Vulnerability Fixing and POM Reorganization

Fix: Resolve vulnerabilities in pom.xml

This PR addresses vulnerabilities in multiple libraries, including critical and high-severity issues. Below is the delta of vulnerabilities that were present in the previous scan but have been resolved in the current state.

Resolved Vulnerabilities:

1. com.azure:azure-identity

   • Vulnerability: CVE-2024-35255
     • Severity: Medium
     • Issue: Azure Identity Libraries Elevation of Privilege Vulnerability.
     • Resolution: Upgraded from 1.11.2 to 1.12.2.

2. com.nimbusds:nimbus-jose-jwt

   • Vulnerability: CVE-2023-52428
     • Severity: High
     • Issue: Large JWE p2c header value causes Denial of Service.
     • Resolution: Upgraded from 9.30.2 to 9.37.2.

3. org.asynchttpclient:async-http-client

   • Vulnerability: CVE-2024-53990
     • Severity: Critical
     • Issue: CookieStore replaces explicitly defined cookies, leading to potential security issues.
     • Resolution: Upgraded from 2.12.1 to 2.12.4.

4. io.lettuce:lettuce-core

   • Vulnerability: GHSA-q4h9-7rxj-7gx2
     • Severity: Medium
     • Issue: Netty vulnerability included in Redis Lettuce.
     • Resolution: Upgraded from 6.3.2.RELEASE to 6.5.1.RELEASE.

---

By upgrading these libraries to their secure versions, this PR significantly improves the project's security posture by mitigating critical and high-risk vulnerabilities. Please review and approve.

provider/schema-azure/src/main/resources/application.properties

@@ -12,6 +12,10 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 
+# Local Development Configuration -- UNCOMMENT THIS FOR LOCAL DEVELOPMENT
+# spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration,org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration
+
+
 LOG_PREFIX=schema
 server.servlet.context-path=/api/schema-service/v1
 server.port=${server.port}