Add management of 'websocket-client' to resolve CVE-2021-28169 (#162)

sbabcoc · Jun 25, 2021 · eb57e27 · eb57e27
1 parent de0fb5e
commit eb57e27
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/build.gradle b/build.gradle
@@ -295,6 +295,7 @@ dependencies {
   compile 'org.jsoup:jsoup:1.12.1'
   compile('org.hamcrest:hamcrest-core:2.2') { force = true }
   compile('org.yaml:snakeyaml:1.28') { force = true }
+  compile('org.eclipse.jetty.websocket:websocket-client:9.4.42.v20210604') { force = true }
 
   apply from: "${profile}Deps.gradle"
 

diff --git a/pom.xml b/pom.xml
@@ -55,6 +55,8 @@
     <hamcrest.version>2.2</hamcrest.version>
     <!-- managed to resolve identified threat -->
     <snakeyaml.version>1.28</snakeyaml.version>
+    <!-- managed to resolve identified threat -->
+    <websocket-client.version>9.4.42.v20210604</websocket-client.version>
   </properties>
 
   <scm>
@@ -101,6 +103,11 @@
         <artifactId>snakeyaml</artifactId>
         <version>${snakeyaml.version}</version>
       </dependency>
+      <dependency>
+        <groupId>org.eclipse.jetty.websocket</groupId>
+        <artifactId>websocket-client</artifactId>
+        <version>${websocket-client.version}</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>
   <dependencies>
@@ -154,8 +161,6 @@
         <bouncycastle.version>1.68</bouncycastle.version>
         <!-- managed to resolve identified threat -->
         <httpcomponents.version>4.5.13</httpcomponents.version>
-        <!-- managed to resolve identified threat -->
-        <jetty.version>9.4.41.v20210516</jetty.version>
       </properties>
       <dependencyManagement>
         <dependencies>
@@ -224,11 +229,6 @@
             <artifactId>httpclient</artifactId>
             <version>${httpcomponents.version}</version>
           </dependency>
-          <dependency>
-            <groupId>org.eclipse.jetty.websocket</groupId>
-            <artifactId>websocket-client</artifactId>
-            <version>${jetty.version}</version>
-          </dependency>
         </dependencies>
       </dependencyManagement>
       <dependencies>

diff --git a/selenium2Deps.gradle b/selenium2Deps.gradle
@@ -20,7 +20,6 @@ dependencies {
   selenium2Compile('org.bouncycastle:bcprov-jdk15on:1.68') { force = true }
   selenium2Compile('org.apache.httpcomponents:httpmime:4.5.13') { force = true }
   selenium2Compile('org.apache.httpcomponents:httpclient:4.5.13') { force = true }
-  selenium2Compile('org.eclipse.jetty.websocket:websocket-client:9.4.41.v20210516') { force = true }
   testCompile 'org.seleniumhq.selenium:htmlunit-driver:2.21'
   testCompile 'org.mockito:mockito-core:2.25.0'
 }