fix: updating libs for vulnerabilities (#43)

kotharironak · web-flow · commit b7bb3e704f83 · 2023-02-22T16:56:45.000+05:30
diff --git a/data-model/build.gradle.kts b/data-model/build.gradle.kts
@@ -16,12 +16,8 @@ dependencies {
     api("org.apache.commons:commons-compress:1.21") {
       because("Multiple vulnerabilities in avro-declared version")
     }
-    api("com.fasterxml.jackson.core:jackson-databind:2.13.2.2") {
-      because(
-        "Denial of Service (DoS) " +
-          "[High Severity][https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244] in " +
-          "com.fasterxml.jackson.core:jackson-databind@2.13.1"
-      )
+    api("com.fasterxml.jackson.core:jackson-databind:2.14.2") {
+      because("version 2.12.7.1 has a vulnerability https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424")
     }
   }
   api("commons-codec:commons-codec:1.14")

Original file line number	Diff line number	Diff line change
`@@ -16,12 +16,8 @@ dependencies {`
`16`	`16`	`api("org.apache.commons:commons-compress:1.21") {`
`17`	`17`	`because("Multiple vulnerabilities in avro-declared version")`
`18`	`18`	`}`
`19`		`- api("com.fasterxml.jackson.core:jackson-databind:2.13.2.2") {`
`20`		`- because(`
`21`		`- "Denial of Service (DoS) " +`
`22`		`- "[High Severity][https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244] in " +`
`23`		`- "com.fasterxml.jackson.core:[email protected]"`
`24`		`- )`
	`19`	`+ api("com.fasterxml.jackson.core:jackson-databind:2.14.2") {`
	`20`	`+ because("version 2.12.7.1 has a vulnerability https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424")`
`25`	`21`	`}`
`26`	`22`	`}`
`27`	`23`	`api("commons-codec:commons-codec:1.14")`