This is an automated email from the ASF dual-hosted git repository.
jcabrerizo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-server.git
The following commit(s) were added to refs/heads/master by this push:
new 0c34ed594c update snakeyaml to latest version; same for jackson and
cxf to use latest snakeyaml
new 96cad205cf Merge pull request #1413 from ahgittin/bump-snakeyaml-22
0c34ed594c is described below
commit 0c34ed594caba03a6aa8f8ab558cd3201eebbe16
Author: Alex Heneveld <a...@cloudsoft.io>
AuthorDate: Thu Jan 4 16:23:40 2024 +0000
update snakeyaml to latest version; same for jackson and cxf to use latest
snakeyaml
---
.../core/json/ConfigurableSerializerProvider.java | 7 ++++
pom.xml | 6 ++--
.../brooklyn/tasks/kubectl/KubeJobFileCreator.java | 22 +++++++-----
.../java/org/apache/brooklyn/util/yaml/Yamls.java | 41 +++++++++++-----------
.../org/apache/brooklyn/util/yaml/YamlsTest.java | 33 +++++++++++++++--
5 files changed, 74 insertions(+), 35 deletions(-)
diff --git
a/core/src/main/java/org/apache/brooklyn/util/core/json/ConfigurableSerializerProvider.java
b/core/src/main/java/org/apache/brooklyn/util/core/json/ConfigurableSerializerProvider.java
index f2b45831c3..8cba89ff8b 100644
---
a/core/src/main/java/org/apache/brooklyn/util/core/json/ConfigurableSerializerProvider.java
+++
b/core/src/main/java/org/apache/brooklyn/util/core/json/ConfigurableSerializerProvider.java
@@ -20,6 +20,7 @@ package org.apache.brooklyn.util.core.json;
import java.io.IOException;
+import com.fasterxml.jackson.databind.cfg.CacheProvider;
import org.apache.brooklyn.util.exceptions.Exceptions;
import com.fasterxml.jackson.core.JsonGenerator;
@@ -47,6 +48,12 @@ final class ConfigurableSerializerProvider extends
DefaultSerializerProvider {
return new ConfigurableSerializerProvider(config, this, jsf);
}
+ @Override
+ public DefaultSerializerProvider withCaches(CacheProvider cacheProvider) {
+ // would need to support fluency in this class to support
+ throw new IllegalStateException("Caches not supported for this
serializer provider");
+ }
+
public ConfigurableSerializerProvider(SerializationConfig config,
ConfigurableSerializerProvider src, SerializerFactory jsf) {
super(src, config, jsf);
unknownTypeSerializer = src.unknownTypeSerializer;
diff --git a/pom.xml b/pom.xml
index 440e84e64d..1b130c7293 100644
--- a/pom.xml
+++ b/pom.xml
@@ -130,7 +130,7 @@
<jakarta.activation.version>1.2.2</jakarta.activation.version>
<jakarta.mail.version>1.6.5</jakarta.mail.version> <!-- used by karaf
-->
<!-- double-check downstream projects before changing jackson version
-->
- <fasterxml.jackson.version>2.14.1</fasterxml.jackson.version>
+ <fasterxml.jackson.version>2.16.1</fasterxml.jackson.version>
<cxf.version>3.4.10</cxf.version>
<httpcomponents.httpclient.version>4.5.13</httpcomponents.httpclient.version>
<!-- To match apache-cxf-3.4.10-features.xml -->
<httpcomponents.httpcore.version>4.4.15</httpcomponents.httpcore.version> <!--
To match cxf -->
@@ -140,8 +140,8 @@
<groovy.version>2.4.21</groovy.version> <!-- 2.4 seems to be an LTS;
later versions switch to using a pom not a jar for groovy all, then in 4 to
using modules and hosted at apache rather than codehaus; note the
groovy-eclipse-complier versions below -->
<groovy-eclipse-compiler.version>2.9.1-01</groovy-eclipse-compiler.version>
<!-- see
https://github.com/groovy/groovy-eclipse/wiki/Groovy-Eclipse-2.9.1-Release-Notes
-->
<groovy-eclipse-batch.version>2.4.21-01</groovy-eclipse-batch.version>
- <snakeyaml.version>1.33</snakeyaml.version> <!-- align with cxf,
jackson-dataformat-yaml -->
- <snakeyaml.jclouds.version>1.26</snakeyaml.jclouds.version> <!--
jclouds 2.4 imports this -->
+ <snakeyaml.version>2.2</snakeyaml.version> <!-- should match:
cxf-parent, jackson-dataformat-yaml (both of which seem to update regularly) -->
+ <snakeyaml.jclouds.version>1.26</snakeyaml.jclouds.version> <!--
jclouds 2.4 imports this; used for exclusion; yaml in jclouds might be broken
