chore: CRW-3802 CRW-3803 update to com.fasterxml.jackson 2.14.1 to fix CVEs

[nickboldt]

What does this PR do?

chore: CRW-3802 CRW-3803 update to com.fasterxml.jackson 2.14.1 to fix CVEs

Change-Id: I4b146c16536741751146a9700eea1027064015f0
Signed-off-by: Nick Boldt nboldt@redhat.com

Screenshot/screencast of this PR

N/A

What issues does this PR fix or reference?

https://issues.redhat.com/browse/CRW-3803
https://issues.redhat.com/browse/CRW-3802

How to test this PR?

N/A

PR Checklist

As the author of this Pull Request I made sure that:

• The Eclipse Contributor Agreement is valid
• Code produced is complete
• Code builds without errors
• Tests are covering the bugfix
• The repository devfile is up to date and works, if one exists
• Sections What issues does this PR fix or reference and How to test this PR completed
• Relevant user documentation updated
• Relevant contributing documentation updated
• CI/CD changes implemented, documented and communicated

Reviewers

Reviewers, please comment how you tested the PR when approving it.

[nickboldt]

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.1:testCompile (default-testCompile) on project che-core-api-workspace: Compilation failure
[ERROR] /home/nboldt/5-Che/0.github_upstream/che-server/wsmaster/che-core-api-workspace/src/test/java/org/eclipse/che/api/workspace/server/devfile/DevfileParserTest.java:[197,44] reference to treeToValue is ambiguous
[ERROR]   both method <T>treeToValue(com.fasterxml.jackson.core.TreeNode,java.lang.Class<T>) in com.fasterxml.jackson.databind.ObjectMapper and method <T>treeToValue(com.fasterxml.jackson.core.TreeNode,com.fasterxml.jackson.databind.JavaType) in com.fasterxml.jackson.databind.ObjectMapper match

Not sure how to fix this in https://github.com/eclipse-che/che-server/blob/CRW-3802/wsmaster/che-core-api-workspace/src/test/java/org/eclipse/che/api/workspace/server/devfile/DevfileParserTest.java#L197

Any advice from Java experts / former code owners like @vinokurig @skabashnyuk @sparkoo @mshaposhnik @amisevsk ?

[vinokurig]

che-server/wsmaster/che-core-api-workspace/src/test/java/org/eclipse/che/api/workspace/server/devfile/DevfileParserTest.java

Line 197 in 74ebf45

doThrow(jsonException).when(jsonMapper).treeToValue(any(), any());

Change to:
doThrow(jsonException).when(jsonMapper).treeToValue(any(), eq(DevfileImpl.class));
to fix the error.

[nickboldt]

Now failing with this cryptic whatsit:

[WARNING] Rule 0: org.apache.maven.plugins.enforcer.RequireDepMgt failed with message:
junit:junit:jar is not managed by dependency management
You are trying to use artifacts that are not in the list of allowed artifacts included in
                                        dependencyManagement in root pom or have different version.

But if I revert the change to put in a version, I get:

[ERROR]   The project org.eclipse.che.multiuser:che-multiuser-keycloak-token-provider:7.60.0-SNAPSHOT (/home/nboldt/5-Che/0.github_upstream/che-server/multiuser/keycloak/che-multiuser-keycloak-token-provider/pom.xml) has 1 error
[ERROR]     'dependencies.dependency.version' for junit:junit:jar is missing. @ line 81, column 21

[devstudio-release]

Build 3.5 :: server_3.x/104: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: sync-to-downstream_3.x/1968: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: get-sources-rhpkg-container-build_3.x/1897: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: push-latest-container-to-quay_3.x/1515: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: update-digests_3.x/1843: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: push-latest-container-to-quay_3.x/1515:

Copied: server-rhel8; /job/DS_CI/job/update-digests_3.x triggered;
/job/DS_CI/job/Releng/job/copyIIBsToQuay triggered for OCP v4.12 v4.11 v4.10

[devstudio-release]

Build 3.5 :: get-sources-rhpkg-container-build_3.x/1897:

server : 3.x :: Build 50005881 : quay.io/devspaces/server-rhel8:3.5-12
SUCCESS; copied to quay; /DS_CI/push-latest-container-to-quay_3.x/1515 triggered

[devstudio-release]

Build 3.5 :: copyIIBsToQuay/658: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: sync-to-downstream_3.x/1968:

Build container: devspaces-server synced; /DS_CI/get-sources-rhpkg-container-build_3.x/1897 triggered;

[devstudio-release]

Build 3.5 :: server_3.x/104:

Upstream sync done; /DS_CI/sync-to-downstream_3.x/1968 triggered

[devstudio-release]

Build 3.5 :: operator-bundle_3.x/765: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: sync-to-downstream_3.x/1969: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: get-sources-rhpkg-container-build_3.x/1898: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: push-latest-container-to-quay_3.x/1516: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: copyIIBsToQuay/659: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: push-latest-container-to-quay_3.x/1516:

