Skip to content

Commit

Permalink
Upgrade Karaf from 4.4.5 to 4.4.6
Browse files Browse the repository at this point in the history
* Sync runtime dependencies with Karaf 4.4.6, most notably:
  * Jetty 9.4.54.v20240208, addresses CVE-2024-22201
  * Pax Logging 2.2.7
  * Pax Web 8.0.27
  * ASM 9.7
  * BouncyCastle 1.77
* Upgrade xtext to 2.35.0.M1
* Resolve itest runbundles

Signed-off-by: Holger Friedrich <[email protected]>
  • Loading branch information
holgerfriedrich committed May 20, 2024
1 parent 895dcbb commit f8f4975
Show file tree
Hide file tree
Showing 45 changed files with 445 additions and 441 deletions.
2 changes: 1 addition & 1 deletion bom/compile-model/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,7 @@
<dependency>
<groupId>io.github.classgraph</groupId>
<artifactId>classgraph</artifactId>
<version>4.8.165</version>
<version>4.8.172</version>
<scope>compile</scope>
</dependency>

Expand Down
10 changes: 5 additions & 5 deletions bom/compile/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@

<properties>
<californium.version>2.7.4</californium.version>
<jetty.version>9.4.53.v20231009</jetty.version>
<pax.web.version>8.0.24</pax.web.version>
<jetty.version>9.4.54.v20240208</jetty.version>
<pax.web.version>8.0.27</pax.web.version>
<swagger.version>2.2.15</swagger.version>
</properties>

Expand All @@ -37,12 +37,12 @@
<dependency>
<groupId>org.osgi</groupId>
<artifactId>org.osgi.service.component</artifactId>
<version>1.5.0</version>
<version>1.5.1</version>
</dependency>
<dependency>
<groupId>org.osgi</groupId>
<artifactId>org.osgi.service.component.annotations</artifactId>
<version>1.5.0</version>
<version>1.5.1</version>
</dependency>
<dependency>
<groupId>org.osgi</groupId>
Expand Down Expand Up @@ -76,7 +76,7 @@
<dependency>
<groupId>javax.annotation</groupId>
<artifactId>javax.annotation-api</artifactId>
<version>1.2</version>
<version>1.3.2</version>
<scope>compile</scope>
</dependency>

Expand Down
20 changes: 10 additions & 10 deletions bom/runtime/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@
<californium.version>2.7.4</californium.version>
<cxf.version>3.6.2</cxf.version>
<jackson.version>2.16.0</jackson.version>
<jetty.version>9.4.53.v20231009</jetty.version>
<pax.logging.version>2.2.6</pax.logging.version>
<pax.web.version>8.0.24</pax.web.version>
<jetty.version>9.4.54.v20240208</jetty.version>
<pax.logging.version>2.2.7</pax.logging.version>
<pax.web.version>8.0.27</pax.web.version>
<swagger.version>2.2.15</swagger.version>
</properties>

Expand Down Expand Up @@ -58,13 +58,13 @@
<dependency>
<groupId>org.osgi</groupId>
<artifactId>org.osgi.service.component</artifactId>
<version>1.5.0</version>
<version>1.5.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.osgi</groupId>
<artifactId>org.osgi.service.component.annotations</artifactId>
<version>1.5.0</version>
<version>1.5.1</version>
<scope>compile</scope>
</dependency>
<dependency>
Expand Down Expand Up @@ -98,7 +98,7 @@
<dependency>
<groupId>org.osgi</groupId>
<artifactId>org.osgi.service.metatype</artifactId>
<version>1.4.0</version>
<version>1.4.1</version>
<scope>compile</scope>
</dependency>

Expand Down Expand Up @@ -148,7 +148,7 @@
<dependency>
<groupId>org.apache.aries.jax.rs</groupId>
<artifactId>org.apache.aries.jax.rs.whiteboard</artifactId>
<version>2.0.0</version>
<version>2.0.2</version>
<scope>compile</scope>
<exclusions>
<exclusion>
Expand Down Expand Up @@ -794,7 +794,7 @@
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>33.0.0-jre</version>
<version>33.1.0-jre</version>
<scope>compile</scope>
</dependency>

