Revert "remove unnecessary elasticsearch dependencies to fix CVE regr…

…essions (apache#15443)"

This reverts commit b854058.

extensions-core/druid-ranger-security/pom.xml

@@ -34,21 +34,6 @@
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
-    <dependencyManagement>
-        <dependencies>
-            <dependency>
-                <groupId>com.fasterxml.woodstox</groupId>
-                <artifactId>woodstox-core</artifactId>
-                <version>6.4.0</version>
-            </dependency>
-            <dependency>
-                <groupId>com.amazonaws</groupId>
-                <artifactId>aws-java-sdk-bundle</artifactId>
-                <version>${aws.sdk.version}</version>
-            </dependency>
-        </dependencies>
-    </dependencyManagement>
-
     <dependencies>
         <dependency>
             <groupId>org.apache.druid</groupId>
@@ -148,18 +133,6 @@
                     <groupId>org.apache.hadoop</groupId>
                     <artifactId>hadoop-common</artifactId>
                 </exclusion>
-                <exclusion>
-                    <groupId>org.elasticsearch</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.elasticsearch.client</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.elasticsearch.plugin</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -171,27 +144,14 @@
                     <groupId>org.apache.hadoop</groupId>
                     <artifactId>hadoop-common</artifactId>
                 </exclusion>
-                <exclusion>
-                    <groupId>org.elasticsearch</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.elasticsearch.client</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>org.elasticsearch.plugin</groupId>
-                    <artifactId>*</artifactId>
-                </exclusion>
             </exclusions>
             <scope>compile</scope>
         </dependency>
-
         <dependency>
             <groupId>com.google.code.gson</groupId>
             <artifactId>gson</artifactId>
+            <version>${apache.ranger.gson.version}</version>
             <scope>compile</scope>
-            <version>${gson.version}</version>
         </dependency>
 
         <!-- Tests -->

licenses.yaml

@@ -4620,16 +4620,6 @@ libraries:
 
 ---
 
-name: gson
-license_category: binary
-module: druid-ranger-security
-license_name: Apache License version 2.0
-version: 2.10.1
-libraries:
-  - com.google.code.gson: gson
-
----
-
 name: com.kstruct gethostname4j
 license_category: binary
 version: 1.0.0
@@ -4640,16 +4630,6 @@ libraries:
 
 ---
 
-name: com.amazonaws aws-java-sdk-bundle
-license_category: binary
-version: 1.12.638
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - com.amazonaws: aws-java-sdk-bundle
-
----
-
 name: com.carrotsearch hppc
 license_category: binary
 version: 0.8.0
@@ -4755,6 +4735,38 @@ libraries:
 
 ---
 
+name: org.elasticsearch securesm
+license_category: binary
+version: 1.2
+module: druid-ranger-security
+license_name: Apache License version 2.0
+libraries:
+  - org.elasticsearch: securesm
+
+---
+
+name: Elastic Search
+license_category: binary
+version: 7.10.2
+module: druid-ranger-security
+license_name: Apache License version 2.0
+libraries:
+  - org.elasticsearch: elasticsearch
+  - org.elasticsearch: elasticsearch-cli
+  - org.elasticsearch: elasticsearch-core
+  - org.elasticsearch: elasticsearch-geo
+  - org.elasticsearch: elasticsearch-secure-sm
+  - org.elasticsearch: elasticsearch-x-content
+  - org.elasticsearch.client: elasticsearch-rest-client
+  - org.elasticsearch.client: elasticsearch-rest-high-level-client
+  - org.elasticsearch.plugin: aggs-matrix-stats-client
+  - org.elasticsearch.plugin: lang-mustache-client
+  - org.elasticsearch.plugin: mapper-extras-client
+  - org.elasticsearch.plugin: parent-join-client
+  - org.elasticsearch.plugin: rank-eval-client
+
+---
+
 name: org.apache.httpcomponents httpcore-nio
 license_category: binary
 version: 4.4.6
@@ -4793,7 +4805,7 @@ libraries:
 
 name: Woodstox
 license_category: binary
-version: 6.4.0
+version: 6.2.4
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:

pom.xml

@@ -78,7 +78,6 @@
         <apache.curator.version>5.5.0</apache.curator.version>
         <apache.kafka.version>3.6.1</apache.kafka.version>
         <apache.ranger.version>2.4.0</apache.ranger.version>
-        <gson.version>2.10.1</gson.version>
         <apache.ranger.gson.version>2.10.1</apache.ranger.gson.version>
         <scala.library.version>2.13.11</scala.library.version>
         <avatica.version>1.23.0</avatica.version>