From c760a4fa7e671150df3f879b86fa2eed0754fb41 Mon Sep 17 00:00:00 2001
From: Manish Jangid <msjangid@amazon.com>
Date: Fri, 20 Jan 2023 14:59:29 -0600
Subject: [PATCH] Update versions of vulnerable libs

---
 notification-core/pom.xml           | 4 ----
 pom.xml                             | 2 +-
 provider/notification-azure/pom.xml | 9 ++++-----
 provider/notification-gcp/pom.xml   | 8 ++++----
 provider/notification-ibm/pom.xml   | 4 +---
 5 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/notification-core/pom.xml b/notification-core/pom.xml
index d187b0547..b0234b2df 100644
--- a/notification-core/pom.xml
+++ b/notification-core/pom.xml
@@ -108,7 +108,6 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
-            <version>2.7.2</version>
             <exclusions>
                 <exclusion>
                     <artifactId>tomcat-embed-el</artifactId>
@@ -127,7 +126,6 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-undertow</artifactId>
-            <version>2.2.2.RELEASE</version>
             <exclusions>
                 <exclusion>
                     <groupId>io.undertow</groupId>
@@ -138,7 +136,6 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-validation</artifactId>
-            <version>2.2.2.RELEASE</version>
             <exclusions>
                 <exclusion>
                     <groupId>org.hibernate.validator</groupId>
@@ -149,7 +146,6 @@
         <dependency>
             <groupId>org.hibernate.validator</groupId>
             <artifactId>hibernate-validator</artifactId>
-            <version>6.1.0.Final</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.security</groupId>
diff --git a/pom.xml b/pom.xml
index 54bd926b5..da4c6e434 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,7 +53,7 @@
 			<dependency>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-dependencies</artifactId>
-				<version>2.1.18.RELEASE</version>
+				<version>2.7.7</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
diff --git a/provider/notification-azure/pom.xml b/provider/notification-azure/pom.xml
index 89f18613b..c073510b5 100644
--- a/provider/notification-azure/pom.xml
+++ b/provider/notification-azure/pom.xml
@@ -39,18 +39,18 @@
     <springframework.version>4.3.0.RELEASE</springframework.version>
     <reactor.netty.version>0.11.0.RELEASE</reactor.netty.version>
     <reactor.core.version>3.3.0.RELEASE</reactor.core.version>
-    <osdu.corelibazure.version>0.18.0</osdu.corelibazure.version>
-    <osdu.oscorecommon.version>0.14.0</osdu.oscorecommon.version>
+    <osdu.corelibazure.version>0.19.0-rc8</osdu.corelibazure.version>
+    <osdu.oscorecommon.version>0.19.0-rc5</osdu.oscorecommon.version>
     <junit.version>5.6.0</junit.version>
     <jjwt.version>3.8.1</jjwt.version>
     <mockito.version>2.23.0</mockito.version>
-    <spring-boot.version>2.1.18.RELEASE</spring-boot.version>
+    <spring-boot.version>2.7.7</spring-boot.version>
     <reactor-core.version>3.4.6</reactor-core.version>
     <reactor-netty.version>1.0.7</reactor-netty.version>
     <oauth2-oidc-sdk.version>6.0</oauth2-oidc-sdk.version>
     <woodstox-core.version>5.3.0</woodstox-core.version>
     <spring-webmvc.version>5.3.22</spring-webmvc.version>
-    <os-core-common.version>0.18.0</os-core-common.version>
+    <os-core-common.version>0.19.0-rc5</os-core-common.version>
     <undertow.version>2.2.19.Final</undertow.version>
     <spring-boot-maven-plugin.version>2.7.6</spring-boot-maven-plugin.version>
   </properties>
@@ -170,7 +170,6 @@
     <dependency>
       <groupId>org.springframework</groupId>
       <artifactId>spring-webmvc</artifactId>
-      <version>${spring-webmvc.version}</version>
     </dependency>
 
     <dependency>
diff --git a/provider/notification-gcp/pom.xml b/provider/notification-gcp/pom.xml
index 2d3000afc..ca049f724 100644
--- a/provider/notification-gcp/pom.xml
+++ b/provider/notification-gcp/pom.xml
@@ -76,19 +76,19 @@
         <dependency>
             <groupId>org.powermock</groupId>
             <artifactId>powermock-api-mockito2</artifactId>
-            <version>2.0.2</version>
+            <version>2.0.9</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.powermock</groupId>
             <artifactId>powermock-module-junit4</artifactId>
-            <version>2.0.2</version>
+            <version>2.0.9</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.mockito</groupId>
-            <artifactId>mockito-all</artifactId>
-            <version>2.0.2-beta</version>
+            <artifactId>mockito-core</artifactId>
+            <version>3.12.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>
diff --git a/provider/notification-ibm/pom.xml b/provider/notification-ibm/pom.xml
index f311d3514..4bef144d7 100644
--- a/provider/notification-ibm/pom.xml
+++ b/provider/notification-ibm/pom.xml
@@ -44,7 +44,7 @@
       <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-dependencies</artifactId>
-        <version>2.5.6</version>
+        <version>2.7.7</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>
@@ -141,12 +141,10 @@
         <dependency>
     		<groupId>org.springframework.security</groupId>
     		<artifactId>spring-security-web</artifactId>
-    		<version>5.7.3</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-config</artifactId>
-			<version>5.7.3</version>
 		</dependency>
         <dependency>
         	<groupId>io.undertow</groupId>
-- 
GitLab