Commit 0cd70a2c authored by Dmitrii Gerashchenko's avatar Dmitrii Gerashchenko
Browse files

Upgrade vulnerable dependencies according to WhiteSource alerts

parent 47ea610e
Pipeline #81685 failed with stages
in 4 minutes and 47 seconds
......@@ -20,7 +20,7 @@
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>0.13.0-SNAPSHOT</version>
<version>0.13.0-SNAPSHOT-6912-0</version>
<packaging>jar</packaging>
......@@ -37,6 +37,7 @@
<commons-codec.version>1.14</commons-codec.version>
<json-smart.version>2.4.7</json-smart.version>
<gson.version>2.8.9</gson.version>
<log4j2.version>2.15.0</log4j2.version>
</properties>
<licenses>
......@@ -63,6 +64,17 @@
<type>pom</type>
<scope>import</scope>
</dependency>
<!--<editor-fold desc="Overriding spring-boot-dependencies. Fix: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228">-->
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-bom</artifactId>
<version>${log4j2.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<!--</editor-fold>-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment