[EXTDAM-198] Upgrade Bynder SDK to version 2.2.1 Created: 20/Nov/20  Updated: 03/Dec/20  Resolved: 30/Nov/20

Status: Closed
Project: External DAMs
Component/s: bynder
Affects Version/s: None
Fix Version/s: 1.0.3

Type: Improvement Priority: Neutral
Reporter: Rabie Hayoun Assignee: Rabie Hayoun
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
dependency
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Documentation update required:
Yes
Epic Link: DAM Phase 2
Sprint: Add-Ons 51, Add-Ons 52
Story Points: 5

 Description   

Upgrade Bynder SDK to version 2.2.1



 Comments   
Comment by Rabie Hayoun [ 25/Nov/20 ]

After trying to upgrade to version 2.2.4, we face below challenges:

  1. Magnolia external BOM is importing version 1.14.9 of OkHttp and Bynder SDK uses logging-interceptor (okHttp 4.9.0) and retrofit 2 (1.14.9)
    1. This can be solved 2 ways
      1. upgrading BOM version to 4.9.0 but this will affect all magnolia
      2. Make sure if bynder dependency is added to the web app, it is the second one on the dependency node and as the first one okHttp 4.9.0 so maven take this one over the one from the BOM
  2. bynder-sdk.properties
    1. this is on bynder-sdk library, which is not not finding this file and we need to load the properties to add them on the header. This need a bit more of analysis on how to solve it.

This ticket was created because okHttp version used on bynder-sdk 2.2.1 has a vulnerability issue, but we can overcome this problem by upgrading okHttp version at the BOM, which has been done

Comment by Rabie Hayoun [ 27/Nov/20 ]

At the end we are going with version 2.2.1 for now

Comment by Rabie Hayoun [ 30/Nov/20 ]

downgraded to version 2.2.1 because of dependency issues

Generated at Mon Feb 12 01:52:51 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.