Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependencies to avoid CVE #2267

Merged
merged 1 commit into from
Sep 18, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -19,43 +19,111 @@

import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.curator.framework.CuratorFramework;
import org.apache.curator.framework.CuratorFrameworkFactory;
import org.apache.curator.framework.imps.CuratorFrameworkState;
import org.apache.curator.retry.ExponentialBackoffRetry;
import org.apache.curator.test.TestingServer;
import org.apache.shardingsphere.elasticjob.reg.exception.RegExceptionHandler;
import org.apache.zookeeper.KeeperException;

import java.io.File;
import java.io.IOException;
import java.util.Collection;
import java.util.concurrent.TimeUnit;

@NoArgsConstructor(access = AccessLevel.PRIVATE)
@Slf4j
public final class EmbedTestingServer {

private static final int PORT = 10181;

private static volatile TestingServer testingServer;


private static final Object INIT_LOCK = new Object();

/**
* Start the embed server.
* Start embed zookeeper server.
*/
public static void start() {
if (null != testingServer) {
log.info("Embed zookeeper server already exists 1, on {}", testingServer.getConnectString());
return;
}
log.info("Starting embed zookeeper server...");
synchronized (INIT_LOCK) {
if (null != testingServer) {
log.info("Embed zookeeper server already exists 2, on {}", testingServer.getConnectString());
return;
}
start0();
waitTestingServerReady();
}
}

private static void start0() {
try {
testingServer = new TestingServer(PORT, new File(String.format("target/test_zk_data/%s/", System.nanoTime())));
testingServer = new TestingServer(PORT, true);
// CHECKSTYLE:OFF
} catch (final Exception ex) {
// CHECKSTYLE:ON
RegExceptionHandler.handleException(ex);
if (!isIgnoredException(ex)) {
throw new RuntimeException(ex);
} else {
log.warn("Start embed zookeeper server got exception: {}", ex.getMessage());
}
} finally {
Runtime.getRuntime().addShutdownHook(new Thread(() -> {
try {
testingServer.close();
} catch (final IOException ex) {
RegExceptionHandler.handleException(ex);
} catch (final IOException ignored) {
}
log.info("Close embed zookeeper server done");
}));
}
}


private static void waitTestingServerReady() {
int maxRetries = 60;
try (CuratorFramework client = buildCuratorClient()) {
client.start();
int round = 0;
while (round < maxRetries) {
try {
if (client.getZookeeperClient().isConnected()) {
log.info("client is connected");
break;
}
if (client.blockUntilConnected(500, TimeUnit.MILLISECONDS)) {
CuratorFrameworkState state = client.getState();
Collection<String> childrenKeys = client.getChildren().forPath("/");
log.info("TestingServer connected, state={}, childrenKeys={}", state, childrenKeys);
break;
}
// CHECKSTYLE:OFF
} catch (final Exception ignored) {
// CHECKSTYLE:ON
}
++round;
}
}
}

private static CuratorFramework buildCuratorClient() {
CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
int retryIntervalMilliseconds = 500;
int maxRetries = 3;
builder.connectString(getConnectionString())
.retryPolicy(new ExponentialBackoffRetry(retryIntervalMilliseconds, maxRetries, retryIntervalMilliseconds * maxRetries))
.namespace("test");
builder.sessionTimeoutMs(60 * 1000);
builder.connectionTimeoutMs(500);
return builder.build();
}

private static boolean isIgnoredException(final Throwable cause) {
return cause instanceof KeeperException.ConnectionLossException || cause instanceof KeeperException.NoNodeException || cause instanceof KeeperException.NodeExistsException;
}

/**
* Get the connection string.
*
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -216,44 +216,44 @@ The following components are provided under the Apache License. See project link
The text of each license is the standard Apache 2.0 license.