as we are long past this -->
<!-- Next version of swagger requires changes to how path mapping and
scanner injection are done. -->
<swagger.version>1.6.2</swagger.version>
<mx4j.version>3.0.1</mx4j.version>
diff --git
a/software/base/src/main/java/org/apache/brooklyn/tasks/kubectl/KubeJobFileCreator.java
b/software/base/src/main/java/org/apache/brooklyn/tasks/kubectl/KubeJobFileCreator.java
index ac411c34d1..a769578880 100644
---
a/software/base/src/main/java/org/apache/brooklyn/tasks/kubectl/KubeJobFileCreator.java
+++
b/software/base/src/main/java/org/apache/brooklyn/tasks/kubectl/KubeJobFileCreator.java
@@ -18,6 +18,18 @@
*/
package org.apache.brooklyn.tasks.kubectl;
+import java.io.File;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.io.Writer;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import org.apache.brooklyn.core.mgmt.ha.BrooklynBomOsgiArchiveInstaller;
@@ -31,14 +43,6 @@ import org.yaml.snakeyaml.nodes.NodeTuple;
import org.yaml.snakeyaml.nodes.Tag;
import org.yaml.snakeyaml.representer.Representer;
-import java.io.File;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.io.StringWriter;
-import java.io.Writer;
-import java.util.*;
-import java.util.stream.Collectors;
-
/**
* This was needed to ensure our Kubernetes Yaml Job configurations are valid.
*/
@@ -210,7 +214,7 @@ public class KubeJobFileCreator {
options.setIndent(2);
options.setPrettyFlow(true);
options.setDefaultFlowStyle(DumperOptions.FlowStyle.BLOCK);
- Representer representer = new Representer(){
+ Representer representer = new Representer(options){
@Override
protected NodeTuple representJavaBeanProperty(Object javaBean,
Property property, Object propertyValue, Tag customTag) {
// if value of property is null, ignore it.
diff --git
a/utils/common/src/main/java/org/apache/brooklyn/util/yaml/Yamls.java
b/utils/common/src/main/java/org/apache/brooklyn/util/yaml/Yamls.java
index 05a016726e..aa11aa548f 100644
--- a/utils/common/src/main/java/org/apache/brooklyn/util/yaml/Yamls.java
+++ b/utils/common/src/main/java/org/apache/brooklyn/util/yaml/Yamls.java
@@ -18,7 +18,6 @@
*/
package org.apache.brooklyn.util.yaml;
-import com.google.common.base.Function;
import java.io.Reader;
import java.io.StringReader;
import java.util.ArrayList;
@@ -28,11 +27,13 @@ import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.concurrent.atomic.AtomicBoolean;
-
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.annotation.Nullable;
+import com.google.common.annotations.Beta;
+import com.google.common.base.Function;
+import com.google.common.collect.Iterables;
import org.apache.brooklyn.util.collections.Jsonya;
import org.apache.brooklyn.util.collections.MutableList;
import org.apache.brooklyn.util.exceptions.Exceptions;
@@ -42,20 +43,18 @@ import
org.apache.brooklyn.util.javalang.coerce.PrimitiveStringTypeCoercions;
import org.apache.brooklyn.util.text.Strings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.yaml.snakeyaml.LoaderOptions;
import org.yaml.snakeyaml.Yaml;
-import org.yaml.snakeyaml.constructor.BaseConstructor;
import org.yaml.snakeyaml.constructor.Constructor;
import org.yaml.snakeyaml.constructor.SafeConstructor;
import org.yaml.snakeyaml.error.Mark;
+import org.yaml.snakeyaml.inspector.TagInspector;
import org.yaml.snakeyaml.nodes.MappingNode;
import org.yaml.snakeyaml.nodes.Node;
import org.yaml.snakeyaml.nodes.NodeId;
import org.yaml.snakeyaml.nodes.NodeTuple;
import org.yaml.snakeyaml.nodes.ScalarNode;
import org.yaml.snakeyaml.nodes.SequenceNode;
-
-import com.google.common.annotations.Beta;
-import com.google.common.collect.Iterables;
import org.yaml.snakeyaml.nodes.Tag;
public class Yamls {
@@ -63,27 +62,27 @@ public class Yamls {
private static final Logger log = LoggerFactory.getLogger(Yamls.class);
private static Yaml newYaml() {
- BaseConstructor constructor;
- if (BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.isEnabled()) {
- // allows instantiation of arbitrary Java types;
