Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SNOW-848763 upgrade awssdk to 1.12.501 #1460

Merged
merged 1 commit into from
Jul 13, 2023
Merged

SNOW-848763 upgrade awssdk to 1.12.501 #1460

merged 1 commit into from
Jul 13, 2023

Conversation

sfc-gh-ext-simba-lb
Copy link
Contributor

@sfc-gh-ext-simba-lb sfc-gh-ext-simba-lb commented Jul 5, 2023
edited
Loading

Overview

SNOW-848763

aws-java-sdk-s3 in FIPS/pom.xml uses a vulnerable version of jackson-dataformat-cbor.

External contributors - please answer these questions before submitting a pull request. Thanks!

Please answer these questions before submitting your pull requests. Thanks!

  1. What GitHub issue is this PR addressing? Make sure that there is an accompanying issue to your PR.

    Fixes Snyk: snowflake-jdbc com.fasterxml.jackson.dataformat:jackson-dataformat-cbor 2.6.7 | Snyk ID - SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329 #1434
    https://github.com/snowflakedb/snowflake-sdks-drivers-issues-teamwork/issues/494

  2. Fill out the following pre-review checklist:

    • I am adding a new automated test(s) to verify correctness of my new code
    • I am adding new logging messages
    • I am modifying authorization mechanisms
    • I am adding new credentials
    • I am modifying OCSP code
    • I am adding a new dependency

  3. Please describe how your code solves the related issue.

  • Upgrade awssdk to 1.12.501 in FIPS/pom.xml which uses jackson-dataformat-cbor 2.12.6.

Pre-review checklist

  • This change has passed precommit
  • I have reviewed code coverage report for my PR in (Sonarqube)

@sfc-gh-ext-simba-lb
upgrade guava and awssdk
06f29b3 
remove guava upgrade

remove guava upgrade

remove guava upgrade
@sfc-gh-ext-simba-lb sfc-gh-ext-simba-lb changed the title SNOW-848763/SNOW-848750 upgrade awssdk to 1.12.501 and google guava to 32.1.1-jre SNOW-848763 upgrade awssdk to 1.12.501 Jul 12, 2023
@sfc-gh-ext-simba-lb sfc-gh-ext-simba-lb marked this pull request as ready for review July 12, 2023 22:46
@sfc-gh-ext-simba-lb sfc-gh-ext-simba-lb requested a review from a team as a code owner July 12, 2023 22:46
sfc-gh-igarish
sfc-gh-igarish approved these changes Jul 12, 2023
View reviewed changes
Copy link
Collaborator

@sfc-gh-igarish sfc-gh-igarish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sonarqubemergegate
Copy link

SonarQube Quality Gate

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@sfc-gh-ext-simba-lb sfc-gh-ext-simba-lb merged commit e661cea into master Jul 13, 2023
12 checks passed
@sfc-gh-ext-simba-lb sfc-gh-ext-simba-lb deleted the upgradeAwsAndGuava branch July 13, 2023 14:37
@github-actions github-actions bot locked and limited conversation to collaborators Jul 13, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@sfc-gh-igarish sfc-gh-igarish sfc-gh-igarish approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@sfc-gh-ext-simba-lb @sfc-gh-igarish