[Snyk] Security upgrade io.quarkiverse.artemis:quarkus-artemis-jms from 2.1.1 to 3.3.0 #3339

yurake · 2024-04-09T20:24:09Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- application/consumer-activemq-quarkus/pom.xml

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity	Reachability
	415/1000 Why? Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-JAVA-ORGGRAALVMSDK-6026490	`io.quarkiverse.artemis:quarkus-artemis-jms:` `2.1.1 -> 3.3.0`	Yes	No Known Exploit	No Path Found
	410/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Buffer Overflow SNYK-JAVA-ORGGRAALVMSDK-6026508	`io.quarkiverse.artemis:quarkus-artemis-jms:` `2.1.1 -> 3.3.0`	Yes	Proof of Concept	No Path Found

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)

…ilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGGRAALVMSDK-6026490 - https://snyk.io/vuln/SNYK-JAVA-ORGGRAALVMSDK-6026508

what-the-diff · 2024-04-09T20:24:22Z

PR Summary

Upgraded Artemis Version
The version of Artemis, which is a messaging system used in our application, has been updated. This will provide us improved performance and new feature offerings, ensuring the reliability and efficiency of our data communication.

sonarcloud · 2024-04-09T20:24:36Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:26:34Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

codecov · 2024-04-09T20:27:57Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.92%. Comparing base (9332046) to head (bb46571).
Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff            @@
##             master    #3339   +/-   ##
=========================================
  Coverage     95.92%   95.92%           
  Complexity       30       30           
=========================================
  Files            54       54           
  Lines           809      809           
  Branches         27       27           
=========================================
  Hits            776      776           
  Misses           28       28           
  Partials          5        5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

datadog-github-app-for-yurake · 2024-04-09T20:31:34Z

Datadog Report

All test runs cab8cee 🔗

✅ 22 Total Test Services: 0 Failed, 22 Passed

Test Services

This report shows up to 10 services

Service Name	Passed	Wall Time	Test Service View
`consumer-hazelcast-quarkus`	4	1.39s	Link
`consumer-kafka-quarkus`	2	2.15s	Link
`consumer-rabbitmq-quarkus`	1	1.52s	Link
`consumer-redis-quarkus`	1	1.4s	Link
`converter-kafka-quarkus`	1	2.56s	Link
`converter-rabbitmq-quarkus`	1	1.39s	Link
`jaxrs-activemq-quarkus`	16	1.39s	Link
`jaxrs-cassandra-quarkus`	14	1.54s	Link
`jaxrs-grpc-quarkus`	2	2.97s	Link
`jaxrs-hazelcast-quarkus`	45	6.16s	Link

sonarcloud · 2024-04-09T20:31:35Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:31:42Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:31:43Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:31:52Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:31:53Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:31:53Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:31:57Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:31:57Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:32:46Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:33:34Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:33:35Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:33:45Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:33:46Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:33:56Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:34:48Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:35:02Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:35:05Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:35:22Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:48:01Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T20:55:18Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarcloud · 2024-04-09T21:48:25Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

socket-security · 2024-09-15T05:12:49Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
maven/io.quarkiverse.artemis/quarkus-artemis-jms@3.3.0	eval	`0`	15 kB
maven/io.quarkiverse.artemis/quarkus-test-artemis@3.3.0	filesystem	`0`	7.58 kB

🚮 Removed packages: maven/io.quarkiverse.artemis/quarkus-artemis-jms@3.1.6, maven/io.quarkiverse.artemis/quarkus-test-artemis@3.1.6

View full report↗︎

datadog-github-app-for-yurake · 2024-09-15T05:49:25Z

Datadog Report

All test runs e105244 🔗

✅ 21 Total Test Services: 0 Failed, 21 Passed

Test Services

This report shows up to 10 services

Service Name	Passed	Total Time	Test Service View
`consumer-hazelcast-quarkus`	4	1.05s	Link
`consumer-kafka-quarkus`	2	2.15s	Link
`consumer-rabbitmq-quarkus`	1	0s	Link
`consumer-redis-quarkus`	1	0s	Link
`converter-kafka-quarkus`	1	0s	Link
`converter-rabbitmq-quarkus`	1	0s	Link
`jaxrs-cassandra-quarkus`	14	1.27s	Link
`jaxrs-grpc-quarkus`	2	3.04s	Link
`jaxrs-hazelcast-quarkus`	45	6.24s	Link
`jaxrs-kafka-quarkus`	2	3.72s	Link

codeclimate · 2024-09-15T12:55:17Z

Code Climate has analyzed commit bb46571 and detected 0 issues on this pull request.

View more on Code Climate.

sonarcloud · 2024-09-15T12:55:26Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:14:10Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:32:08Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:32:23Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:32:24Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:33:21Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:33:27Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:33:40Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:33:46Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:33:56Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:33:57Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:34:17Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:34:19Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:34:22Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:34:27Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:34:44Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:34:51Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:35:09Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:36:01Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:36:07Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:36:53Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud · 2024-09-15T13:36:54Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

fix: application/consumer-activemq-quarkus/pom.xml to reduce vulnerab…

2cd6911

…ilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGGRAALVMSDK-6026490 - https://snyk.io/vuln/SNYK-JAVA-ORGGRAALVMSDK-6026508

pull-request-size bot added the size/XS label Apr 9, 2024

github-actions bot added quarkus someone for quarkus java Pull requests that update Java code labels Apr 9, 2024

yurake added 2 commits September 15, 2024 13:44

Merge branch 'master' into snyk-fix-177e84d32f42fd196b070870076c3991

8d77f31

Merge branch 'master' into snyk-fix-177e84d32f42fd196b070870076c3991

5607f0c

Merge branch 'master' into snyk-fix-177e84d32f42fd196b070870076c3991

bb46571

[Snyk] Security upgrade io.quarkiverse.artemis:quarkus-artemis-jms from 2.1.1 to 3.3.0 #3339

Are you sure you want to change the base?

[Snyk] Security upgrade io.quarkiverse.artemis:quarkus-artemis-jms from 2.1.1 to 3.3.0 #3339

Conversation

yurake commented Apr 9, 2024

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:

what-the-diff bot commented Apr 9, 2024

PR Summary

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

codecov bot commented Apr 9, 2024 • edited Loading

Codecov Report

datadog-github-app-for-yurake bot commented Apr 9, 2024 • edited Loading

Datadog Report

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

sonarcloud bot commented Apr 9, 2024

Quality Gate passed

socket-security bot commented Sep 15, 2024 • edited Loading

datadog-github-app-for-yurake bot commented Sep 15, 2024 • edited Loading

Datadog Report

codeclimate bot commented Sep 15, 2024

sonarcloud bot commented Sep 15, 2024

Quality Gate passed

sonarcloud bot commented Sep 15, 2024

Quality Gate passed

sonarcloud bot commented Sep 15, 2024

Quality Gate passed

sonarcloud bot commented Sep 15, 2024

Quality Gate passed

sonarcloud bot commented Sep 15, 2024

Quality Gate passed

sonarcloud bot commented Sep 15, 2024

Quality Gate passed

sonarcloud bot commented Sep 15, 2024

Quality Gate passed

sonarcloud bot commented Sep 15, 2024

codecov bot commented Apr 9, 2024 •

edited

Loading

datadog-github-app-for-yurake bot commented Apr 9, 2024 •

edited

Loading

socket-security bot commented Sep 15, 2024 •

edited

Loading

datadog-github-app-for-yurake bot commented Sep 15, 2024 •

edited

Loading