From b6bac968d804681caf72b99457d35f338df0a8f6 Mon Sep 17 00:00:00 2001
From: DGerashchenko <DGerashchenko@slb.com>
Date: Wed, 17 Nov 2021 19:21:27 +0300
Subject: [PATCH] Upgrade vulnerable dependencies according to WhiteSource
 alerts

(cherry picked from commit 146b51268903e73a3e6d11e72d8b04f8d46810d5)
---
 partition-core/pom.xml           |  7 -------
 pom.xml                          |  2 +-
 provider/partition-azure/pom.xml | 20 +-------------------
 3 files changed, 2 insertions(+), 27 deletions(-)

diff --git a/partition-core/pom.xml b/partition-core/pom.xml
index a6635935b..20806c82f 100644
--- a/partition-core/pom.xml
+++ b/partition-core/pom.xml
@@ -32,7 +32,6 @@
 		<maven.compiler.target>1.8</maven.compiler.target>
 		<maven.compiler.source>1.8</maven.compiler.source>
 		<springfox-version>2.7.0</springfox-version>
-		<gson_version>2.8.6</gson_version>
 		<powermock.version>2.0.6</powermock.version>
 		<mockito.core.version>3.3.3</mockito.core.version>
 		<assertj_core_version>3.16.1</assertj_core_version>
@@ -80,12 +79,6 @@
 			<artifactId>spring-boot-starter-validation</artifactId>
 		</dependency>
 
-		<dependency>
-			<groupId>com.google.code.gson</groupId>
-			<artifactId>gson</artifactId>
-			<version>${gson_version}</version>
-		</dependency>
-
 		<!-- test dependencies -->
 		<dependency>
 			<groupId>org.jetbrains.kotlin</groupId>
diff --git a/pom.xml b/pom.xml
index 0f6be7da6..f03495ae6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -26,7 +26,7 @@
     <maven.compiler.target>1.8</maven.compiler.target>
     <maven.compiler.source>1.8</maven.compiler.source>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <os-core-common.version>0.12.0</os-core-common.version>
+    <os-core-common.version>0.13.0-SNAPSHOT-6912-0</os-core-common.version>
     <org.springframework.boot.version>2.4.5</org.springframework.boot.version>
   </properties>
 
diff --git a/provider/partition-azure/pom.xml b/provider/partition-azure/pom.xml
index ef00feacd..42307efae 100644
--- a/provider/partition-azure/pom.xml
+++ b/provider/partition-azure/pom.xml
@@ -14,12 +14,10 @@
   <packaging>jar</packaging>
 
   <properties>
-    <osdu.corelibazure.version>0.12.0</osdu.corelibazure.version>
-    <osdu.oscorecommon.version>0.12.0</osdu.oscorecommon.version>
+    <osdu.corelibazure.version>0.13.0-SNAPSHOT-6912-0</osdu.corelibazure.version>
     <junit.version>4.12</junit.version>
     <mockito.version>2.25.0</mockito.version>
     <powermock.version>2.0.2</powermock.version>
-    <json-smart.version>2.4.6</json-smart.version>
   </properties>
 
   <dependencyManagement>
@@ -47,22 +45,6 @@
       <artifactId>core-lib-azure</artifactId>
       <version>${osdu.corelibazure.version}</version>
     </dependency>
-    <dependency>
-      <groupId>org.opengroup.osdu</groupId>
-      <artifactId>os-core-common</artifactId>
-      <version>${osdu.oscorecommon.version}</version>
-    </dependency>
-
-    <!--
-    Many dependencies contain library with vulnerabilities: net.minidev:json-smart:jar:2.3
-    because of that we need to enforce the higher version
-    -->
-    <dependency>
-      <groupId>net.minidev</groupId>
-      <artifactId>json-smart</artifactId>
-      <version>${json-smart.version}</version>
-    </dependency>
-
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-security</artifactId>
-- 
GitLab