Expand All @@ -808,7 +808,7 @@
<dependency>
<groupId>io.github.classgraph</groupId>
<artifactId>classgraph</artifactId>
<version>4.8.165</version>
<version>4.8.172</version>
<scope>compile</scope>
</dependency>
<dependency>
Expand Down Expand Up @@ -906,7 +906,7 @@
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm</artifactId>
<version>9.6</version>
<version>9.7</version>
<scope>compile</scope>
</dependency>
<dependency>
Expand Down
2 changes: 1 addition & 1 deletion bom/test/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@
<dependency>
<groupId>org.apache.aries.jax.rs</groupId>
<artifactId>org.apache.aries.jax.rs.whiteboard</artifactId>
<version>2.0.0</version>
<version>2.0.2</version>
<exclusions>
<exclusion>
<groupId>ch.qos.logback</groupId>
Expand Down
2 changes: 1 addition & 1 deletion bundles/org.openhab.core.io.console.eclipse/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
<dependency>
<groupId>org.eclipse.platform</groupId>
<artifactId>org.eclipse.osgi</artifactId>
<version>3.13.100</version>
<version>3.18.0</version>
<scope>provided</scope>
</dependency>
<dependency>
Expand Down
2 changes: 1 addition & 1 deletion bundles/org.openhab.core.io.jetty.certificate/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>1.76</version>
<version>1.77</version>
</dependency>
</dependencies>

Expand Down
2 changes: 1 addition & 1 deletion bundles/org.openhab.core.io.transport.modbus/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
<version>2.8.1</version>
<version>2.11.1</version>
<scope>compile</scope>
</dependency>
<dependency>
Expand Down
4 changes: 2 additions & 2 deletions bundles/org.openhab.core.model.item/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -62,12 +62,12 @@
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
Expand Down
4 changes: 2 additions & 2 deletions bundles/org.openhab.core.model.persistence/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -67,12 +67,12 @@
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
Expand Down
4 changes: 2 additions & 2 deletions bundles/org.openhab.core.model.rule/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -62,12 +62,12 @@
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
Expand Down
4 changes: 2 additions & 2 deletions bundles/org.openhab.core.model.script/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -103,12 +103,12 @@
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
Expand Down
4 changes: 2 additions & 2 deletions bundles/org.openhab.core.model.sitemap/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -62,12 +62,12 @@
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
Expand Down
4 changes: 2 additions & 2 deletions bundles/org.openhab.core.model.thing/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -85,12 +85,12 @@
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.36</version>
<version>${slf4j-for-model.version}</version>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
Expand Down
2 changes: 1 addition & 1 deletion bundles/org.openhab.core.semantics/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm</artifactId>
<version>9.6</version>
<version>9.7</version>
<scope>provided</scope>
</dependency>
</dependencies>
Expand Down
2 changes: 1 addition & 1 deletion bundles/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -235,7 +235,7 @@
<!-- Required for JDK 17 compatibility, see: https://github.com/highsource/maven-jaxb2-plugin/issues/207 -->
<groupId>org.glassfish.jaxb</groupId>
<artifactId>jaxb-runtime</artifactId>
<version>2.3.6</version>
<version>2.3.8</version>
</dependency>
</dependencies>
<executions>
Expand Down
2 changes: 1 addition & 1 deletion features/karaf/openhab-core/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
<description>openHAB Core Features</description>

<properties>
<jetty.version>9.4.53.v20231009</jetty.version>
<jetty.version>9.4.54.v20240208</jetty.version>
<jna.version>5.14.0</jna.version>
</properties>

Expand Down
6 changes: 3 additions & 3 deletions features/karaf/openhab-core/src/main/feature/feature.xml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@

<feature dependency="true">openhab.tp-gson</feature>

<requirement>openhab.tp;filter:="(&amp;(feature=xtext)(version&gt;=2.34.0)(!(version&gt;=2.35.0)))"</requirement>
<requirement>openhab.tp;filter:="(&amp;(feature=xtext)(version&gt;=2.35.0)(!(version&gt;=2.36.0)))"</requirement>
<feature dependency="true">openhab.tp-xtext</feature>

<requirement>openhab.tp;filter:="(feature=jax-rs-whiteboard)"</requirement>
Expand Down Expand Up @@ -250,7 +250,7 @@
<feature>openhab-core-base</feature>
<feature>openhab-transport-serial</feature>

