[Backport to 2.x] Manual backport of several dependabot PRs (#5330)

* Bump gradle-extra-configurations-plugin from 7.0.0 to 8.0.0 (#4808) * Bump gradle-extra-configurations-plugin from 7.0.0 to 8.0.0 Bumps [gradle-extra-configurations-plugin](https://github.com/nebula-plugins/gradle-extra-configurations-plugin) from 7.0.0 to 8.0.0. - [Release notes](https://github.com/nebula-plugins/gradle-extra-configurations-plugin/releases) - [Changelog](https://github.com/nebula-plugins/gradle-extra-configurations-plugin/blob/main/CHANGELOG.md) - [Commits](nebula-plugins/gradle-extra-configurations-plugin@v7.0.0...v8.0.0) --- updated-dependencies: - dependency-name: com.netflix.nebula:gradle-extra-configurations-plugin dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * add changelog Signed-off-by: Poojita Raj <poojiraj@amazon.com> * add changelog Signed-off-by: Poojita Raj <poojiraj@amazon.com> * Fix fully-qualified plugin name after version bump Signed-off-by: Kartik Ganesh <gkart@amazon.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Poojita Raj <poojiraj@amazon.com> Signed-off-by: Kartik Ganesh <gkart@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Poojita Raj <poojiraj@amazon.com> Co-authored-by: Kartik Ganesh <gkart@amazon.com> (cherry picked from commit a0d3073) * Bump jcodings from 1.0.57 to 1.0.58 in /libs/grok (#5233) * Bump jcodings from 1.0.57 to 1.0.58 in /libs/grok Bumps [jcodings](https://github.com/jruby/jcodings) from 1.0.57 to 1.0.58. - [Release notes](https://github.com/jruby/jcodings/releases) - [Commits](jruby/jcodings@jcodings-1.0.57...jcodings-1.0.58) --- updated-dependencies: - dependency-name: org.jruby.jcodings:jcodings dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> (cherry picked from commit cbb0953) * Bump google-http-client-jackson2 from 1.35.0 to 1.42.3 in /plugins/repository-gcs (#5234) * Bump google-http-client-jackson2 in /plugins/repository-gcs Bumps [google-http-client-jackson2](https://github.com/googleapis/google-http-java-client) from 1.35.0 to 1.42.3. - [Release notes](https://github.com/googleapis/google-http-java-client/releases) - [Changelog](https://github.com/googleapis/google-http-java-client/blob/main/CHANGELOG.md) - [Commits](googleapis/google-http-java-client@v1.35.0...v1.42.3) --- updated-dependencies: - dependency-name: com.google.http-client:google-http-client-jackson2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> (cherry picked from commit 933e8c3) * Bump azure-core from 1.33.0 to 1.34.0 and azure-core-http-netty from 1.12.4 to 1.12.7 in /plugins/repository-azure (#5235) * Bump azure-core from 1.33.0 to 1.34.0 This change also reverts the ignoreMissingClasses addition from the prior commit since it is incorrect. Signed-off-by: Kartik Ganesh <gkart@amazon.com> * Bump azure-core-http-netty in /plugins/repository-azure Bumps [azure-core-http-netty](https://github.com/Azure/azure-sdk-for-java) from 1.12.4 to 1.12.7. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@azure-core-http-netty_1.12.4...azure-core-http-netty_1.12.7) --- updated-dependencies: - dependency-name: com.azure:azure-core-http-netty dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Kartik Ganesh <gkart@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: Kartik Ganesh <gkart@amazon.com> (cherry picked from commit 0c6411a) * Bump maxmind-db from 2.0.0 to 2.1.0 in /modules/ingest-geoip (#5236) * Bump maxmind-db from 2.0.0 to 2.1.0 in /modules/ingest-geoip Bumps [maxmind-db](https://github.com/maxmind/MaxMind-DB-Reader-java) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/maxmind/MaxMind-DB-Reader-java/releases) - [Changelog](https://github.com/maxmind/MaxMind-DB-Reader-java/blob/main/CHANGELOG.md) - [Commits](maxmind/MaxMind-DB-Reader-java@v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: com.maxmind.db:maxmind-db dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> (cherry picked from commit 7dc137f) * Bump json-schema-validator from 1.0.69 to 1.0.73 (#5316) * Bump json-schema-validator from 1.0.69 to 1.0.73 Bumps [json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.0.69 to 1.0.73. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](networknt/json-schema-validator@1.0.69...1.0.73) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> * Fix changelog Signed-off-by: Kartik Ganesh <gkart@amazon.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Kartik Ganesh <gkart@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: Kartik Ganesh <gkart@amazon.com> (cherry picked from commit 0f666ef) * Bump proto-google-common-protos from 2.8.0 to 2.10.0 in /plugins/repository-gcs (#5318) * Bump proto-google-common-protos in /plugins/repository-gcs Bumps [proto-google-common-protos](https://github.com/googleapis/java-iam) from 2.8.0 to 2.10.0. - [Release notes](https://github.com/googleapis/java-iam/releases) - [Changelog](https://github.com/googleapis/java-iam/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/java-iam/commits) --- updated-dependencies: - dependency-name: com.google.api.grpc:proto-google-common-protos dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Add changelog entry Signed-off-by: Kartik Ganesh <gkart@amazon.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Kartik Ganesh <gkart@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: Kartik Ganesh <gkart@amazon.com> (cherry picked from commit 0f78b9f) * Bump protobuf-java from 3.21.7 to 3.21.9 in /plugins/repository-hdfs (#5319) * Bump protobuf-java from 3.21.7 to 3.21.9 in /plugins/repository-hdfs Bumps [protobuf-java](https://github.com/protocolbuffers/protobuf) from 3.21.7 to 3.21.9. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py) - [Commits](protocolbuffers/protobuf@v3.21.7...v3.21.9) --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Add changelog entry Signed-off-by: Kartik Ganesh <gkart@amazon.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Kartik Ganesh <gkart@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: Kartik Ganesh <gkart@amazon.com> (cherry picked from commit 438369c) * Updates to get a successful build SHA updates and Gradle build file updates Signed-off-by: Kartik Ganesh <gkart@amazon.com> Signed-off-by: Kartik Ganesh <gkart@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
opensearch-project · Nov 22, 2022 · 36102bb · 36102bb
1 parent 7e04797
commit 36102bb
Show file tree

