From 6ea70e2c63ed1c416305006076dd429b4ae33d26 Mon Sep 17 00:00:00 2001
From: Rui Vieira <rcardoso@redhat.com>
Date: Wed, 4 Sep 2024 20:29:52 +0100
Subject: [PATCH 1/2] Remove unnecessary fields from ModelMesh logs (#150)

Payload processor logs display the entirety of the `Payload`, including
metadata and request contents.
This is not necessary at the log level.

---------

Signed-off-by: Rui Vieira <ruidevieira@googlemail.com>
---
 src/main/java/com/ibm/watson/modelmesh/payload/Payload.java     | 2 --
 .../ibm/watson/modelmesh/payload/RemotePayloadProcessor.java    | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/main/java/com/ibm/watson/modelmesh/payload/Payload.java b/src/main/java/com/ibm/watson/modelmesh/payload/Payload.java
index 6dcafd17..1284f393 100644
--- a/src/main/java/com/ibm/watson/modelmesh/payload/Payload.java
+++ b/src/main/java/com/ibm/watson/modelmesh/payload/Payload.java
@@ -124,8 +124,6 @@ public String toString() {
                 ", modelId='" + modelId + '\'' +
                 ", method='" + method + '\'' +
                 ", status=" + (status == null ? "request" : String.valueOf(status)) +
-                ", metadata=" + metadata +
-                ", data=" + (data != null ? data.readableBytes() + "B" : "") +
                 '}';
     }
 }
diff --git a/src/main/java/com/ibm/watson/modelmesh/payload/RemotePayloadProcessor.java b/src/main/java/com/ibm/watson/modelmesh/payload/RemotePayloadProcessor.java
index 23c2fba1..f48600dc 100644
--- a/src/main/java/com/ibm/watson/modelmesh/payload/RemotePayloadProcessor.java
+++ b/src/main/java/com/ibm/watson/modelmesh/payload/RemotePayloadProcessor.java
@@ -95,7 +95,7 @@ private boolean sendPayload(Payload payload) {
 
             HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
             if (response.statusCode() != 200) {
-                logger.warn("Processing {} with request {} didn't succeed: {}", payload, payloadContent, response);
+                logger.warn("Processing {} didn't succeed: {}", payload, response);
             }
         } catch (Throwable e) {
             logger.error("An error occurred while sending payload {} to {}: {}", payload, uri, e.getCause());

From 8ffcb9c020c3da518cb31412773621846e488a82 Mon Sep 17 00:00:00 2001
From: Filippe Spolti <fspolti@redhat.com>
Date: Fri, 11 Oct 2024 16:54:19 -0300
Subject: [PATCH 2/2] Fixes CVE-2024-7254 (#152)

chore: Fix CVE-2024-7254 com.google.protobuf:protobuf-java Stack-based
Buffer Overflow

#### Motivation


#### Modifications


#### Result

Signed-off-by: Spolti <fspolti@redhat.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index b55a1aca..ed761dbe 100644
--- a/pom.xml
+++ b/pom.xml
@@ -62,7 +62,7 @@
     <litelinks-version>1.7.2</litelinks-version>
     <kv-utils-version>0.5.1</kv-utils-version>
     <etcd-java-version>0.0.24</etcd-java-version>
-    <protobuf-version>3.25.3</protobuf-version>
+    <protobuf-version>3.25.5</protobuf-version>
     <annotation-version>9.0.87</annotation-version>
     <guava-version>33.1.0-jre</guava-version>
     <jackson-databind-version>2.16.2</jackson-databind-version>