Aquasec - Criticals - Fix - CVE-2022-31183

[miroslavpojer]

Task goal

Identify fixable Aquasec issues and propose fix.
Issue found in Unify repos. It has critical level.

Identified Issues

CVE-2022-31183

Possible solution is to update versions, release new version and use by Unify project.

Fix Proposal

Update in Dependencies.scala:

  def doobieDependencies(scalaVersion: String): Seq[ModuleID] = {
    commonDependencies(scalaVersion) ++ Seq(
      "org.tpolecat" %% "doobie-core" % "1.0.0-RC11",
      "org.tpolecat" %% "doobie-hikari" % "1.0.0-RC11",
      "org.tpolecat" %% "doobie-postgres" % "1.0.0-RC11",
      "org.tpolecat" %% "doobie-postgres-circe" % "1.0.0-RC11",
      "io.circe" %% "circe-generic" % "0.14.15" % Test
    )
  }

Hint: the mininal udpate is to 1.0.0-RC3.
Problem: From RC3 there were complex changes in implicits which have influence on unit tests. This has to be deeply analysed and unit tests refactored.

[lsulak]

Done in #150