Storage merge requestshttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests2020-09-30T21:27:10Zhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/75WIP: trying out $MAVEN instead of mvn2020-09-30T21:27:10ZNicholas KarskyWIP: trying out $MAVEN instead of mvntesting out using $MAVEN instead of mvn because some r3 services need $MAVENtesting out using $MAVEN instead of mvn because some r3 services need $MAVENNicholas KarskyNicholas Karskyhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/83WIP: Mongodb integration2020-11-23T04:42:43ZAleh Shubko [EPAM]WIP: Mongodb integrationAdd MongoDB integrationAdd MongoDB integrationAleh Shubko [EPAM]Aleh Shubko [EPAM]https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/137WIP: (GONRG-1838) GCP cannot retrieve a record with space2021-03-03T02:48:14ZIgor Filippov (EPAM)WIP: (GONRG-1838) GCP cannot retrieve a record with spaceThere is a **core** issue with record IDs that contain encrypted space symbols (%20):
**Create record RQ:**
```
curl --location --request PUT 'https://os-storage-attcrcktoa-uc.a.run.app/api/storage/v2/records' \
--header 'Data-Partition...There is a **core** issue with record IDs that contain encrypted space symbols (%20):
**Create record RQ:**
```
curl --location --request PUT 'https://os-storage-attcrcktoa-uc.a.run.app/api/storage/v2/records' \
--header 'Data-Partition-ID: osdu' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data-raw '[{
"id": "osdu:work-product-component--WellboreMarkerSet:Some%20Text",
...
}]'
```
**Get record RQ:**
```
curl --location --request GET 'https://os-storage-attcrcktoa-uc.a.run.app/api/storage/v2/records/osdu:work-product-component--WellboreMarkerSet:Some%20Text' \
--header 'Data-Partition-ID: osdu' \
--header 'Authorization: Bearer <token>'
```
**Get record RS:**
```
{
"code": 400,
"reason": "Validation error.",
"message": "getLatestRecordVersion.id: Not a valid record id. Found: osdu:work-product-component--WellboreMarkerSet:Some Text"
}
```
**Expected Result**
1. I should be able to retrieve it by ID that was used during record creation
**Actual Result**
2. Its not possible to retrieve the record after
## Type of change
- [X] Bug Fix
- [ ] Feature
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [ ] GCP
- [ ] IBM
- [x] Core
## Does this introduce a breaking change?
- [NO]
## What is the current behavior?
It is impossible to retrieve record from the Storage service
## What is the new/expected behavior?
It is possible to retrieve record from the Storage service
## Have you added/updated Unit Tests and Integration Tests?
- [NO]Dmitriy RudkoRostislav Dublin (EPAM)Dmitriy Rudkohttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/117WIP: Fixing ADO pipeline to only build azure provider code2021-04-26T15:55:13ZJasonWIP: Fixing ADO pipeline to only build azure provider code# Merge request template
Currently azure pipeline is passing in the option "-P storage-azure" when building the provider code and "-P storage-core" when building the core code. The -P flag is meant to indicate what profile to activate. I...# Merge request template
Currently azure pipeline is passing in the option "-P storage-azure" when building the provider code and "-P storage-core" when building the core code. The -P flag is meant to indicate what profile to activate. Instead, we want to be using the -pl argument, which indicates which modules should be built.JasonJasonhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/113WIP: Azure Parallelizing Writes2021-01-20T03:27:32ZJasonWIP: Azure Parallelizing Writes# Merge request template# Merge request templatehttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/760Vulnerability fixes2023-09-08T19:32:34ZNathan StrelserVulnerability fixes# Merge request template# Merge request templateNathan StrelserNathan Strelserhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/441Vars for anthos int tests [GONRG-5170]2022-06-23T12:54:23ZMikhail Piatliou (EPAM)Vars for anthos int tests [GONRG-5170]Rewrite variables for Storage service account for int tests on anthos.
No-access-sa for Storage tests should not have any permissions, meanwhile, common no-access-sa already has.Rewrite variables for Storage service account for int tests on anthos.
