Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated org.apache.shiro from 1.6.0 to 1.7.1 to eliminate identified vulnerabilities #1776

Merged
merged 1 commit into from
Feb 11, 2021
Merged

Updated org.apache.shiro from 1.6.0 to 1.7.1 to eliminate identified vulnerabilities #1776

merged 1 commit into from
Feb 11, 2021

Conversation

ssuvorov-fls
Copy link
Contributor

@ssuvorov-fls ssuvorov-fls commented Feb 9, 2021
edited
Loading

fixes #1773

@ssuvorov-fls ssuvorov-fls added this to the V2.8.1 milestone Feb 9, 2021
@anton-abushkevich anton-abushkevich merged commit 1f4bd79 into master Feb 11, 2021
@delete-merged-branch delete-merged-branch bot deleted the issue-1773-change_version_shiro branch February 11, 2021 18:10
chrisknoll pushed a commit that referenced this pull request Feb 16, 2021
@ssuvorov-fls @chrisknoll
Updated org.apache.shiro from 1.6.0 to 1.7.1 to eliminate identified …
bce083d 
…vulnerabilities (#1759) (#1776)

Co-authored-by: Sergey Suvorov <[email protected]>
anton-abushkevich added a commit that referenced this pull request Feb 17, 2021
@ssuvorov-fls @chrisknoll
@anton-abushkevich @blootsvoets
Backmerge master 2.8 into master (#1788)
b033bd6 
* prepare for release 2.8.0

* 2.8.1-SNAPSHOT

* Update CIRCE to 1.9.1

(cherry picked from commit 9fac161)

* Remove trailing ; from DELETE (#1752)

Fixes #1730.

(cherry picked from commit 66f9100)

* PLP/PLE Analysis result file missed analysis executable code #1729 (#1751)

* removed tomcat dependency from hive profile (#1748)

changed default runtime delegate
(#1720)

Co-authored-by: Sergey Suvorov <[email protected]>

* Issue 1733 build error without git dir (#1757)

* git-commit-id-plugin does not throw exception in case of absent .git folder
if git_commit-id-plugin can not get git info parameters then gmaven-plugin creates these parameters with default value ("*")
(#1733)

* removed temporary dependencies
(#1733)

Co-authored-by: Sergey Suvorov <[email protected]>

* Update org.apache.httpcomponents:httpclient version from 4.5.10 to 4.5.13 (#1747)

* eager loading is now used during conversion of entities to dto (#1763)

fixes #1758

Co-authored-by: Sergey Suvorov <[email protected]>
# Conflicts:
#	pom.xml

* GitHub actions (#1690)

* Puts Maven Central as the first repository

This speeds up the build A LOT when none of the dependencies have been
cached yet (e.g. when performing a docker build). Reason: without putting this repository first, all
dependencies are first searched in all of the specified repositories and
only afterwards the central repository is tried. Because most
dependencies are not present in the specified repositories, still
central needs to be queried afterwards. When putting the central
repository first, this reduces time to retrieve dependencies in two
ways:

1. The central repository has a very low latency, much lower than the
other repositories. If a dependency can be fetched from here, it will be
faster than when it is fetched from another one.
2. For most dependencies, it reduces the number of repositories queried
from 7 to 1.

* Enabled github actions

* Use dedicated docker profile to avoid long command line

* Backport github action fixes

* Fix typo

* Remove unsupported platform

* Only use Maven central in the webapi-docker profile

* ancestorAndDescendant:get permission is now added to new sources  (#1766)

* ancestorAndDescendant:get permission is now added to new sources
fixes #1759

* ancestorAndDescendant:get permission is now added to new sources
fixes #1759

* fixed identation
fixes #1759

* ancestorAndDescendant:get permission is not added to new sources #1759 - fix permission name

Co-authored-by: Sergey Suvorov <[email protected]>
Co-authored-by: Anton Abushkevich <[email protected]>

* ir generation results are now exported correctly (#1767)

queryForRowSet function calls isSigned function which is not implemented for hive
fixes #1765

Co-authored-by: Sergey Suvorov <[email protected]>

* Fix sql server migration.
Revert a721214.
Remove IF EXISTS from sql server.

* Update dependency to arachne-commons release 1.17.1 #1774 (#1775)

* Eager loading without redundant calls for fetching collecions works only in 5.4.2.Final version of hibernate(#1758)

# Conflicts:
#	pom.xml

* Reset Impala settings to default(#1758)

* Updated org.ohdsi from 1.9.1 to 1.9.2 to to fix error in script(#1755) (#1778)

Co-authored-by: Sergey Suvorov <[email protected]>

* Updated org.apache.shiro from 1.6.0 to 1.7.1 to eliminate identified vulnerabilities  (#1759) (#1776)

Co-authored-by: Sergey Suvorov <[email protected]>

* Version 2.8.1

Co-authored-by: anton.abushkevich <anton.abushkevich>
Co-authored-by: Chris Knoll <[email protected]>
Co-authored-by: anton-abushkevich <[email protected]>
Co-authored-by: Sergey Suvorov <[email protected]>
Co-authored-by: Joris Borgdorff <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anton-abushkevich anton-abushkevich anton-abushkevich approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
V2.8.1
Development

Successfully merging this pull request may close these issues.

Update org.apache.shiro:shiro-core from 1.6.0 to 1.7.1 to eliminate identified vulnerabilities
2 participants
@ssuvorov-fls @anton-abushkevich