Copied: devspaces-operator-bundle; Quay/Brew version mismatch; all Quay images updated; bundle-generated updated;
/job/DS_CI/job/Releng/job/copyIIBsToQuay triggered for OCP v4.12 v4.11 v4.10

[devstudio-release]

Build 3.5 :: get-sources-rhpkg-container-build_3.x/1898:

devspaces-operator-bundle : 3.x :: Build 50006487 : quay.io/devspaces/devspaces-operator-bundle:3.5-59
SUCCESS; copied to quay; /DS_CI/push-latest-container-to-quay_3.x/1516 triggered;

Bundle CSV related images:
- quay.io/devspaces/code-rhel8:3.5-4
- quay.io/devspaces/configbump-rhel8:3.5-5
- quay.io/devspaces/dashboard-rhel8:3.5-9
- quay.io/devspaces/devfileregistry-rhel8:3.5-31
- quay.io/devspaces/devspaces-rhel8-operator:3.5-17
- quay.io/devspaces/idea-rhel8:3.5-3
- quay.io/devspaces/machineexec-rhel8:3.5-6
- quay.io/devspaces/pluginregistry-rhel8:3.5-9
- quay.io/devspaces/server-rhel8:3.5-12
- quay.io/devspaces/theia-endpoint-rhel8:3.5-2
- quay.io/devspaces/theia-rhel8:3.5-2
- quay.io/devspaces/traefik-rhel8:3.5-5
- quay.io/devspaces/udi-rhel8:3.5-6
= registry.redhat.io/devworkspace/devworkspace-rhel8-operator:0.17-2
= registry.redhat.io/openshift4/ose-kube-rbac-proxy:v4.11.0-202212070335.p0.ga805ba5.assembly.stream
= registry.redhat.io/openshift4/ose-oauth-proxy:v4.11.0-202212070335.p0.gaad1b28.assembly.stream
= registry.redhat.io/rhel8/postgresql-13:1-91.1669834637
= registry.redhat.io/rhel8/postgresql-96:1-159
= registry.redhat.io/rhscl/mongodb-36-rhel7:1-50
= registry.redhat.io/ubi8/ubi-minimal:8.6-994

[devstudio-release]

Build 3.5 :: sync-to-downstream_3.x/1969:

Build container: devspaces-operator-bundle synced; /DS_CI/get-sources-rhpkg-container-build_3.x/1898 triggered; /job/DS_CI/job/dsc_3.x triggered;

[devstudio-release]

Build 3.5 :: operator-bundle_3.x/765:

Upstream sync done; /DS_CI/sync-to-downstream_3.x/1969 triggered

[devstudio-release]

Build 3.5 :: copyIIBsToQuay/658:

arches = x86_64, s390x, ppc64le;
  * LATEST DS OPERATOR BUNDLE = <a href=https://quay.io/repository/devspaces/devspaces-operator-bundle?tab=tags>registry-proxy.engineering.redhat.com/rh-osbs/devspaces-operator-bundle:3.5-58
  * LATEST DWO OPERATOR BUNDLE = <a href=https://quay.io/repository/devworkspace/devworkspace-operator-bundle?tab=tags>registry-proxy.engineering.redhat.com/rh-osbs/devworkspace-operator-bundle:0.18-2
+ ppc64le-rhel8 IIB(s) copied:
  + quay.io/devspaces/iib:3.5-v4.12-411651-410106-ppc64le
  + quay.io/devspaces/iib:3.5-v4.11-411648-410097-ppc64le
  + quay.io/devspaces/iib:3.5-v4.10-411645-410093-ppc64le
+ s390x-rhel8 IIB(s) copied:
  + quay.io/devspaces/iib:3.5-v4.12-411651-410106-s390x
  + quay.io/devspaces/iib:3.5-v4.11-411648-410097-s390x
  + quay.io/devspaces/iib:3.5-v4.10-411645-410093-s390x
+ x86_64-rhel8 IIB(s) copied:
  + quay.io/devspaces/iib:3.5-v4.12-411651-410106-x86_64
  + quay.io/devspaces/iib:3.5-v4.12-x86_64
  + quay.io/devspaces/iib:next-v4.12-x86_64
  + quay.io/devspaces/iib:3.5-v4.11-411648-410097-x86_64
  + quay.io/devspaces/iib:3.5-v4.10-411645-410093-x86_64

[devstudio-release]

Build 3.5 :: dsc_3.x/560: Console, Changes, Git Data

[devstudio-release]

Build 3.5 :: update-digests_3.x/1843:

Detected new images: rebuild operator-bundle
* server; /DS_CI/operator-bundle_3.x/765 triggered

[devstudio-release]

Build 3.5 :: dsc_3.x/560:

3.5.0 CI