No-access-sa for Storage tests should not have any permissions, meanwhile, common no-access-sa already has.Mikhail Piatliou (EPAM)Mikhail Piatliou (EPAM)https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/211Use latest core-lib-azure release candidate2021-06-22T16:41:09ZAlok JoshiUse latest core-lib-azure release candidatePlease see [this MR](https://community.opengroup.org/osdu/platform/system/lib/cloud/azure/os-core-lib-azure/-/merge_requests/109) for more detailsPlease see [this MR](https://community.opengroup.org/osdu/platform/system/lib/cloud/azure/os-core-lib-azure/-/merge_requests/109) for more detailsAlok JoshiAlok Joshihttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/544upgrading vulnerable dependencies2022-11-22T11:54:45ZAshwani Pandeyupgrading vulnerable dependenciesUpgraded dependencies to fix below vulnerabilities:
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21875
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21...Upgraded dependencies to fix below vulnerabilities:
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21875
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21868
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21867
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18898
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18896
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18894
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18892
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18886
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18885
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18883
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18880
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18879
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18875
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/18874
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24810
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24803
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24798
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24797
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24795
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24794
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24253
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24251
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24250
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24249
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/24246
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21874
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21860
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21857
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21851
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21294
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/21293
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/20014
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/20013
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/20011
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/20006
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/19440
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/19436
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/16483
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/16482
https://community.opengroup.org/osdu/platform/system/storage/-/security/vulnerabilities/12481M15 - Release 0.18Ashwani PandeyAshwani Pandeyhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/558Upgrading storage service upgrade for the core library dependencies2023-05-13T05:06:02ZNishant VidyasagarUpgrading storage service upgrade for the core library dependencies# Merge request template# Merge request templateNishant VidyasagarNishant Vidyasagarhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/557Upgrading storage service for the core library dependencies2023-05-13T05:06:00ZNishant VidyasagarUpgrading storage service for the core library dependencies# Merge request template# Merge request templateNishant VidyasagarNishant Vidyasagarhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/70Upgrading core-lib-azure version2021-02-03T10:06:18ZAbhishek PatilUpgrading core-lib-azure version- Upgrading the version of dependency `core-lib-azure` to latest 0.0.29.
- Removed TenantFactoryImpl class and using the same from core-lib-azure.- Upgrading the version of dependency `core-lib-azure` to latest 0.0.29.
- Removed TenantFactoryImpl class and using the same from core-lib-azure.Abhishek PatilAbhishek Patilhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/461Upgrade spring-webmvc.2022-07-28T14:52:47ZMorris EstepaUpgrade spring-webmvc.# Merge request template# Merge request templateMorris EstepaMorris Estepahttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/537Upgrade spring-security-core2022-10-26T18:34:10ZXiangliang MengUpgrade spring-security-coreOkoun-Ola Fabien HouetoXiangliang MengOkoun-Ola Fabien Houetohttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/706Upgrade First Party Library Dependencies for Release 0.212023-06-06T05:28:28ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.21This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 2d73acb53394eab3f18c5f95b4ac884577614b14
