#192 #193: Upgrade dependencies (#194)

* #192 #193: Upgrade dependencies * Run PK fix * Update changelog
exasol · Feb 12, 2025 · 1cf1798 · 1cf1798
1 parent 04f89e9
commit 1cf1798
Show file tree

Hide file tree

Showing 13 changed files with 131 additions and 75 deletions.
diff --git a/.github/workflows/broken_links_checker.yml b/.github/workflows/broken_links_checker.yml
diff --git a/.github/workflows/ci-build-next-java.yml b/.github/workflows/ci-build-next-java.yml
diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml
diff --git a/.project-keeper.yml b/.project-keeper.yml
@@ -6,8 +6,8 @@ sources:
       - integration_tests
       - udf_coverage
 build:
+  # UDFs in Exasol 7.1 require Ubuntu 20.04
   runnerOs: ubuntu-20.04
-  freeDiskSpace: false
   exasolDbVersions:
     - "8.31.0" # Tests fail with 8.32.0, see https://github.com/exasol/virtual-schema-common-document/issues/193
     - "7.1.30"
diff --git a/.settings/org.eclipse.jdt.core.prefs b/.settings/org.eclipse.jdt.core.prefs
diff --git a/dependencies.md b/dependencies.md
diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md
diff --git a/doc/changes/changes_3.2.4.md b/doc/changes/changes_3.2.4.md
@@ -0,0 +1,42 @@
+# Virtual Schema for Amazon DynamoDB 3.2.4, released 2025-02-12
+
+Code name: Fix vulnerabilities CVE-2025-25193 and CVE-2025-24970 in dependencies
+
+## Summary
+
+This release fixes the following vulnerabilities in dependencies:
+
+* `io.netty:netty-common:jar:4.1.115.Final`: CVE-2025-25193
+* `io.netty:netty-handler:jar:4.1.115.Final`: CVE-2025-24970
+
+## Security
+
+* #193: Fixed CVE-2025-25193 in `io.netty:netty-common:jar:4.1.115.Final`
+* #192: Fixed CVE-2025-24970 in `io.netty:netty-handler:jar:4.1.115.Final`
+
+## Dependency Updates
+
+### Compile Dependency Updates
+
+* Updated `com.exasol:virtual-schema-common-document:11.0.1` to `11.0.2`
+* Updated `software.amazon.awssdk:dynamodb:2.29.16` to `2.30.18`
+
+### Test Dependency Updates
+
+* Updated `com.exasol:exasol-testcontainers:7.1.1` to `7.1.3`
+* Updated `com.exasol:udf-debugging-java:0.6.13` to `0.6.14`
+* Updated `com.exasol:virtual-schema-common-document:11.0.1` to `11.0.2`
+* Updated `nl.jqno.equalsverifier:equalsverifier:3.17.3` to `3.19`
+* Updated `org.junit.jupiter:junit-jupiter-params:5.11.3` to `5.11.4`
+* Updated `org.mockito:mockito-junit-jupiter:5.14.2` to `5.15.2`
+* Updated `org.testcontainers:junit-jupiter:1.20.3` to `1.20.4`
+
+### Plugin Dependency Updates
+
+* Updated `com.exasol:project-keeper-maven-plugin:4.4.0` to `4.5.0`
+* Updated `org.apache.maven.plugins:maven-dependency-plugin:3.8.0` to `3.8.1`
+* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.5.1` to `3.5.2`
+* Updated `org.apache.maven.plugins:maven-site-plugin:3.9.1` to `3.21.0`
+* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.5.1` to `3.5.2`
+* Updated `org.codehaus.mojo:versions-maven-plugin:2.17.1` to `2.18.0`
+* Updated `org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121` to `5.0.0.4389`
diff --git a/doc/hands_on/hands_on_dynamodb_vs.md b/doc/hands_on/hands_on_dynamodb_vs.md
@@ -135,7 +135,7 @@ Steps:
 1. [Create a Bucket in BucketFS](https://docs.exasol.com/administration/on-premise/bucketfs/create_new_bucket_in_bucketfs_service.htm)
 1. Upload the adapter to the BucketFS:
    ```shell
-   curl -I -X PUT -T document-virtual-schema-dist-11.0.1-dynamodb-3.2.3.jar http://w:writepw@<YOUR_DB_IP>:2580/default/
+   curl -I -X PUT -T document-virtual-schema-dist-11.0.2-dynamodb-3.2.4.jar http://w:writepw@<YOUR_DB_IP>:2580/default/
    ```
 1. Create a schema to hold the adapter script:
    ```sql
@@ -145,7 +145,7 @@ Steps:
     ```sql
     CREATE OR REPLACE JAVA ADAPTER SCRIPT ADAPTER.DYNAMODB_ADAPTER AS
        %scriptclass com.exasol.adapter.RequestDispatcher;
-       %jar /buckets/bfsdefault/default/document-virtual-schema-dist-11.0.1-dynamodb-3.2.3.jar;
+       %jar /buckets/bfsdefault/default/document-virtual-schema-dist-11.0.2-dynamodb-3.2.4.jar;
     /
     ```
 1. Create UDF:
@@ -156,7 +156,7 @@ Steps:
       CONNECTION_NAME VARCHAR(500))
       EMITS(...) AS
         %scriptclass com.exasol.adapter.document.UdfEntryPoint;
-        %jar /buckets/bfsdefault/default/document-virtual-schema-dist-11.0.1-dynamodb-3.2.3.jar;
+        %jar /buckets/bfsdefault/default/document-virtual-schema-dist-11.0.2-dynamodb-3.2.4.jar;
     /
    ```
 

diff --git a/doc/user-guide/user_guide.md b/doc/user-guide/user_guide.md
@@ -17,7 +17,7 @@ Next create the Adapter Script:
 ```sql
 CREATE OR REPLACE JAVA ADAPTER SCRIPT ADAPTER.DYNAMODB_ADAPTER AS
     %scriptclass com.exasol.adapter.RequestDispatcher;
-    %jar /buckets/bfsdefault/default/document-virtual-schema-dist-11.0.1-dynamodb-3.2.3.jar;
+    %jar /buckets/bfsdefault/default/document-virtual-schema-dist-11.0.2-dynamodb-3.2.4.jar;
 /
 ```
 
@@ -31,7 +31,7 @@ CREATE OR REPLACE JAVA SET SCRIPT ADAPTER.IMPORT_FROM_DYNAMO_DB(
   CONNECTION_NAME VARCHAR(500))
   EMITS(...) AS
     %scriptclass com.exasol.adapter.document.UdfEntryPoint;
-    %jar /buckets/bfsdefault/default/document-virtual-schema-dist-11.0.1-dynamodb-3.2.3.jar;
+    %jar /buckets/bfsdefault/default/document-virtual-schema-dist-11.0.2-dynamodb-3.2.4.jar;
 /
 ```
 

diff --git a/pk_generated_parent.pom b/pk_generated_parent.pom