audience-annotations 0.5.0: https://github.com/apache/yetus, Apache 2.0
commons-codec 1.10: https://github.com/apache/commons-codec, Apache 2.0
commons-dbcp2 2.9.0: https://github.com/apache/commons-dbcp, Apache 2.0
commons-codec 1.16.0: https://github.com/apache/commons-codec, Apache 2.0
commons-dbcp2 2.11.1: https://github.com/apache/commons-dbcp, Apache 2.0
commons-exec 1.3: http://commons.apache.org/proper/commons-exec, Apache 2.0
commons-lang 2.6: https://github.com/apache/commons-lang, Apache 2.0
commons-lang3 3.4: https://github.com/apache/commons-lang, Apache 2.0
commons-logging 1.2: https://github.com/apache/commons-logging, Apache 2.0
commons-pool2 2.8.1: https://github.com/apache/commons-pool, Apache 2.0
curator-client 5.1.0: https://github.com/apache/curator, Apache 2.0
curator-framework 5.1.0: https://github.com/apache/curator, Apache 2.0
curator-recipes 5.1.0: https://github.com/apache/curator, Apache 2.0
curator-client 5.5.0: https://github.com/apache/curator, Apache 2.0
curator-framework 5.5.0: https://github.com/apache/curator, Apache 2.0
curator-recipes 5.5.0: https://github.com/apache/curator, Apache 2.0
error_prone_annotations 2.3.4: https://github.com/google/error-prone, Apache 2.0
failureaccess 1.0.1:https://github.com/google/guava, Apache 2.0
fenzo-core 0.11.1: https://github.com/Netflix/Fenzo, Apache 2.0
gson 2.6.1: https://github.com/google/gson, Apache 2.0
guava 29.0-jre: https://github.com/google/guava, Apache 2.0
fenzo-core 1.0.1: https://github.com/Netflix/Fenzo, Apache 2.0
gson 2.10.1: https://github.com/google/gson, Apache 2.0
guava 30.0-jre: https://github.com/google/guava, Apache 2.0
HikariCP-java7 2.4.13: https://github.com/brettwooldridge/HikariCP, Apache 2.0
httpclient 4.5.13: https://github.com/apache/httpcomponents-client, Apache 2.0
httpcore 4.4.13: https://github.com/apache/httpcomponents-core, Apache 2.0
httpclient 4.5.14: https://github.com/apache/httpcomponents-client, Apache 2.0
httpcore 4.4.16: https://github.com/apache/httpcomponents-core, Apache 2.0
jackson-annotations 2.4.0: https://github.com/FasterXML/jackson-annotations, Apache 2.0
jackson-core 2.4.5: https://github.com/FasterXML/jackson-core, Apache 2.0
jackson-databind 2.4.5: https://github.com/FasterXML/jackson-core, Apache 2.0
listenablefuture 9999.0-empty-to-avoid-conflict-with-guava:https://github.com/google/guava, Apache 2.0
log4j 1.2.17: http://logging.apache.org/log4j/1.2/, Apache 2.0
log4j-over-slf4j 1.7.7: https://github.com/qos-ch/slf4j, Apache 2.0
mesos 1.1.0: http://mesos.apache.org/, Apache 2.0
netty-buffer 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-codec 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-codec-http 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-common 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-handler 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-resolver 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-transport 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-transport-native-epoll 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-transport-native-unix-common 4.1.45.Final: https://github.com/netty, Apache 2.0
log4j-over-slf4j 1.7.36: https://github.com/qos-ch/slf4j, Apache 2.0
mesos 1.11.0: http://mesos.apache.org/, Apache 2.0
netty-buffer 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-codec 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-codec-http 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-common 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-handler 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-resolver 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-transport 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-transport-native-epoll 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-transport-native-unix-common 4.1.97.Final: https://github.com/netty, Apache 2.0
quartz 2.3.2: https://github.com/quartz-scheduler/quartz, Apache 2.0
snakeyaml 1.26: http://www.snakeyaml.org, Apache 2.0
zookeeper 3.6.0: https://github.com/apache/zookeeper, Apache 2.0
zookeeper-jute 3.6.0: https://github.com/apache/zookeeper, Apache 2.0
snakeyaml 2.0: https://bitbucket.org/snakeyaml/snakeyaml/src, Apache 2.0
zookeeper 3.9.0: https://github.com/apache/zookeeper, Apache 2.0
zookeeper-jute 3.9.0: https://github.com/apache/zookeeper, Apache 2.0

========================================================================
EPL licenses
Expand All @@ -264,8 +264,8 @@ The text of each license is also included at licenses/LICENSE-[project].txt.

jakarta.annotation-api 1.3.5: https://github.com/eclipse-ee4j/common-annotations-api, EPL 2.0
jakarta.el 3.0.3: https://github.com/eclipse-ee4j/el-ri, EPL 2.0
logback-classic 1.2.3: https://github.com/qos-ch/logback, EPL 1.0
logback-core 1.2.3: https://github.com/qos-ch/logback, EPL 1.0
logback-classic 1.2.12: https://github.com/qos-ch/logback, EPL 1.0
logback-core 1.2.12: https://github.com/qos-ch/logback, EPL 1.0
mchange-commons-java 0.2.15: https://github.com/swaldman/mchange-commons-java/tree/mchange-commons-java-0.2.15, EPL 1.0

========================================================================
Expand All @@ -276,6 +276,6 @@ The following components are provided under the MIT License. See project link fo
The text of each license is also included at licenses/LICENSE-[project].txt.

