From 6e58859b5d37f5f65130ea0fb716efee0b80b14d Mon Sep 17 00:00:00 2001
From: Manish Jangid <msjangid@amazon.com>
Date: Wed, 25 Jan 2023 17:31:06 +0000
Subject: [PATCH] Update core common lib version and fix vulnerable libs

---
 pom.xml                         | 2 +-
 provider/register-aws/pom.xml   | 8 +++-----
 provider/register-azure/pom.xml | 8 ++------
 provider/register-gc/pom.xml    | 3 +--
 provider/register-ibm/pom.xml   | 3 +--
 register-core/pom.xml           | 8 +-------
 6 files changed, 9 insertions(+), 23 deletions(-)

diff --git a/pom.xml b/pom.xml
index 5d9a6c575..4c8ef6fcc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -57,7 +57,7 @@
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>                
-                <version>2.7.2</version>
+                <version>2.7.7</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
diff --git a/provider/register-aws/pom.xml b/provider/register-aws/pom.xml
index c96324d63..afc2463be 100644
--- a/provider/register-aws/pom.xml
+++ b/provider/register-aws/pom.xml
@@ -31,13 +31,11 @@
     </parent>
     <properties>
         <aws.version>1.11.1018</aws.version>
-        <netty.version>4.1.65.Final</netty.version>
-        <tomcat.version>9.0.37</tomcat.version>
         <log4j2.version>2.17.1</log4j2.version>
-        <os-core-common.version>0.18.0</os-core-common.version>
+        <os-core-common.version>0.19.0-rc6</os-core-common.version>
         <jackson-databind.version>2.13.2.2</jackson-databind.version>
         <jackson.version>2.13.2</jackson.version>
-        <spring-webmvc.version>5.3.22</spring-webmvc.version>
+        <spring-webmvc.version>5.3.24</spring-webmvc.version>
     </properties>
 
     <dependencyManagement>
@@ -118,7 +116,7 @@
         <dependency>
             <groupId>org.opengroup.osdu.core.aws</groupId>
             <artifactId>os-core-lib-aws</artifactId>
-            <version>0.15.0</version>
+            <version>0.19.0-rc3</version>
         </dependency>
         <dependency>
             <groupId>org.opengroup.osdu</groupId>
diff --git a/provider/register-azure/pom.xml b/provider/register-azure/pom.xml
index 01a99942f..d6d78db85 100644
--- a/provider/register-azure/pom.xml
+++ b/provider/register-azure/pom.xml
@@ -29,16 +29,15 @@
     <packaging>jar</packaging>
     <version>0.19.0-SNAPSHOT</version>
     <properties>
-        <osdu.corelibazure.version>0.18.0</osdu.corelibazure.version>
+        <osdu.corelibazure.version>0.19.0-rc8</osdu.corelibazure.version>
         <osdu.oscorecommon.version>0.19.0-rc8</osdu.oscorecommon.version>
         <junit-jupiter.version>5.6.0</junit-jupiter.version>
         <mockito-junit-jupiter.version>2.23.0</mockito-junit-jupiter.version>
         <oauth2-oidc-sdk.version>6.5</oauth2-oidc-sdk.version>
         <woodstox-core.version>6.4.0</woodstox-core.version>
-        <hibernate-validator.version>5.3.6.Final</hibernate-validator.version>
+        <hibernate-validator.version>6.2.5.Final</hibernate-validator.version>
         <jackson-databind.version>2.13.4.1</jackson-databind.version>
         <jackson.version>2.13.2</jackson.version>
-        <spring-webmvc.version>5.3.22</spring-webmvc.version>
     </properties>
 
     <dependencyManagement>
@@ -59,7 +58,6 @@
             <dependency>
                 <groupId>org.hibernate</groupId>
                 <artifactId>hibernate-validator</artifactId>
-                <version>${hibernate-validator.version}</version>
             </dependency>
         </dependencies>
     </dependencyManagement>
@@ -93,7 +91,6 @@
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-webmvc</artifactId>
-            <version>${spring-webmvc.version}</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -112,7 +109,6 @@
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-oauth2-client</artifactId>
-            <version>5.7.5</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
diff --git a/provider/register-gc/pom.xml b/provider/register-gc/pom.xml
index c039cedf2..3b6a8d4ea 100644
--- a/provider/register-gc/pom.xml
+++ b/provider/register-gc/pom.xml
@@ -31,7 +31,7 @@
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
-                <version>2.7.2</version>
+                <version>2.7.7</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -75,7 +75,6 @@
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-webmvc</artifactId>
-            <version>5.3.22</version>
         </dependency>
 
         <dependency>
diff --git a/provider/register-ibm/pom.xml b/provider/register-ibm/pom.xml
index d29182bb2..b4fdfb281 100644
--- a/provider/register-ibm/pom.xml
+++ b/provider/register-ibm/pom.xml
@@ -38,7 +38,7 @@
 	    <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-dependencies</artifactId>
-            <version>2.7.2</version>
+            <version>2.7.7</version>
             <type>pom</type>
             <scope>import</scope>
         </dependency>
@@ -105,7 +105,6 @@
 	<dependency>
 		<groupId>org.apache.tomcat.embed</groupId>
 		<artifactId>tomcat-embed-core</artifactId>
-		<version>9.0.67</version>
 	</dependency>
 	<dependency>
 		<groupId>org.apache.lucene</groupId>
diff --git a/register-core/pom.xml b/register-core/pom.xml
index cfa69c2b0..70611f1eb 100644
--- a/register-core/pom.xml
+++ b/register-core/pom.xml
@@ -32,7 +32,6 @@
 
     <properties>
         <netty.version>4.1.70.Final</netty.version>
-        <spring-security-web.version>5.7.2</spring-security-web.version>
         <jackson-databind.version>2.13.4</jackson-databind.version>
         <jackson.version>2.13.2</jackson.version>
     </properties>
@@ -49,12 +48,10 @@
             <dependency>
                 <groupId>org.springframework.security</groupId>
                 <artifactId>spring-security-core</artifactId>
-                <version>5.7.2</version>
             </dependency>
             <dependency>
                 <groupId>org.springframework</groupId>
                 <artifactId>spring-core</artifactId>
-                <version>5.3.22</version>
             </dependency>
         </dependencies>
     </dependencyManagement>
@@ -63,7 +60,6 @@
         <dependency>
             <groupId>org.apache.tomcat.embed</groupId>
             <artifactId>tomcat-embed-core</artifactId>
-            <version>9.0.67</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -78,7 +74,6 @@
                     <artifactId>snakeyaml</artifactId>
                 </exclusion>
             </exclusions>
-            <version>2.7.3</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -92,7 +87,6 @@
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-web</artifactId>
-            <version>${spring-security-web.version}</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -143,7 +137,7 @@
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-validator</artifactId>
-            <version>5.2.5.Final</version>
+            <version>6.2.5.Final</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.datatype</groupId>
-- 
GitLab