Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-core): update OpeDJ version #9382

Merged
merged 1 commit into from
Sep 5, 2024
Merged

feat(jans-core): update OpeDJ version #9382

merged 1 commit into from
Sep 5, 2024

Conversation

yurem
Copy link
Contributor

@yurem yurem commented Sep 5, 2024

closes #9381

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@yurem
feat(jans-core): update OpeDJ version
e76a092 
Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
@yurem yurem requested a review from yuremm September 5, 2024 13:07
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Sep 5, 2024
edited
Loading

DryRun Security Summary

The GitHub Pull Request updates the dependencies and API endpoints for the Jans Config API application, including upgrading the OpenDJ directory server version, modifying the path parameters for the "Lock" component API endpoints, and updating the API endpoints for retrieving health, log, and telemetry records, while ensuring the security posture of the application is improved.

Expand for full summary

Summary:

The code changes in this GitHub Pull Request are focused on updating the dependencies and API endpoints for the Jans Config API application. The key changes include:

  1. Updating the version of the OpenDJ directory server from 4.5.1 to 4.5.3 in the app_info.json configuration file.
  2. Modifying the path parameters for the "Lock" component API endpoints to use a hyphen - as the separator instead of a dash.
  3. Updating the API endpoints for retrieving health, log, and telemetry records to use the new path parameter format.

From a security perspective, the changes appear to be positive steps towards improving the application's security posture. The API endpoints are secured using OAuth2 with various scopes, and the error handling provides meaningful feedback to clients. Additionally, the logging and auditing capabilities for the "Lock" component are important for security and compliance purposes. However, it's crucial to ensure that the external dependencies are being fetched from trusted sources and that their versions are kept up-to-date to address any known security vulnerabilities.

Files Changed:

  1. jans-linux-setup/jans_setup/app_info.json: This file contains various version numbers and URLs for dependencies used in the application. The change updates the OPENDJ_VERSION from 4.5.1 to 4.5.3, indicating an upgrade to the OpenDJ directory server version. The file also includes URLs for external dependencies, which should be reviewed to ensure they are from trusted sources and that the versions are kept up-to-date.
  2. jans-config-api/plugins/docs/lock-plugin-swagger.yaml: This file defines the API endpoints for the "Lock" component of the Jans Config API. The changes update the path parameters for the eventStartDate and eventEndDate to use a hyphen - as the separator instead of a dash, and update the API endpoints for retrieving health, log, and telemetry records to use the new path parameter format. The API endpoints are secured using OAuth2 with various scopes, and the error handling provides meaningful feedback to clients.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added comp-jans-config-api Component affected by issue or PR comp-jans-core Component affected by issue or PR comp-jans-linux-setup Component affected by issue or PR kind-feature Issue or PR is a new feature request labels Sep 5, 2024
@yuremm yuremm enabled auto-merge (squash) September 5, 2024 13:08
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Sep 5, 2024

Quality Gate Passed Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Sep 5, 2024

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@yuremm yuremm merged commit 447df58 into main Sep 5, 2024
13 checks passed
@yuremm yuremm deleted the opendj_update branch September 5, 2024 13:22
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@yurem
feat(jans-core): update OpeDJ version (#9382)
846af5f 
Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Former-commit-id: 447df58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyz yuriyz yuriyz approved these changes

@yuremm yuremm yuremm approved these changes

@devrimyatar devrimyatar Awaiting requested review from devrimyatar devrimyatar is a code owner

@yuriyzz yuriyzz Awaiting requested review from yuriyzz yuriyzz is a code owner

@pujavs pujavs Awaiting requested review from pujavs pujavs is a code owner

Assignees
No one assigned
Labels
comp-jans-config-api Component affected by issue or PR comp-jans-core Component affected by issue or PR comp-jans-linux-setup Component affected by issue or PR kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(jans-core): update opendj to 4.5.3 in CE/CN
4 participants
@yurem @yuriyz @yuremm @mo-auto