Maven: 0.22.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------------- | ---------------------- |
| core-lib-azure | 0.21.0-rc1 | |
| core-lib-gc | 0.21.0-rc4 | |
| os-core-lib-aws | 0.21.0-rc5 | 0.21.0-rc5 |
| obm | 0.21.0-rc2 | |
| oqm | 0.21.0-rc5 | |
| os-core-common | 0.20.0-rc3, 0.21.0-rc4 | 0.13.0, 0.18.0-rc3 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.21.0-rc3 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.springframework.spring-webmvc | 5.3.26, 5.3.22 | 5.3.12, 5.3.24, 5.3.22 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.27, 1.30 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-2
SHA: 214d0a50d2b6a517b23600aeb6e0f6f447d19488
Maven: 0.22.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ------------------ | ---------------------- |
| core-lib-azure | 0.21.0 | |
| core-lib-gc | 0.21.0 | |
| os-core-lib-aws | 0.21.0 | 0.21.0 |
| obm | 0.21.0 | |
| oqm | 0.21.0 | |
| os-core-common | 0.20.0-rc3, 0.21.0 | 0.13.0, 0.18.0-rc3 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.21.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.springframework.spring-webmvc | 5.3.26, 5.3.22 | 5.3.12, 5.3.24, 5.3.22 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.27, 1.30 |M18 - Release 0.21https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/612Upgrade First Party Library Dependencies for Release 0.192023-02-18T07:31:17ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.19This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 6ccebc445eb48ac1a19bc5fdf305017c14df1dee
Maven: 0.20.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------- | ------------------ |
| core-lib-azure | 0.19.0-rc5 | |
| core-lib-gcp | 0.19.0-rc5 | |
| os-core-lib-aws | 0.17.0 | 0.14.0-rc2 |
| obm | 0.19.0-rc4 | |
| oqm | 0.18.0 | |
| os-core-common | 0.19.0-rc3 | 0.13.0, 0.18.0-rc3 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.18.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.springframework.spring-webflux | 5.3.22 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22 | 5.3.12, 5.3.22 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-3
SHA: 1fade6d667e0d7beffe7311810be98e5b6ba4a4c
Maven: 0.20.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------- | ------------------ |
| core-lib-azure | 0.19.0 | |
| core-lib-gcp | 0.19.0 | |
| os-core-lib-aws | 0.17.0 | 0.14.0-rc2 |
| obm | 0.19.0 | |
| oqm | 0.19.0 | |
| os-core-common | 0.19.0 | 0.13.0, 0.18.0-rc3 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.19.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.springframework.spring-webflux | 5.3.24 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22 | 5.3.12, 5.3.22 |M16 - Release 0.19https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/576Upgrade First Party Library Dependencies for Release 0.182022-12-13T12:39:56ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.18This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: c1c1bb933139f1688717d5d1e30cc871fb43fe94
Maven: 0.19.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------------------------- | ------------------ |
| core-lib-azure | 0.18.0-rc4 | |
| core-lib-gcp | 0.18.0-rc4 | |
| os-core-lib-aws | 0.17.0 | 0.14.0-rc2 |
| obm | 0.18.0-rc3 | |
| oqm | 0.18.0-rc1 | |
| os-core-common | 0.19.0-rc1, 0.17.0-X-COLLABORATION | 0.13.0, 0.18.0-rc3 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.18.0-rc2 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.4.1 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.springframework.spring-webflux | 5.3.22 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22 | 5.3.12, 5.3.22 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-2
SHA: d26198684e213fde02f56b52a99c513541705b43
Maven: 0.19.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ------------------ | --------------- |
| core-lib-azure | 0.19.0-rc1 | |
| core-lib-gcp | 0.18.0 | |
| os-core-lib-aws | 0.18.0 | 0.14.0-rc2 |
| obm | 0.18.0 | |
| oqm | 0.18.0 | |
| os-core-common | 0.19.0-rc1, 0.18.0 | 0.13.0, 0.18.0 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.18.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.4.1 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.springframework.spring-webflux | 5.3.22 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22 | 5.3.12, 5.3.22 |M15 - Release 0.18https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/519Upgrade First Party Library Dependencies for Release 0.172022-10-05T04:19:11ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.17This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 6ec9310964002206df5220858db5167665b2f17e