<bundle dependency="true">mvn:org.apache.commons/commons-pool2/2.8.1</bundle>
<bundle dependency="true">mvn:org.apache.commons/commons-pool2/2.11.1</bundle>
<bundle>mvn:org.openhab.core.bundles/org.openhab.core.io.transport.modbus/${project.version}</bundle>
</feature>

Expand Down Expand Up @@ -389,7 +389,7 @@

<feature name="openhab-core-model-lsp" version="${project.version}">

<requirement>openhab.tp;filter:="(&amp;(feature=xtext-ide)(version&gt;=2.34.0)(!(version&gt;=2.35.0)))"</requirement>
<requirement>openhab.tp;filter:="(&amp;(feature=xtext-ide)(version&gt;=2.35.0)(!(version&gt;=2.36.0)))"</requirement>
<feature dependency="true">openhab.tp-xtext-ide</feature>

<requirement>openhab.tp;filter:="(&amp;(feature=lsp4j)(version&gt;=0.22.0)(!(version&gt;=0.23.0)))"</requirement>
Expand Down
2 changes: 1 addition & 1 deletion features/karaf/openhab-tp/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
<name>openHAB Core :: Features :: Karaf :: Target Platform</name>

<properties>
<jetty.version>9.4.53.v20231009</jetty.version>
<jetty.version>9.4.54.v20240208</jetty.version>
<jna.version>5.14.0</jna.version>
</properties>

Expand Down
12 changes: 6 additions & 6 deletions features/karaf/openhab-tp/src/main/feature/feature.xml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
<bundle dependency="true">mvn:tech.units/indriya/2.2</bundle>
<bundle dependency="true">mvn:tech.uom.lib/uom-lib-common/2.2</bundle>
<bundle dependency="true">mvn:org.apiguardian/apiguardian-api/1.1.2</bundle>
<bundle dependency="true">mvn:org.osgi/org.osgi.service.component.annotations/1.5.0</bundle>
<bundle dependency="true">mvn:org.osgi/org.osgi.service.component.annotations/1.5.1</bundle>

<!-- TODO: Unbundled libraries -->
<bundle dependency="true">mvn:com.thoughtworks.xstream/xstream/1.4.20</bundle>
Expand Down Expand Up @@ -96,7 +96,7 @@
</feature>

<feature name="openhab.tp-jax-rs-whiteboard" description="Aries JAX-RS Whiteboard" version="${project.version}">
<capability>openhab.tp;feature=jax-rs-whiteboard;version=2.0.0</capability>
<capability>openhab.tp;feature=jax-rs-whiteboard;version=2.0.2</capability>
<feature dependency="true">spifly</feature>
<feature dependency="true">http-whiteboard</feature>
<feature dependency="true">openhab.tp-cxf</feature>
Expand All @@ -105,7 +105,7 @@
<bundle dependency="true">mvn:org.osgi/org.osgi.util.promise/1.3.0</bundle>
<bundle dependency="true">mvn:org.osgi/org.osgi.service.jaxrs/1.0.1</bundle>
<bundle>mvn:org.apache.aries.component-dsl/org.apache.aries.component-dsl.component-dsl/1.2.2</bundle>
<bundle>mvn:org.apache.aries.jax.rs/org.apache.aries.jax.rs.whiteboard/2.0.0</bundle>
<bundle>mvn:org.apache.aries.jax.rs/org.apache.aries.jax.rs.whiteboard/2.0.2</bundle>
</feature>

<feature name="openhab.tp-jna" description="Java Native Access (JNA)" version="${project.version}">
Expand Down Expand Up @@ -237,7 +237,7 @@
<bundle dependency="true">mvn:org.eclipse.emf/org.eclipse.emf.ecore.xmi/2.16.0</bundle>
<bundle dependency="true">mvn:org.eclipse.xtext/org.eclipse.xtext.common.types/${xtext.version}</bundle>

<bundle dependency="true">mvn:javax.annotation/javax.annotation-api/1.2</bundle>
<bundle dependency="true">mvn:javax.annotation/javax.annotation-api/1.3.2</bundle>

