ddf
ddf copied to clipboard
codice
DDF Distributed Data Framework - an open source, modular integration framework.
### Description The 2.29.x itests running on java 11 are not all passing and some had to be ignored for now. This ticket is to review these tests to see...
#### What does this PR do? Bumps the karaf version to 4.4.7 Forward port of #6904 #### Who is reviewing it? @a-asaad @dcruver #### Select relevant component teams: @codice/build ####...
Bumps org.geotools:gt-wfs-ng from 24.6 to 28.6.1. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
#### What does this PR do? Upgrades Tika to version 3.1.0 Upgrades Pac4j to version 6.1.2 Upgrades Nimbus to version 11.24 Upgrades Bouncy Castle to version 1.80 Upgrades Apache POI...
### Description A pull request was opened to introduce multiarch images into the solr-docker module, however, it was determined that the current build pipeline supporting codice cannot leverage buildx based...
#### What does this PR do? Update solrcloud networking the docker builds and fix a javax activation dependency Build docker containers on a new base that has been updated with...
Bumps org.apache.commons:commons-lang3 from 3.12.0 to 3.18.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...
Bumps commons-fileupload:commons-fileupload from 1.3.3 to 1.6.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...
## Security Request: GeoTools Major Version Upgrade **Priority:** CRITICAL **CVSS:** 9.0+ (Multiple vulnerabilities) **Affected:** All geospatial functionality in DDF --- ## Problem GeoTools 24.6 contains **12+ CRITICAL CVEs** including XXE...
## Master Tracking: Security Dependency Upgrades This issue tracks all security-related dependency upgrades for DDF. --- ## Critical Priority (P0) - Immediate | Dependency | Current | Target | CVEs...