Maven: 0.17.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------------- | --------------- |
| core-lib-azure | 0.17.0-rc14 | |
| core-lib-gcp | 0.16.0-rc1 | |
| os-core-lib-aws | 0.17.0-SNAPSHOT | 0.14.0-rc2 |
| obm | 0.15.0 | |
| oqm | 0.15.0 | |
| os-core-common | 0.17.0-rc3, 0.15.0 | 0.13.0 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.13.0 |
| osm | 0.15.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22, 5.1.19.RELEASE | 5.3.12 |
```
Warning: Found Vulnerable Spring MVC dependency (<5.2.20 || >=5.3.0 <5.3.18)
├─ _Root_
│ ├─ org.opengroup.osdu.storage-byoc == 0.17.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.storage-core == 0.17.0-SNAPSHOT
│ │ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
│ └─ org.opengroup.osdu.storage-ibm == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.storage-core == 0.17.0-SNAPSHOT
│ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
└─ testing/
├─ org.opengroup.osdu.storage.storage-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
├─ org.opengroup.osdu.storage.storage-test-aws == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
├─ org.opengroup.osdu.storage.storage-test-azure == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.storage.storage-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
├─ org.opengroup.osdu.storage.storage-test-gcp == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.storage.storage-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
├─ org.opengroup.osdu.storage.storage-test-ibm == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
└─ org.opengroup.osdu.storage.storage-test-anthos == 0.17.0-SNAPSHOT
└─ org.opengroup.osdu.storage.storage-test-core == 0.17.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.13.0
└─ org.springframework.boot.spring-boot-starter-web == 2.4.12
└─ org.springframework.spring-webmvc == 5.3.12
```
```
Warning: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.storage-azure == 0.17.0-SNAPSHOT
└─ com.azure.spring.azure-spring-boot-starter-active-directory == 3.4.0
└─ org.springframework.boot.spring-boot-starter-webflux == 2.4.12
└─ org.springframework.spring-webflux == 5.3.12
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: 3a533470607042065c919eac99b632a30a23a955
Maven: 0.17.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------------- | --------------- |
| core-lib-azure | 0.17.0 | |
| core-lib-gcp | 0.16.0-rc1 | |
| os-core-lib-aws | 0.17.0 | 0.14.0-rc2 |
| obm | 0.15.0 | |
| oqm | 0.15.0 | |
| os-core-common | 0.17.0, 0.15.0 | 0.13.0 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.13.0 |
| osm | 0.15.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.springframework.spring-webflux | 5.3.22 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22, 5.1.19.RELEASE | 5.3.12 |
```
Warning: Found Vulnerable Spring MVC dependency (<5.2.20 || >=5.3.0 <5.3.18)
├─ _Root_
│ ├─ org.opengroup.osdu.storage-byoc == 0.17.0-SNAPSHOT
│ │ └─ org.opengroup.osdu.storage-core == 0.17.0-SNAPSHOT
│ │ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
│ └─ org.opengroup.osdu.storage-ibm == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.storage-core == 0.17.0-SNAPSHOT
│ └─ org.springframework.spring-webmvc == 5.1.19.RELEASE
└─ testing/
├─ org.opengroup.osdu.storage.storage-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
├─ org.opengroup.osdu.storage.storage-test-aws == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
├─ org.opengroup.osdu.storage.storage-test-azure == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.storage.storage-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
├─ org.opengroup.osdu.storage.storage-test-gcp == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.storage.storage-test-core == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
├─ org.opengroup.osdu.storage.storage-test-ibm == 0.17.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-core-common == 0.13.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.4.12
│ └─ org.springframework.spring-webmvc == 5.3.12
└─ org.opengroup.osdu.storage.storage-test-anthos == 0.17.0-SNAPSHOT
└─ org.opengroup.osdu.storage.storage-test-core == 0.17.0-SNAPSHOT
└─ org.opengroup.osdu.os-core-common == 0.13.0
└─ org.springframework.boot.spring-boot-starter-web == 2.4.12
└─ org.springframework.spring-webmvc == 5.3.12
```M14 - Release 0.17https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/473Upgrade First Party Library Dependencies for Release 0.162022-08-16T17:37:37ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.16This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 81d0effb3471324e34d4da936d5d14e65993bb3b
Maven: _Errors while building due to missing SNAPSHOT libraries_
```
**Note:** The main build artifacts couldn't be built or scanned, because they are still depending on `0.15.0-SNAPSHOT` of `os-core-common` and `os-core-azure`.