<bundle dependency="true">mvn:org.eclipse.xtext/org.eclipse.xtext.xbase/${xtext.version}</bundle>
<bundle dependency="true">mvn:org.eclipse.xtext/org.eclipse.xtext.xbase.lib/${xtext.version}</bundle>
Expand All @@ -247,12 +247,12 @@
<bundle dependency="true">mvn:org.eclipse.xtend/org.eclipse.xtend.lib.macro/${xtext.version}</bundle>

<bundle dependency="true">mvn:com.google.guava/failureaccess/1.0.2</bundle>
<bundle dependency="true">mvn:com.google.guava/guava/33.0.0-jre</bundle>
<bundle dependency="true">mvn:com.google.guava/guava/33.1.0-jre</bundle>
<bundle dependency="true">mvn:com.google.inject/guice/7.0.0</bundle>
<bundle dependency="true">mvn:jakarta.inject/jakarta.inject-api/2.0.1</bundle>

<bundle dependency="true">mvn:org.eclipse.orbit.bundles/org.aopalliance/1.0.0.v201105210816</bundle>
<bundle dependency="true">mvn:io.github.classgraph/classgraph/4.8.165</bundle>
<bundle dependency="true">mvn:io.github.classgraph/classgraph/4.8.172</bundle>
<bundle dependency="true">mvn:org.eclipse.orbit.bundles/org.antlr.runtime/3.2.0.v201101311130</bundle>

<bundle dependency="true">mvn:org.eclipse.platform/org.eclipse.equinox.common/3.18.0</bundle>
Expand Down
20 changes: 10 additions & 10 deletions itests/org.openhab.core.addon.tests/itest.bndrun
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ Fragment-Host: org.openhab.core.addon
org.osgi.util.function;version='[1.2.0,1.2.1)',\
org.apache.felix.configadmin;version='[1.9.26,1.9.27)',\
org.apache.felix.http.servlet-api;version='[1.2.0,1.2.1)',\
org.osgi.service.component;version='[1.5.0,1.5.1)',\
org.osgi.service.component;version='[1.5.1,1.5.2)',\
xstream;version='[1.4.20,1.4.21)',\
org.openhab.base-fixes;version='[1.0.0,1.0.1)',\
javax.measure.unit-api;version='[2.2.0,2.2.1)',\
Expand Down Expand Up @@ -55,16 +55,16 @@ Fragment-Host: org.openhab.core.addon
org.openhab.core.test;version='[4.2.0,4.2.1)',\
com.sun.jna;version='[5.14.0,5.14.1)',\
org.apache.aries.spifly.dynamic.bundle;version='[1.3.7,1.3.8)',\
org.eclipse.jetty.http;version='[9.4.53,9.4.54)',\
org.eclipse.jetty.io;version='[9.4.53,9.4.54)',\
org.eclipse.jetty.security;version='[9.4.53,9.4.54)',\
org.eclipse.jetty.server;version='[9.4.53,9.4.54)',\
org.eclipse.jetty.servlet;version='[9.4.53,9.4.54)',\
org.eclipse.jetty.util;version='[9.4.53,9.4.54)',\
org.eclipse.jetty.util.ajax;version='[9.4.53,9.4.54)',\
org.objectweb.asm;version='[9.6.0,9.6.1)',\
org.eclipse.jetty.http;version='[9.4.54,9.4.55)',\
org.eclipse.jetty.io;version='[9.4.54,9.4.55)',\
org.eclipse.jetty.security;version='[9.4.54,9.4.55)',\
org.eclipse.jetty.server;version='[9.4.54,9.4.55)',\
org.eclipse.jetty.servlet;version='[9.4.54,9.4.55)',\
org.eclipse.jetty.util;version='[9.4.54,9.4.55)',\
org.eclipse.jetty.util.ajax;version='[9.4.54,9.4.55)',\
org.objectweb.asm.commons;version='[9.6.0,9.6.1)',\
org.objectweb.asm.tree;version='[9.6.0,9.6.1)',\
org.objectweb.asm.tree.analysis;version='[9.6.0,9.6.1)',\
org.objectweb.asm.util;version='[9.6.0,9.6.1)',\
org.ops4j.pax.logging.pax-logging-api;version='[2.2.6,2.2.7)'
org.ops4j.pax.logging.pax-logging-api;version='[2.2.7,2.2.8)',\
org.objectweb.asm;version='[9.7.0,9.7.1)'
Loading

0 comments on commit f8f4975

Please sign in to comment.