Upgrade vulnerable dependencies according to WhiteSource alerts
osdu/platform/system/lib/core/os-core-common#52 (closed)
osdu/platform/system/lib/core/os-core-common!126 (merged)
os-core-common version upgrade after MR:os-core-common was updated according to WhiteSource alerts:
- spring-boot.version: 2.4.5 -> 2.4.12
- netty-bom.version: 4.1.63.Final -> 4.1.70.Final
- json-smart.version: 2.4.7
- gson.version: 2.8.5 -> 2.8.9
json-smart was removed from os-core-lib-azure pom because the correct version of this dependency is provided by os-core-common after the upgrade.
The list of successfully tested related services which will use the upgraded version (there are no significant issues after the upgrade):
- os-core-lib-azure: !165 (merged)
- entitlements: osdu/platform/security-and-compliance/entitlements!149 (merged)
-
partition: osdu/platform/system/partition!117 (merged)
- Successful pipeline: https://community.opengroup.org/osdu/platform/system/partition/-/pipelines/78619
- Successful pipeline: https://community.opengroup.org/osdu/platform/system/partition/-/pipelines/78619
- unit-service: osdu/platform/system/reference/unit-service!115 (merged)
- crs-conversion-service: osdu/platform/system/reference/crs-conversion-service!90 (merged)
- crs-catalog-service: osdu/platform/system/reference/crs-catalog-service!78 (merged)
Part of the #14 (closed) series
Edited by David Diederich