Hide file tree

Showing 26 changed files with 30 additions and 25 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,6 +13,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - Bump bcpg-fips from 1.0.5.1 to 1.0.7.1 ([#5148](https://github.com/opensearch-project/OpenSearch/pull/5148))
 - Bumps `commons-compress` from 1.21 to 1.22 ([#5104](https://github.com/opensearch-project/OpenSearch/pull/5104))
 - Bumps `gson` from 2.9.0 to 2.10 ([#5184](https://github.com/opensearch-project/OpenSearch/pull/5184))
+- Bump `gradle-extra-configurations-plugin` from 7.0.0 to 8.0.0 ([#4808](https://github.com/opensearch-project/OpenSearch/pull/4808))
+- Bumps `jcodings` from 1.0.57 to 1.0.58
+- Bumps `google-http-client-jackson2` from 1.35.0 to 1.42.3
+- Bumps `azure-core` from 1.33.0 to 1.34.0
+- Bumps `azure-core-http-netty` from 1.12.4 to 1.12.7
+- Bumps `maxmind-db` from 2.0.0 to 2.1.0
+- Bumps `json-schema-validator` from 1.0.69 to 1.0.73 ([#5316](https://github.com/opensearch-project/OpenSearch/pull/5316))
+- Bumps `proto-google-common-protos` from 2.8.0 to 2.10.0 ([#5318](https://github.com/opensearch-project/OpenSearch/pull/5318))
+- Bumps `protobuf-java` from 3.21.7 to 3.21.9 ([#5319](https://github.com/opensearch-project/OpenSearch/pull/5319))
 ### Changed
 ### Deprecated
 ### Removed

diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle
@@ -105,7 +105,7 @@ dependencies {
   api 'commons-codec:commons-codec:1.15'
   api 'org.apache.commons:commons-compress:1.21'
   api 'org.apache.ant:ant:1.10.12'
-  api 'com.netflix.nebula:gradle-extra-configurations-plugin:7.0.0'
+  api 'com.netflix.nebula:gradle-extra-configurations-plugin:8.0.0'
   api 'com.netflix.nebula:nebula-publishing-plugin:4.6.0'
   api 'com.netflix.nebula:gradle-info-plugin:7.1.3'
   api 'org.apache.rat:apache-rat:0.13'
@@ -118,7 +118,7 @@ dependencies {
   api 'com.avast.gradle:gradle-docker-compose-plugin:0.15.2'
   api "org.yaml:snakeyaml:${props.getProperty('snakeyaml')}"
   api 'org.apache.maven:maven-model:3.6.2'
-  api 'com.networknt:json-schema-validator:1.0.69'
+  api 'com.networknt:json-schema-validator:1.0.73'
   api "com.fasterxml.jackson.core:jackson-databind:${props.getProperty('jackson_databind')}"
 