- constructor = new Constructor() {
-
- };
- } else {
- constructor = new SafeConstructor() {
+ LoaderOptions loaderOptions = new LoaderOptions();
- };
+ if (BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.isEnabled()) {
+ loaderOptions.setTagInspector(new TagInspector() {
+ @Override
+ public boolean isGlobalTagAllowed(Tag tag) {
+ return true;
+ }
+ });
}
+
return new Yaml(
BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.isEnabled()
- ? new ConstructorExcludingNonNumbers() // allows
instantiation of arbitrary Java types
- : new SafeConstructorExcludingNonNumbers() // allows
instantiation of limited set of types only
+ ? new ConstructorExcludingNonNumbers(loaderOptions) //
allows instantiation of arbitrary Java types
+ : new
SafeConstructorExcludingNonNumbers(loaderOptions) // allows instantiation of
limited set of types only
);
}
private static class ConstructorExcludingNonNumbers extends Constructor {
- public ConstructorExcludingNonNumbers() {
- super();
+ public ConstructorExcludingNonNumbers(LoaderOptions loaderOptions) {
+ super(loaderOptions);
this.yamlConstructors.put(Tag.FLOAT, new
ConstructYamlFloatExcludingNonNumbers());
}
class ConstructYamlFloatExcludingNonNumbers extends ConstructYamlFloat
{
@@ -95,8 +94,8 @@ public class Yamls {
}
private static class SafeConstructorExcludingNonNumbers extends
SafeConstructor {
- public SafeConstructorExcludingNonNumbers() {
- super();
+ public SafeConstructorExcludingNonNumbers(LoaderOptions loaderOptions)
{
+ super(loaderOptions);
this.yamlConstructors.put(Tag.FLOAT, new
ConstructYamlFloatExcludingNonNumbers());
}
class ConstructYamlFloatExcludingNonNumbers extends ConstructYamlFloat
{
diff --git
a/utils/common/src/test/java/org/apache/brooklyn/util/yaml/YamlsTest.java
b/utils/common/src/test/java/org/apache/brooklyn/util/yaml/YamlsTest.java
index b1d868b289..b80e8d0ba4 100644
--- a/utils/common/src/test/java/org/apache/brooklyn/util/yaml/YamlsTest.java
+++ b/utils/common/src/test/java/org/apache/brooklyn/util/yaml/YamlsTest.java
@@ -21,6 +21,7 @@ package org.apache.brooklyn.util.yaml;
import static org.testng.Assert.assertEquals;
import static org.testng.Assert.assertFalse;
+import java.util.Date;
import java.util.Iterator;
import java.util.List;
@@ -36,6 +37,7 @@ import org.yaml.snakeyaml.constructor.ConstructorException;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
+import org.yaml.snakeyaml.error.MarkedYAMLException;
public class YamlsTest {
@@ -196,8 +198,35 @@ public class YamlsTest {
"month: 12\n" +
"year: 2016");
Asserts.shouldHaveFailedPreviously("Expected exception: " +
ConstructorException.class.getCanonicalName());
- } catch(ConstructorException e) {
- Asserts.expectedFailureContains(e, "could not determine a
constructor");
+ } catch (MarkedYAMLException e) {
+ Asserts.expectedFailureContains(e,
+ // with 2.2:
+ "Global tag is not allowed",
"tag:yaml.org,2002:java.util.Date"
+ // with 1.33: "could not determine a constructor"
+ );
+ }
+ }
+
+ @Test
+ public void testUnsafeYaml() throws Exception {
+
assertFalse(BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.isEnabled(),
+ "Set property to false (or do not set at all): " +
BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.getPropertyName());
+
+ try {
+
System.setProperty(BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.getPropertyName(),
"true");
+
Asserts.assertTrue(BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.isEnabled());
+
+ Object d = Yamls.parseAll("!!java.util.Date\n" +
+ "date: 25\n" +
+ "month: 12\n" +
+ "year: 2016").iterator().next();
+ Asserts.assertInstanceOf(d, Date.class);
+
+ } finally {
+
System.clearProperty(BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.getPropertyName());
+
+
assertFalse(BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.isEnabled(),
+ "Set property to false (or do not set at all): " +
BrooklynSystemProperties.YAML_TYPE_INSTANTIATION.getPropertyName());
}
}