checker-qual 2.11.1: https://github.com/typetools/checker-framework, MIT
jcl-over-slf4j 1.7.7: https://github.com/qos-ch/slf4j, MIT
jul-to-slf4j 1.7.7: https://github.com/qos-ch/slf4j, MIT
slf4j-api 1.7.7: https://github.com/qos-ch/slf4j, MIT
jcl-over-slf4j 1.7.36: https://github.com/qos-ch/slf4j, MIT
jul-to-slf4j 1.7.36: https://github.com/qos-ch/slf4j, MIT
slf4j-api 1.7.36: https://github.com/qos-ch/slf4j, MIT
Original file line number Diff line number Diff line change
Expand Up @@ -19,50 +19,118 @@

import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.curator.framework.CuratorFramework;
import org.apache.curator.framework.CuratorFrameworkFactory;
import org.apache.curator.framework.imps.CuratorFrameworkState;
import org.apache.curator.retry.ExponentialBackoffRetry;
import org.apache.curator.test.TestingServer;
import org.apache.shardingsphere.elasticjob.reg.exception.RegExceptionHandler;
import org.apache.zookeeper.KeeperException;

import java.io.File;
import java.io.IOException;
import java.util.Collection;
import java.util.concurrent.TimeUnit;

@Slf4j
@NoArgsConstructor(access = AccessLevel.PRIVATE)
public final class EmbedTestingServer {

private static final int PORT = 9181;

private static volatile TestingServer testingServer;

/**
* Get the connection string.
*
* @return connection string
*/
public static String getConnectionString() {
return "localhost:" + PORT;
}


private static final Object INIT_LOCK = new Object();

/**
* Start the server.
* Start embed zookeeper server.
*/
public static void start() {
if (null != testingServer) {
log.info("Embed zookeeper server already exists 1, on {}", testingServer.getConnectString());
return;
}
log.info("Starting embed zookeeper server...");
synchronized (INIT_LOCK) {
if (null != testingServer) {
log.info("Embed zookeeper server already exists 2, on {}", testingServer.getConnectString());
return;
}
start0();
waitTestingServerReady();
}
}

private static void start0() {
try {
testingServer = new TestingServer(PORT, new File(String.format("target/test_zk_data/%s/", System.nanoTime())));
testingServer = new TestingServer(PORT, true);
// CHECKSTYLE:OFF
} catch (final Exception ex) {
// CHECKSTYLE:ON
RegExceptionHandler.handleException(ex);
if (!isIgnoredException(ex)) {
throw new RuntimeException(ex);
} else {
log.warn("Start embed zookeeper server got exception: {}", ex.getMessage());
}
} finally {
Runtime.getRuntime().addShutdownHook(new Thread(() -> {
try {
testingServer.close();
} catch (final IOException ex) {
RegExceptionHandler.handleException(ex);
} catch (final IOException ignored) {
}
log.info("Close embed zookeeper server done");
}));
}
}

private static void waitTestingServerReady() {
int maxRetries = 60;
try (CuratorFramework client = buildCuratorClient()) {
client.start();
int round = 0;
while (round < maxRetries) {
try {
if (client.getZookeeperClient().isConnected()) {
log.info("client is connected");
break;
}
if (client.blockUntilConnected(500, TimeUnit.MILLISECONDS)) {
CuratorFrameworkState state = client.getState();
Collection<String> childrenKeys = client.getChildren().forPath("/");
log.info("TestingServer connected, state={}, childrenKeys={}", state, childrenKeys);
break;
}
// CHECKSTYLE:OFF
} catch (final Exception ignored) {
// CHECKSTYLE:ON
}
++round;
}
}
}

private static CuratorFramework buildCuratorClient() {
CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
int retryIntervalMilliseconds = 500;
int maxRetries = 3;
builder.connectString(getConnectionString())
.retryPolicy(new ExponentialBackoffRetry(retryIntervalMilliseconds, maxRetries, retryIntervalMilliseconds * maxRetries))
.namespace("test");
builder.sessionTimeoutMs(60 * 1000);
builder.connectionTimeoutMs(500);
return builder.build();
}

private static boolean isIgnoredException(final Throwable cause) {
return cause instanceof KeeperException.ConnectionLossException || cause instanceof KeeperException.NoNodeException || cause instanceof KeeperException.NodeExistsException;
}

/**
* Get the connection string.
*
* @return connection string
*/
public static String getConnectionString() {
return "localhost:" + PORT;
}
}

Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
package org.apache.shardingsphere.elasticjob.lite.internal.server;

import com.google.common.base.Strings;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shardingsphere.elasticjob.lite.internal.instance.InstanceNode;
import org.apache.shardingsphere.elasticjob.lite.internal.schedule.JobRegistry;
import org.apache.shardingsphere.elasticjob.lite.internal.storage.JobNodeStorage;
Expand Down
Loading