Fix: Github reports security vulnerabilities iluwatar#933 (iluwatar#960)

* Fix: Github reports security vulnerabilities  iluwatar#933

Upgrade camel and spring-data

* -Fix github security vulnerabilities in spring-data and camel

* -Code changes for review comments

Author: gaurav9822

eip-aggregator/src/test/java/com/iluwatar/eip/aggregator/routes/AggregatorRouteTest.java

@@ -28,7 +28,7 @@
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.boot.test.SpringApplicationConfiguration;
+import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.context.ActiveProfiles;
@@ -44,7 +44,7 @@
  * </p>
  */
 @ExtendWith(SpringExtension.class)
-@SpringApplicationConfiguration(classes = AggregatorRouteTest.class)
+@SpringBootTest(classes = AggregatorRouteTest.class)
 @ActiveProfiles("test")
 @EnableAutoConfiguration
 @ComponentScan

eip-splitter/src/test/java/com/iluwatar/eip/splitter/routes/SplitterRouteTest.java

@@ -28,7 +28,7 @@
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.boot.test.SpringApplicationConfiguration;
+import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.context.ActiveProfiles;
@@ -42,7 +42,7 @@
  * </p>
  */
 @ExtendWith(SpringExtension.class)
-@SpringApplicationConfiguration(classes = SplitterRouteTest.class)
+@SpringBootTest(classes = SplitterRouteTest.class)
 @ActiveProfiles("test")
 @EnableAutoConfiguration
 @ComponentScan

eip-wire-tap/src/test/java/com/iluwatar/eip/wiretap/routes/WireTapRouteTest.java

@@ -29,7 +29,7 @@
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.boot.test.SpringApplicationConfiguration;
+import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.context.ActiveProfiles;
@@ -45,7 +45,7 @@
  * </p>
  */
 @ExtendWith(SpringExtension.class)
-@SpringApplicationConfiguration(classes = WireTapRouteTest.class)
+@SpringBootTest(classes = WireTapRouteTest.class)
 @ActiveProfiles("test")
 @EnableAutoConfiguration
 @ComponentScan

layers/pom.xml

@@ -41,7 +41,11 @@
 			</dependency>
 		<dependency>
 			<groupId>org.hibernate</groupId>
-			<artifactId>hibernate-entitymanager</artifactId>
+			<artifactId>hibernate-core</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>javax.xml.bind</groupId>
+			<artifactId>jaxb-api</artifactId>
 		</dependency>
 		<dependency>
 	  		<groupId>commons-dbcp</groupId>

layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java

@@ -72,18 +72,23 @@ public void bakeNewCake(CakeInfo cakeInfo) throws CakeBakingException {
       }
     }
     CakeToppingDao toppingBean = context.getBean(CakeToppingDao.class);
-    CakeTopping topping = toppingBean.findOne(matchingToppings.iterator().next().getId());
+    Optional<CakeTopping> topping = toppingBean.findById(matchingToppings.iterator().next().getId());
     CakeDao cakeBean = context.getBean(CakeDao.class);
-    Cake cake = new Cake();
-    cake.setTopping(topping);
-    cake.setLayers(foundLayers);
-    cakeBean.save(cake);
-    topping.setCake(cake);
-    toppingBean.save(topping);
-    CakeLayerDao layerBean = context.getBean(CakeLayerDao.class);
-    for (CakeLayer layer : foundLayers) {
-      layer.setCake(cake);
-      layerBean.save(layer);
+    if (topping.isPresent()) {
+      Cake cake = new Cake();
+      cake.setTopping(topping.get());
+      cake.setLayers(foundLayers);
+      cakeBean.save(cake);
+      topping.get().setCake(cake);
+      toppingBean.save(topping.get());
+      CakeLayerDao layerBean = context.getBean(CakeLayerDao.class);
+      for (CakeLayer layer : foundLayers) {
+        layer.setCake(cake);
+        layerBean.save(layer);
+      }
+    } else {
+      throw new CakeBakingException(String.format("Topping %s is not available",
+              cakeInfo.cakeToppingInfo.name));
     }
   }
 

layers/src/main/resources/applicationContext.xml

@@ -50,7 +50,7 @@
     <property name="dataSource" ref="dataSource" />
     <property name="packagesToScan" value="com.iluwatar" />
     <property name="persistenceProvider">
-      <bean class="org.hibernate.ejb.HibernatePersistence" />
+      <bean class="org.hibernate.jpa.HibernatePersistenceProvider" />
     </property>
     <property name="jpaProperties">
       <map>

