TH2-1988-2 #321
TH2-1988-2 #321
Conversation
…t simplified getMonitorName fixed
…ic rollback isPublishingBlocked property Awaitility used
tests updates
Test Results 31 files 31 suites 5s ⏱️ Results for commit f5f9207. ♻️ This comment has been updated with latest results. |
src/main/java/com/exactpro/th2/common/schema/message/MessageRouter.java
Outdated
Show resolved
Hide resolved
.../java/com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConnectionManager.java
Outdated
Show resolved
Hide resolved
.../java/com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConnectionManager.java
Outdated
Show resolved
Hide resolved
...in/kotlin/com/exactpro/th2/common/schema/message/impl/context/DefaultMessageRouterContext.kt
Show resolved
Hide resolved
...pro/th2/common/schema/message/impl/rabbitmq/group/IntegrationTestRabbitMessageBatchRouter.kt
Outdated
Show resolved
Hide resolved
.../java/com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConnectionManager.java
Outdated
Show resolved
Hide resolved
.../java/com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConnectionManager.java
Outdated
Show resolved
Hide resolved
.../java/com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConnectionManager.java
Outdated
Show resolved
Hide resolved
.../java/com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConnectionManager.java
Outdated
Show resolved
Hide resolved
.../com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConsumeConnectionManager.kt
Outdated
Show resolved
Hide resolved
.../com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConsumeConnectionManager.kt
Outdated
Show resolved
Hide resolved
.../com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConsumeConnectionManager.kt
Outdated
Show resolved
Hide resolved
.../java/com/exactpro/th2/common/schema/message/impl/rabbitmq/connection/ConnectionManager.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Could you please investigate the vulnerability and try to fix it by the lib update
commons-compress-1.24.0.jar (pkg:maven/org.apache.commons/[email protected], cpe:2.3:a:apache:commons_compress:1.24.0:::::::*) : CVE-2024-25710, CVE-2024-26308
| @@ -172,6 +172,18 @@ dependencies { | |||
| testFixturesImplementation "org.junit.jupiter:junit-jupiter:$junitVersion" | |||
| } | |||
|
|
|||
| // substitute commons-compress:1.24.0 from testcontainers:1.19.8 to version 1.26.2 | |||
There was a problem hiding this comment.
Just a small note: this comes from test dependency. why do we need this substitution for all configurations? They are not present in the production distribution.
Also, we must remember now to remove this block once the testcontainers dependency is updated and no longer contains this vulnerability. The best way would be to exclude the test configurations from scanning - we don't get alerts on dependencies that we don't care about and we don't need to do things like this
No description provided.