Skip to content

Commit 1ad04f1

Browse files
author
Grahame Grieve
committed
Merge remote-tracking branch 'origin/main'
2 parents c61ce31 + fe24c6c commit 1ad04f1

File tree

2 files changed

+18
-8
lines changed

2 files changed

+18
-8
lines changed

.github/workflows/trivy.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ jobs:
2828
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2929

3030
- name: Run static analysis
31-
uses: aquasecurity/trivy-action@77137e9dc3ab1b329b7c8a38c2eb7475850a14e8 # master
31+
uses: aquasecurity/trivy-action@0.34.2 # v0.34.2
3232
with:
3333
scan-type: 'fs'
3434
vuln-type: 'library'

pom.xml

Lines changed: 17 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -13,11 +13,11 @@
1313
<jacksonVersion>2.16.0</jacksonVersion>
1414
<apacheHttpcomponentsVersion>4.5.13</apacheHttpcomponentsVersion>
1515
<apacheHttpcomponents5Version>5.0.4</apacheHttpcomponents5Version>
16-
<apacheJenaVersion>4.10.0</apacheJenaVersion>
17-
<log4jVersion>2.17.1</log4jVersion>
16+
<apacheJenaVersion>5.6.0</apacheJenaVersion>
17+
<log4jVersion>2.25.3</log4jVersion>
1818
<lombok_version>1.18.38</lombok_version>
1919
<slf4jVersion>1.7.36</slf4jVersion>
20-
<jettyVersion>12.0.12</jettyVersion>
20+
<jettyVersion>12.0.29</jettyVersion>
2121
<logbackVersion>1.5.20</logbackVersion>
2222
<nettyConstrainedVersion>4.1.118.Final</nettyConstrainedVersion>
2323
<maven.compiler.release>17</maven.compiler.release>
@@ -99,6 +99,11 @@
9999
<artifactId>commons-io</artifactId>
100100
<version>2.18.0</version>
101101
</dependency>
102+
<dependency>
103+
<groupId>org.apache.commons</groupId>
104+
<artifactId>commons-text</artifactId>
105+
<version>1.15.0</version>
106+
</dependency>
102107
<dependency>
103108
<groupId>org.apache.xmlbeans</groupId>
104109
<artifactId>xmlbeans</artifactId>
@@ -129,13 +134,18 @@
129134
<artifactId>logback-core</artifactId>
130135
<version>${logbackVersion}</version>
131136
</dependency>
137+
<dependency>
138+
<groupId>org.apache.logging.log4j</groupId>
139+
<artifactId>log4j-api</artifactId>
140+
<version>${log4jVersion}</version>
141+
</dependency>
132142
</dependencies>
133143
</dependencyManagement>
134144
<dependencies>
135145
<dependency>
136146
<groupId>ca.uhn.hapi.fhir</groupId>
137147
<artifactId>hapi-fhir-base</artifactId>
138-
<version>6.4.1</version>
148+
<version>8.4.0</version>
139149
</dependency>
140150
<dependency>
141151
<groupId>ca.uhn.hapi.fhir</groupId>
@@ -233,7 +243,7 @@
233243
<dependency>
234244
<groupId>com.google.code.gson</groupId>
235245
<artifactId>gson</artifactId>
236-
<version>2.8.9</version>
246+
<version>2.13.2</version>
237247
</dependency>
238248
<dependency>
239249
<groupId>com.google.code.javaparser</groupId>
@@ -457,7 +467,7 @@
457467
<dependency>
458468
<groupId>org.eclipse.jgit</groupId>
459469
<artifactId>org.eclipse.jgit</artifactId>
460-
<version>6.10.1.202505221210-r</version>
470+
<version>7.4.0.202509020913-r</version>
461471
</dependency>
462472
<dependency>
463473
<groupId>org.fhir</groupId>
@@ -483,7 +493,7 @@
483493
<dependency>
484494
<groupId>org.mozilla</groupId>
485495
<artifactId>rhino</artifactId>
486-
<version>1.7R4</version>
496+
<version>1.9.0</version>
487497
</dependency>
488498
<dependency>
489499
<groupId>org.slf4j</groupId>

0 commit comments

Comments
 (0)