Patch 1.3 MED+ CVE's (#1626)

* Update Spring to 5.3.27 for CVE-2023-20863

Signed-off-by: Sean Kao <seankao@amazon.com>

* Update wiremock to 3.0.0-beta-7 for CVE-2023-1370

Signed-off-by: Sean Kao <seankao@amazon.com>

* Update checkstyle to 8.45.1 for CVE's

Change subprojects to allprojects to enforce root using same version
Patched CVE's:
* CVE-2019-10782
* CVE-2020-8908

And fix style violations

Signed-off-by: Sean Kao <seankao@amazon.com>

---------

Signed-off-by: Sean Kao <seankao@amazon.com>

build.gradle

@@ -7,7 +7,7 @@
 buildscript {
     ext {
         opensearch_version = System.getProperty("opensearch.version", "1.3.10-SNAPSHOT")
-        spring_version = "5.3.25"
+        spring_version = "5.3.27"
     }
 
     repositories {
@@ -119,11 +119,11 @@ jacocoTestCoverageVerification {
 check.dependsOn jacocoTestCoverageVerification
 
 // TODO: fix code style in main and test source code
-subprojects {
+allprojects {
     apply plugin: 'checkstyle'
     checkstyle {
         configFile rootProject.file("config/checkstyle/google_checks.xml")
-        toolVersion "8.29"
+        toolVersion "8.45.1"
         configProperties = [
                 "org.checkstyle.google.suppressionfilter.config": rootProject.file("config/checkstyle/suppressions.xml")]
         ignoreFailures = false

config/checkstyle/google_checks.xml

@@ -279,7 +279,7 @@
                 value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF, METHOD_DEF, CTOR_DEF, VARIABLE_DEF"/>
     </module>
     <module name="JavadocMethod">
-      <property name="scope" value="public"/>
+      <property name="accessModifiers" value="public"/>
       <property name="allowMissingParamTags" value="true"/>
       <property name="allowMissingReturnTag" value="true"/>
       <property name="allowedAnnotations" value="Override, Test"/>

core/src/test/java/org/opensearch/sql/analysis/AnalyzerTest.java

@@ -714,10 +714,10 @@ public void kmeanns_relation() {
   public void ad_batchRCF_relation() {
     Map<String, Literal> argumentMap =
             new HashMap<String, Literal>() {{
-        put("shingle_size", new Literal(8, DataType.INTEGER));
-        put("time_decay", new Literal(0.0001, DataType.DOUBLE));
-        put("time_field", new Literal(null, DataType.STRING));
-      }};
+                put("shingle_size", new Literal(8, DataType.INTEGER));
+                put("time_decay", new Literal(0.0001, DataType.DOUBLE));
+                put("time_field", new Literal(null, DataType.STRING));
+            }};
     assertAnalyzeEqual(
             new LogicalAD(LogicalPlanDSL.relation("schema"), argumentMap),
             new AD(AstDSL.relation("schema"), argumentMap)

core/src/test/java/org/opensearch/sql/planner/logical/LogicalPlanNodeVisitorTest.java

@@ -124,8 +124,8 @@ public void testAbstractPlanNodeVisitorShouldReturnNull() {
               put("shingle_size", new Literal(8, DataType.INTEGER));
               put("time_decay", new Literal(0.0001, DataType.DOUBLE));
               put("time_field", new Literal(null, DataType.STRING));
-        }
-      });
+            }
+        });
     assertNull(ad.accept(new LogicalPlanNodeVisitor<Integer, Object>() {
     }, null));
   }

opensearch/src/main/java/org/opensearch/sql/opensearch/storage/script/core/ExpressionScript.java

@@ -71,7 +71,7 @@ public ExpressionScript(Expression expression) {
    * Evaluate on the doc generate by the doc provider.
    * @param docProvider doc provider.
    * @param evaluator evaluator
-   * @return
+   * @return expr value
    */
   public ExprValue execute(Supplier<Map<String, ScriptDocValues<?>>> docProvider,
                          BiFunction<Expression,

opensearch/src/test/java/org/opensearch/sql/opensearch/executor/protector/OpenSearchExecutionProtectorTest.java

@@ -277,13 +277,14 @@ public void testVisitAD() {
     NodeClient nodeClient = mock(NodeClient.class);
     ADOperator adOperator =
             new ADOperator(
-                    values(emptyList()),
-                    new HashMap<String, Literal>() {{
-          put("shingle_size", new Literal(8, DataType.INTEGER));
-          put("time_decay", new Literal(0.0001, DataType.DOUBLE));
-          put("time_field", new Literal(null, DataType.STRING));
-        }
-      }, nodeClient);
+                values(emptyList()),
+                new HashMap<String, Literal>() {{
+                    put("shingle_size", new Literal(8, DataType.INTEGER));
+                    put("time_decay", new Literal(0.0001, DataType.DOUBLE));
+                    put("time_field", new Literal(null, DataType.STRING));
+                }},
+                nodeClient
+            );
 
     assertEquals(executionProtector.doProtect(adOperator),
             executionProtector.visitAD(adOperator, null));

protocol/src/main/java/org/opensearch/sql/protocol/response/format/Format.java

@@ -24,6 +24,7 @@ public enum Format {
   private final String formatName;
 
   private static final Map<String, Format> ALL_FORMATS;
+
   static {
     ImmutableMap.Builder<String, Format> builder = new ImmutableMap.Builder<>();
     for (Format format : Format.values()) {

sql-jdbc/build.gradle

@@ -51,7 +51,7 @@ dependencies {
 
     testImplementation('org.junit.jupiter:junit-jupiter-api:5.3.1')
     testImplementation('org.junit.jupiter:junit-jupiter-params:5.3.1')
-    testImplementation('com.github.tomakehurst:wiremock:3.0.0-beta-2')
+    testImplementation('com.github.tomakehurst:wiremock:3.0.0-beta-7')
     testImplementation('org.mockito:mockito-core:2.23.0')
     testImplementation('org.junit.jupiter:junit-jupiter-engine:5.3.1')
     testImplementation('org.junit-pioneer:junit-pioneer:0.3.0')