Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
chore(deps): bump log4j to 2.17.0 and Fuseki to 4.3.2 (DEV-334) (#1972)
* chore: bump logging libraries

* chore: bump scala

* chore: bump base Java container

* chore: bump akka

* chore(deps): bump log4j to 2.17.0

* chore(deps): bump Fuseki to 4.3.2 (log4j 2.16.0)
  • Loading branch information
subotic committed Dec 20, 2021
1 parent c276625 commit afb6587
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 6 deletions.
1 change: 1 addition & 0 deletions .gitignore
Expand Up @@ -64,3 +64,4 @@ dependencies.txt
/.metals
/sipi/images/082E/*
/sipi/images/originals/082E/*
/dependencies.bzl
10 changes: 6 additions & 4 deletions third_party/dependencies.bzl
Expand Up @@ -10,7 +10,7 @@ def dependencies():
# e.g., to reference use: @maven//com_typesafe_akka_akka_actor_2_13
#
# ATTENTION: Transitive dependencies need to be explicitly added
# to query: bazel query @maven//:all --output=build
# to query: bazel query @maven//:all --output=build > dependencies.bzl
# or: bazel query @maven//:all | sort
#
maven_install(
Expand Down Expand Up @@ -50,11 +50,12 @@ def dependencies():

# Logging
"com.typesafe.scala-logging:scala-logging_2.13:3.9.4",
"ch.qos.logback:logback-classic:1.2.8",
"ch.qos.logback:logback-core:1.2.8",
"ch.qos.logback:logback-classic:1.2.9",
"ch.qos.logback:logback-core:1.2.9",
"org.slf4j:log4j-over-slf4j:1.7.32",
"org.slf4j:jcl-over-slf4j:1.7.32",
"org.slf4j:slf4j-api:1.7.32",
"org.apache.logging.log4j:log4j:2.17.0", # needed by apache-jena-libs. explicitly setting latest version (log4shell) to override the one used by jena.

# metrics
"io.kamon:kamon-core_2.13:2.1.5",
Expand Down Expand Up @@ -103,8 +104,9 @@ def dependencies():
# provides akka jackson (json) support
"de.heikoseeberger:akka-http-circe_2.13:1.36.0",
"com.fasterxml.jackson.module:jackson-module-scala_2.13:2.12.3",
"com.apicatalog:titanium-json-ld:0.8.5",
"javax.json:javax.json-api:1.1.4",
# TODO: DEV-335 upgrade titanium to 1.1.0 and jakarta-json to 2.0.1
"com.apicatalog:titanium-json-ld:0.8.5",
"org.glassfish:jakarta.json:1.1.6",

# swagger (api documentation)
Expand Down
4 changes: 2 additions & 2 deletions third_party/versions.bzl
Expand Up @@ -14,6 +14,6 @@ SIPI_IMAGE_DIGEST = "sha256:67a0e8c16a67914f2765a1c7906e781383b835cfe72cd19c763b

# Jena Fuseki - digest takes precedence!
FUSEKI_REPOSITORY = "daschswiss/apache-jena-fuseki"
FUSEKI_VERSION = "2.0.4" # contains Fuseki 4.3.1
FUSEKI_VERSION = "2.0.5" # contains Fuseki 4.3.2 (with log4j 2.16.0)
FUSEKI_IMAGE = FUSEKI_REPOSITORY
FUSEKI_IMAGE_DIGEST = "sha256:1987685b11048b00d69873d6eca6f36de32f66e41431f2b87906aa17473501b4"
FUSEKI_IMAGE_DIGEST = "sha256:224b044b0486d78df123507efa1579d17c8455cabc26111dc1848c2049f57700"

0 comments on commit afb6587

Please sign in to comment.