   testFixturesApi "junit:junit:${props.getProperty('junit')}"

diff --git a/libs/cli/build.gradle b/libs/cli/build.gradle
@@ -28,7 +28,7 @@
  * under the License.
  */
 apply plugin: 'opensearch.build'
-apply plugin: 'nebula.optional-base'
+apply plugin: 'com.netflix.nebula.optional-base'
 apply plugin: 'opensearch.publish'
 
 dependencies {

diff --git a/libs/core/build.gradle b/libs/core/build.gradle
@@ -30,7 +30,7 @@
 
 import org.opensearch.gradle.info.BuildParams
 
-apply plugin: 'nebula.optional-base'
+apply plugin: 'com.netflix.nebula.optional-base'
 apply plugin: 'opensearch.publish'
 
 archivesBaseName = 'opensearch-core'

diff --git a/libs/grok/build.gradle b/libs/grok/build.gradle
@@ -31,7 +31,7 @@
 dependencies {
   api 'org.jruby.joni:joni:2.1.44'
   // joni dependencies:
-  api 'org.jruby.jcodings:jcodings:1.0.44'
+  api 'org.jruby.jcodings:jcodings:1.0.58'
 
   testImplementation(project(":test:framework")) {
     exclude group: 'org.opensearch', module: 'opensearch-grok'
@@ -41,7 +41,3 @@ dependencies {
 tasks.named('forbiddenApisMain').configure {
   replaceSignatureFiles 'jdk-signatures'
 }
-
-thirdPartyAudit.ignoreMissingClasses(
-  'org.jcodings.unicode.UnicodeCodeRange'
-)
diff --git a/libs/grok/licenses/jcodings-1.0.44.jar.sha1 b/libs/grok/licenses/jcodings-1.0.44.jar.sha1
diff --git a/libs/grok/licenses/jcodings-1.0.58.jar.sha1 b/libs/grok/licenses/jcodings-1.0.58.jar.sha1
@@ -0,0 +1 @@
+dce27159dc0382e5f7518d4f3e499fc8396357ed
diff --git a/modules/ingest-geoip/build.gradle b/modules/ingest-geoip/build.gradle
@@ -43,7 +43,7 @@ dependencies {
   // geoip2 dependencies:
   api("com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}")
   api("com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}")
-  api('com.maxmind.db:maxmind-db:2.0.0')
+  api('com.maxmind.db:maxmind-db:2.1.0')
 
   testImplementation 'org.elasticsearch:geolite2-databases:20191119'
 }

diff --git a/modules/ingest-geoip/licenses/maxmind-db-2.0.0.jar.sha1 b/modules/ingest-geoip/licenses/maxmind-db-2.0.0.jar.sha1
diff --git a/modules/ingest-geoip/licenses/maxmind-db-2.1.0.jar.sha1 b/modules/ingest-geoip/licenses/maxmind-db-2.1.0.jar.sha1
@@ -0,0 +1 @@
+5fb0a7c4677ba725149ed557df9d0809d1836b80
diff --git a/plugins/repository-azure/build.gradle b/plugins/repository-azure/build.gradle
@@ -44,9 +44,9 @@ opensearchplugin {
 }
 
 dependencies {
-  api 'com.azure:azure-core:1.27.0'
-  api 'com.azure:azure-storage-common:12.15.0'
-  api 'com.azure:azure-core-http-netty:1.11.8'
+  api 'com.azure:azure-core:1.34.0'
+  api 'com.azure:azure-storage-common:12.18.1'
+  api 'com.azure:azure-core-http-netty:1.12.7'
   api "io.netty:netty-codec-dns:${versions.netty}"
   api "io.netty:netty-codec-socks:${versions.netty}"
   api "io.netty:netty-codec-http2:${versions.netty}"

