling policyM16 - Release 0.19Ashwani PandeyAshwani Pandeyhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/597Use partition based feature flag for collaboration2023-01-23T13:52:03ZLarissa PereiraUse partition based feature flag for collaboration# Merge request template# Merge request templateM16 - Release 0.19Larissa PereiraLarissa Pereirahttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/587Vulnerability fix ibm storage service2023-03-30T08:07:19ZPintu GuptaVulnerability fix ibm storage serviceFollowing CVE has been fix into this MR :
| cve | link |
|------------------|-------------------------------------------------|
| PRISMA-2022-0239 | https://github.com/square/okhtt...Following CVE has been fix into this MR :
| cve | link |
|------------------|-------------------------------------------------|
| PRISMA-2022-0239 | https://github.com/square/okhttp/issues/6738 |
| CVE-2022-42003 | https://nvd.nist.gov/vuln/detail/CVE-2022-42003 |
| CVE-2022-42004 | https://nvd.nist.gov/vuln/detail/CVE-2022-42004 |
| CVE-2022-25857 | https://nvd.nist.gov/vuln/detail/CVE-2022-25857 |
| CVE-2022-22965 | https://nvd.nist.gov/vuln/detail/CVE-2022-22965 |
| CVE-2022-25647 | https://nvd.nist.gov/vuln/detail/CVE-2022-25647 |
| CVE-2022-42252 | https://nvd.nist.gov/vuln/detail/CVE-2022-42252 |
| CVE-2022-22965 | https://nvd.nist.gov/vuln/detail/CVE-2022-22965 |M16 - Release 0.19Pintu GuptaPintu Guptahttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/660updating version of core-lib-azure2023-03-30T08:52:54ZAshwani Pandeyupdating version of core-lib-azureThis MR creating for fixing storage service build is failing in osdu devops cluster when IBM devops team doing testing with release/0.18 code.
IBM devops team reported that Storage service build is failing in devops cluster when release...This MR creating for fixing storage service build is failing in osdu devops cluster when IBM devops team doing testing with release/0.18 code.
IBM devops team reported that Storage service build is failing in devops cluster when release code is pointing to 0.18 release.
Failing due to below reason:
[ERROR] Non-resolvable import POM: Could not transfer artifact org.opengroup.osdu:os-core-common:pom:0.18.0-SNAPSHOT from/to ${repo.releases.id} (${repo.releases.url}): Cannot access ${repo.releases.url} with type default using the available connector factories: BasicRepositoryConnectorFactory @ org.opengroup.osdu:core-lib-azure:0.18.0-recordsevent, /tmp/artifacts/m2/org/opengroup/osdu/**core-lib-azure/0.18.0-recordsevent/core-lib-azure-0.18.0-recordsevent.pom**, line 94, column 19
To fix this issue I have upgraded osdu:core-lib-azure version to 0.18.1 :
`<osdu.corelibazure.version>0.18.1</osdu.corelibazure.version>`
For reference, please see on changes.M15 - Release 0.18Ashwani PandeyAshwani Pandey