Addressed dependencies with security issues

jimbethancourt · jimbethancourt · commit 4d55b9e3babb · 2021-02-14T18:42:16.000-06:00
Specifying newer versions of transitive dependencies where SNYK identified security issues are present
diff --git a/refactor-first-maven-plugin/pom.xml b/refactor-first-maven-plugin/pom.xml
@@ -28,13 +28,27 @@
             <version>3.2.2</version>
         </dependency>
 
+        <!-- Needed since Doxia 1.9.2 and httpclient use     an insecure version -->
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.15</version>
+        </dependency>
+
         <!-- Needed since Doxia 1.9.2 uses an insecure version -->
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>httpclient</artifactId>
             <version>4.5.13</version>
         </dependency>
 
+        <!-- Needed since Doxia 1.9.2 uses an insecure version -->
+        <dependency>
+            <groupId>org.codehaus.plexus</groupId>
+            <artifactId>plexus-utils</artifactId>
+            <version>3.3.0</version>
+        </dependency>
+
         <!-- Doxia -->
         <!-- Needed since maven-reporting-impl brings in Struts 1.3.8 jars that have CVSS > 8 -->
         <dependency>
@@ -91,7 +105,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.11</version>
+            <version>4.13.2</version>
             <scope>test</scope>
         </dependency>
 
