Skip to content

Commit 20c677c

Browse files
aaron-steinfeldaaron-steinfeld
authored
chore: update vulnerabilities (#27)
1 parent 89fe616 commit 20c677c

File tree

2 files changed

+12
-13
lines changed

2 files changed

+12
-13
lines changed

platform-metrics/build.gradle.kts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,8 @@ dependencies {
2222
implementation("io.prometheus:simpleclient_dropwizard:0.6.0")
2323
implementation("io.prometheus:simpleclient_servlet:0.6.0")
2424
implementation("io.prometheus:simpleclient_pushgateway:0.9.0")
25-
implementation("org.eclipse.jetty:jetty-servlet:9.4.38.v20210224")
25+
implementation("org.eclipse.jetty:jetty-servlet:9.4.39.v20210325")
2626

27-
testImplementation("org.junit.jupiter:junit-jupiter:5.6.2")
28-
testImplementation("org.mockito:mockito-core:3.3.3")
27+
testImplementation("org.junit.jupiter:junit-jupiter:5.7.1")
28+
testImplementation("org.mockito:mockito-core:3.8.0")
2929
}

platform-service-framework/build.gradle.kts

Lines changed: 9 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ dependencies {
1818

1919
// Use for thread dump servlet
2020
implementation("io.dropwizard.metrics:metrics-servlets:4.1.16")
21-
implementation("org.eclipse.jetty:jetty-servlet:9.4.38.v20210224")
21+
implementation("org.eclipse.jetty:jetty-servlet:9.4.39.v20210325")
2222

2323
// Use for metrics servlet
2424
implementation("io.prometheus:simpleclient_servlet:0.6.0")
@@ -27,18 +27,17 @@ dependencies {
2727
implementation("org.apache.httpcomponents:httpclient:4.5.13")
2828

2929
constraints {
30-
implementation("com.fasterxml.jackson.core:jackson-databind:2.11.0") {
31-
because("Deserialization of Untrusted Data [High Severity][https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587] in com.fasterxml.jackson.core:[email protected]\n" +
32-
" io.dropwizard.metrics:metrics-servlets")
30+
implementation("com.fasterxml.jackson.core:jackson-databind:2.12.2") {
31+
because("Multiple vulnerabilities")
3332
}
34-
implementation("commons-codec:commons-codec:1.13") {
33+
implementation("commons-codec:commons-codec:1.15") {
3534
because("version 1.12 has a vulnerability https://snyk.io/vuln/SNYK-JAVA-COMMONSCODEC-561518")
3635
}
3736
}
3837

39-
testImplementation("org.apache.logging.log4j:log4j-slf4j-impl:2.13.3")
40-
testImplementation("org.junit.jupiter:junit-jupiter:5.6.2")
41-
testImplementation("org.mockito:mockito-core:3.3.3")
42-
testImplementation("org.eclipse.jetty:jetty-servlet:9.4.18.v20190429:tests")
43-
testImplementation("org.eclipse.jetty:jetty-http:9.4.18.v20190429:tests")
38+
testImplementation("org.apache.logging.log4j:log4j-slf4j-impl:2.14.1")
39+
testImplementation("org.junit.jupiter:junit-jupiter:5.7.1")
40+
testImplementation("org.mockito:mockito-core:3.8.0")
41+
testImplementation("org.eclipse.jetty:jetty-servlet:9.4.39.v20210325:tests")
42+
testImplementation("org.eclipse.jetty:jetty-http:9.4.39.v20210325:tests")
4443
}

0 commit comments

Comments
 (0)