| Maven Dependencies | provider/storage-aws/src/main/ComplianceTrigger/ComplianceTriggerFunction/ComplianceTriggerFunction/ | testing/ |
| ------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | --------------- |
| os-core-lib-aws | 0.14.0-rc2 | 0.14.0-rc2 |
| os-core-common | 0.13.0 | 0.13.0 |
| os-core-lib-ibm | | 0.13.0 |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.6.7.2 | 2.8.1, 2.13.2.2 |
| (3rd Party) net.minidev.json-smart | | 2.3, 2.4.7 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.13.3 | 2.17.1 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.13.3 | 2.17.1 |
| (3rd Party) org.springframework.spring-webmvc | 5.3.12 | 5.3.12 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: ac4f051c26da3c97b0e37ad6fb3a8e1c3653deb8
Maven: 0.17.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | provider/storage-aws/src/main/ComplianceTrigger/ComplianceTriggerFunction/ComplianceTriggerFunction/ | testing/ |
| ------------------------------------------------------- | ---------------------- | ---------------------------------------------------------------------------------------------------- | --------------- |
| core-lib-azure | 0.16.0 | | |
| core-lib-gcp | 0.16.0 | | |
| os-core-lib-aws | 0.16.1 | 0.14.0-rc2 | 0.14.0-rc2 |
| obm | 0.16.0 | | |
| oqm | 0.16.0 | | |
| os-core-common | 0.16.0 | 0.13.0 | 0.13.0 |
| os-core-lib-ibm | 0.16.0 | | 0.13.0 |
| osm | 0.16.0 | | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.6.7.2 | 2.8.1, 2.13.2.2 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | | 2.3, 2.4.7 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3 | 2.17.1 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.13.3 | 2.17.1 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22, 5.1.19.RELEASE | 5.3.12 | 5.3.12 |
```
Critical: Found Vulnerable Spring MVC dependency (<5.2.20 || >=5.3.0 <5.3.18)
Critical: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
```M13 - Release 0.16https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/432Upgrade First Party Library Dependencies for Release 0.152022-06-17T14:55:31ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.15This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 2daa9f91b8ea3554298a4568e9662057ce8f9979
Maven: 0.15.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | provider/storage-aws/src/main/ComplianceTrigger/ComplianceTriggerFunction/ComplianceTriggerFunction/ | testing/ |
| ------------------------------------------------------- | ------------------ | ---------------------------------------------------------------------------------------------------- | ----------------- |
| core-lib-azure | 0.14.0-rc5 | | |
| core-lib-gcp | 0.15.0-rc3, 0.13.0 | | |
| os-core-lib-aws | 0.14.0-rc2, 0.3.8 | 0.14.0-rc2 | 0.14.0-rc2, 0.3.8 |
| obm | 0.15.0-rc5 | | |
| oqm | 0.15.0-rc2 | | |
| os-core-common | 0.15.0-SNAPSHOT | 0.13.0 | 0.13.0 |
| os-core-lib-ibm | 0.15.0-rc2 | | 0.13.0 |
| osm | 0.15.0-rc5 | | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.6.7.2 | 2.8.1, 2.13.2.2 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3 | 2.17.1 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.13.3 | 2.17.1 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: b3c7621d5d93a074c19aff2ca557d282a8d380d7
Maven: 0.15.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | provider/storage-aws/src/main/ComplianceTrigger/ComplianceTriggerFunction/ComplianceTriggerFunction/ | testing/ |
| ------------------------------------------------------- | ----------------- | ---------------------------------------------------------------------------------------------------- | ----------------- |
| core-lib-azure | 0.14.0-rc5 | | |
| core-lib-gcp | 0.15.0, 0.13.0 | | |
| os-core-lib-aws | 0.14.0-rc2, 0.3.8 | 0.14.0-rc2 | 0.14.0-rc2, 0.3.8 |
| obm | 0.15.0 | | |
| oqm | 0.15.0 | | |
| os-core-common | 0.15.0 | 0.13.0 | 0.13.0 |
| os-core-lib-ibm | 0.15.1 | | 0.13.0 |
| osm | 0.15.0 | | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.6.7.2 | 2.8.1, 2.13.2.2 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3 | 2.17.1 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.13.3 | 2.17.1 |M12 - Release 0.15