pom.xml

@@ -28,10 +28,10 @@
     <inceptionYear>2014</inceptionYear>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <hibernate.version>5.0.1.Final</hibernate.version>
-        <spring.version>4.2.4.RELEASE</spring.version>
-        <spring-boot.version>1.3.3.RELEASE</spring-boot.version>
-        <spring-data.version>1.9.2.RELEASE</spring-data.version>
+        <hibernate.version>5.2.18.Final</hibernate.version>
+        <spring.version>5.0.13.RELEASE</spring.version>
+        <spring-boot.version>2.0.9.RELEASE</spring-boot.version>
+        <spring-data.version>2.0.14.RELEASE</spring-data.version>
         <h2.version>1.4.190</h2.version>
         <junit.version>4.12</junit.version>
         <junit-jupiter.version>5.0.2</junit-jupiter.version>
@@ -40,7 +40,7 @@
         <compiler.version>3.8.1</compiler.version>
         <jacoco.version>0.8.4</jacoco.version>
         <commons-dbcp.version>1.4</commons-dbcp.version>
-        <camel.version>2.16.1</camel.version>
+        <camel.version>2.24.0</camel.version>
         <guava.version>19.0</guava.version>
         <mockito.version>1.10.19</mockito.version>
         <apache-httpcomponents.version>4.5.10</apache-httpcomponents.version>
@@ -55,6 +55,7 @@
         <aws-lambda-java-events.version>2.0.1</aws-lambda-java-events.version>
         <jackson.version>2.8.5</jackson.version>
         <pmd.version>3.12.0</pmd.version>
+        <log4j.version>1.2.17</log4j.version>
         <jaxb-api.version>2.3.0</jaxb-api.version>
         <annotation-api.version>1.3.1</annotation-api.version>
     </properties>
@@ -191,11 +192,6 @@
                 <artifactId>hibernate-core</artifactId>
                 <version>${hibernate.version}</version>
             </dependency>
-            <dependency>
-                <groupId>org.hibernate</groupId>
-                <artifactId>hibernate-entitymanager</artifactId>
-                <version>${hibernate.version}</version>
-            </dependency>
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
@@ -300,6 +296,11 @@
                 <artifactId>mongo-java-driver</artifactId>
                 <version>${mongo-java-driver.version}</version>
             </dependency>
+            <dependency>
+                <groupId>log4j</groupId>
+                <artifactId>log4j</artifactId>
+                <version>${log4j.version}</version>
+            </dependency>
             <dependency>
                 <groupId>javax.xml.bind</groupId>
                 <artifactId>jaxb-api</artifactId>

repository/pom.xml

@@ -44,7 +44,7 @@
         </dependency>
         <dependency>
             <groupId>org.hibernate</groupId>
-            <artifactId>hibernate-entitymanager</artifactId>
+            <artifactId>hibernate-core</artifactId>
         </dependency>
         <dependency>
             <groupId>commons-dbcp</groupId>
@@ -71,5 +71,9 @@
             <groupId>javax.annotation</groupId>
             <artifactId>javax.annotation-api</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+        </dependency>
     </dependencies>
 </project>

repository/src/main/java/com/iluwatar/repository/App.java

@@ -23,6 +23,7 @@
 package com.iluwatar.repository;
 
 import java.util.List;
+import java.util.Optional;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -84,17 +85,17 @@ public static void main(String[] args) {
     nasta.setSurname("Spotakova");
     repository.save(nasta);
 
-    LOGGER.info("Find by id 2: {}", repository.findOne(2L));
+    LOGGER.info("Find by id 2: {}", repository.findById(2L).get());
 
     // Remove record from Person
-    repository.delete(2L);
+    repository.deleteById(2L);
 
     // count records
     LOGGER.info("Count Person records: {}", repository.count());
 
     // find by name
-    Person p = repository.findOne(new PersonSpecifications.NameEqualSpec("John"));
-    LOGGER.info("Find by John is {}", p);
+    Optional<Person> p = repository.findOne(new PersonSpecifications.NameEqualSpec("John"));
+    LOGGER.info("Find by John is {}", p.get());
 
     // find by age
     persons = repository.findAll(new PersonSpecifications.AgeBetweenSpec(20, 40));

repository/src/main/java/com/iluwatar/repository/AppConfig.java

@@ -24,6 +24,7 @@
 
 import java.sql.SQLException;
 import java.util.List;
+import java.util.Optional;
 import java.util.Properties;
 
 import javax.sql.DataSource;
@@ -32,6 +33,7 @@
 import org.hibernate.jpa.HibernatePersistenceProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.boot.SpringBootConfiguration;
 import org.springframework.context.annotation.AnnotationConfigApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
@@ -44,6 +46,7 @@
  *
  */
 @EnableJpaRepositories
+@SpringBootConfiguration
 public class AppConfig {
 
   private static final Logger LOGGER = LoggerFactory.getLogger(AppConfig.class);
@@ -60,7 +63,7 @@ public DataSource dataSource() {
     basicDataSource.setUrl("jdbc:h2:~/databases/person");
     basicDataSource.setUsername("sa");
     basicDataSource.setPassword("sa");
-    return (DataSource) basicDataSource;
+    return basicDataSource;
   }
 
   /**
@@ -134,17 +137,17 @@ public static void main(String[] args) {
     nasta.setSurname("Spotakova");
     repository.save(nasta);
 
-    LOGGER.info("Find by id 2: {}", repository.findOne(2L));
+    LOGGER.info("Find by id 2: {}", repository.findById(2L).get());
 
     // Remove record from Person
-    repository.delete(2L);
+    repository.deleteById(2L);
 
     // count records
     LOGGER.info("Count Person records: {}", repository.count());
 
     // find by name
-    Person p = repository.findOne(new PersonSpecifications.NameEqualSpec("John"));
-    LOGGER.info("Find by John is {}", p);
+    Optional<Person> p = repository.findOne(new PersonSpecifications.NameEqualSpec("John"));
+    LOGGER.info("Find by John is {}", p.get());
 
     // find by age
     persons = repository.findAll(new PersonSpecifications.AgeBetweenSpec(20, 40));