diff --git a/plugins/repository-azure/licenses/azure-core-1.27.0.jar.sha1 b/plugins/repository-azure/licenses/azure-core-1.27.0.jar.sha1
diff --git a/plugins/repository-azure/licenses/azure-core-1.34.0.jar.sha1 b/plugins/repository-azure/licenses/azure-core-1.34.0.jar.sha1
@@ -0,0 +1 @@
+59827c9aeab1c67053fc598207781e56fb8709f6
diff --git a/plugins/repository-azure/licenses/azure-core-http-netty-1.11.8.jar.sha1 b/plugins/repository-azure/licenses/azure-core-http-netty-1.11.8.jar.sha1
diff --git a/plugins/repository-azure/licenses/azure-core-http-netty-1.12.7.jar.sha1 b/plugins/repository-azure/licenses/azure-core-http-netty-1.12.7.jar.sha1
@@ -0,0 +1 @@
+e7739b5c0d9c968afcb6100f15f3491143d47814
diff --git a/plugins/repository-azure/licenses/azure-storage-common-12.15.0.jar.sha1 b/plugins/repository-azure/licenses/azure-storage-common-12.15.0.jar.sha1
diff --git a/plugins/repository-azure/licenses/azure-storage-common-12.18.1.jar.sha1 b/plugins/repository-azure/licenses/azure-storage-common-12.18.1.jar.sha1
@@ -0,0 +1 @@
+09f5229d0775dff1b21cc3cb2936de751e79b5ac
diff --git a/plugins/repository-gcs/build.gradle b/plugins/repository-gcs/build.gradle
@@ -68,15 +68,15 @@ dependencies {
   api 'com.google.protobuf:protobuf-java-util:3.20.0'
   api 'com.google.protobuf:protobuf-java:3.21.7'
   api 'com.google.code.gson:gson:2.9.0'
-  api 'com.google.api.grpc:proto-google-common-protos:2.8.0'
+  api 'com.google.api.grpc:proto-google-common-protos:2.10.0'
   api 'com.google.api.grpc:proto-google-iam-v1:0.12.0'
   api 'com.google.cloud:google-cloud-core-http:1.93.3'
   api "com.google.auth:google-auth-library-credentials:${versions.google_auth}"
   api "com.google.auth:google-auth-library-oauth2-http:${versions.google_auth}"
   api 'com.google.oauth-client:google-oauth-client:1.33.3'
   api 'com.google.api-client:google-api-client:1.34.0'
   api 'com.google.http-client:google-http-client-appengine:1.41.8'
-  api 'com.google.http-client:google-http-client-jackson2:1.35.0'
+  api 'com.google.http-client:google-http-client-jackson2:1.42.3'
   api 'com.google.http-client:google-http-client-gson:1.41.4'
   api 'com.google.api:gax-httpjson:0.62.0'
   api 'io.grpc:grpc-context:1.45.1'

diff --git a/plugins/repository-gcs/licenses/google-http-client-jackson2-1.35.0.jar.sha1 b/plugins/repository-gcs/licenses/google-http-client-jackson2-1.35.0.jar.sha1
diff --git a/plugins/repository-gcs/licenses/google-http-client-jackson2-1.42.3.jar.sha1 b/plugins/repository-gcs/licenses/google-http-client-jackson2-1.42.3.jar.sha1
@@ -0,0 +1 @@
+789cafde696403b429026bf19071caf46d8c8934
diff --git a/plugins/repository-gcs/licenses/proto-google-common-protos-2.10.0.jar.sha1 b/plugins/repository-gcs/licenses/proto-google-common-protos-2.10.0.jar.sha1
@@ -0,0 +1 @@
+cf5ac081c05682b0eba6659dee55352fde5852e1
diff --git a/plugins/repository-gcs/licenses/proto-google-common-protos-2.8.0.jar.sha1 b/plugins/repository-gcs/licenses/proto-google-common-protos-2.8.0.jar.sha1
diff --git a/plugins/repository-hdfs/build.gradle b/plugins/repository-hdfs/build.gradle
@@ -69,7 +69,7 @@ dependencies {
   api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
   api 'com.google.code.gson:gson:2.10'
   runtimeOnly 'com.google.guava:guava:31.1-jre'
-  api 'com.google.protobuf:protobuf-java:3.21.7'
+  api 'com.google.protobuf:protobuf-java:3.21.9'
   api "commons-logging:commons-logging:${versions.commonslogging}"
   api 'commons-cli:commons-cli:1.2'
   api "commons-codec:commons-codec:${versions.commonscodec}"

diff --git a/plugins/repository-hdfs/licenses/protobuf-java-3.21.7.jar.sha1 b/plugins/repository-hdfs/licenses/protobuf-java-3.21.7.jar.sha1
diff --git a/plugins/repository-hdfs/licenses/protobuf-java-3.21.9.jar.sha1 b/plugins/repository-hdfs/licenses/protobuf-java-3.21.9.jar.sha1
@@ -0,0 +1 @@
+ed1240d9231044ce6ccf1978512f6e44416bb7e7
diff --git a/server/build.gradle b/server/build.gradle
@@ -31,7 +31,7 @@
 import org.opensearch.gradle.info.BuildParams
 
 apply plugin: 'opensearch.build'
-apply plugin: 'nebula.optional-base'
+apply plugin: 'com.netflix.nebula.optional-base'
 apply plugin: 'opensearch.publish'
 apply plugin: 'opensearch.internal-cluster-test'