Bumped to 4.6-SNAPSHOT

rjrudin · rjrudin · commit 2789ad7edb46 · 2023-08-22T15:54:01.000-04:00
diff --git a/build.gradle b/build.gradle
@@ -8,28 +8,33 @@ plugins {
 }
 
 group = "com.marklogic"
-version = "4.5-SNAPSHOT"
+version = "4.6-SNAPSHOT"
 
 java {
 	sourceCompatibility = 1.8
 	targetCompatibility = 1.8
 }
 
 repositories {
+	mavenLocal()
 	mavenCentral()
 	maven {
 		url "https://nexus.marklogic.com/repository/maven-snapshots/"
 	}
 }
 
 dependencies {
-	api 'com.marklogic:ml-javaclient-util:4.5.1'
-	api 'org.springframework:spring-web:5.3.27'
-	api 'com.fasterxml.jackson.core:jackson-databind:2.14.1'
+	api 'com.marklogic:ml-javaclient-util:4.6-SNAPSHOT'
+	api 'org.springframework:spring-web:5.3.29'
+	api 'com.fasterxml.jackson.core:jackson-databind:2.14.3'
 
 	implementation 'jaxen:jaxen:1.2.0'
-	implementation 'com.squareup.okhttp3:okhttp:4.10.0'
+
+	// Forcing usage of 3.4.0 instead of 3.2.0 to address vulnerability - https://security.snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKIO-5820002
+	implementation 'com.squareup.okio:okio:3.4.0'
+	implementation 'com.squareup.okhttp3:okhttp:4.11.0'
 	implementation 'io.github.rburgst:okhttp-digest:2.7'
+
 	implementation 'org.apache.httpcomponents:httpclient:4.5.14'
 	implementation 'org.jdom:jdom2:2.0.6.1'
 
@@ -54,8 +59,8 @@ dependencies {
 	compileOnly "com.beust:jcommander:1.82"
 	compileOnly "ch.qos.logback:logback-classic:1.3.5"
 
-	testImplementation 'org.junit.jupiter:junit-jupiter:5.9.3'
-	testImplementation 'org.springframework:spring-test:5.3.27'
+	testImplementation 'org.junit.jupiter:junit-jupiter:5.10.0'
+	testImplementation 'org.springframework:spring-test:5.3.29'
 	testImplementation 'commons-io:commons-io:2.11.0'
 	testImplementation 'xmlunit:xmlunit:1.6'
 
