fix: vulnerability fix (#192)

* fix: vulnerability fix

* fix: vulnerability fix

Author: sattvikc

CHANGELOG.md

@@ -7,6 +7,10 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+## [5.0.8] - 2024-02-19
+
+- Fixes vulnerabilities in dependencies
+
 ## [5.0.7] - 2024-01-25
 
 - Fixes the issue where passwords were inadvertently logged in the logs.

build.gradle

@@ -2,7 +2,7 @@ plugins {
     id 'java-library'
 }
 
-version = "5.0.7"
+version = "5.0.8"
 
 repositories {
     mavenCentral()
@@ -17,16 +17,16 @@ dependencies {
     implementation group: 'com.zaxxer', name: 'HikariCP', version: '3.4.1'
 
     // https://mvnrepository.com/artifact/org.postgresql/postgresql
-    implementation group: 'org.postgresql', name: 'postgresql', version: '42.2.10'
+    implementation group: 'org.postgresql', name: 'postgresql', version: '42.7.1'
 
     // https://mvnrepository.com/artifact/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml
-    compileOnly group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-yaml', version: '2.14.0'
+    compileOnly group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-yaml', version: '2.14.2'
 
     // https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-core
-    compileOnly group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.14.0'
+    compileOnly group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.16.1'
 
     // https://mvnrepository.com/artifact/ch.qos.logback/logback-classic
-    compileOnly group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.3'
+    compileOnly group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.14'
 
     // https://mvnrepository.com/artifact/com.google.code.findbugs/jsr305
     compileOnly group: 'com.google.code.findbugs', name: 'jsr305', version: '3.0.2'
@@ -43,21 +43,21 @@ dependencies {
     testImplementation group: 'org.mockito', name: 'mockito-core', version: '3.1.0'
 
     // https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core
-    testImplementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '10.1.1'
+    testImplementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '10.1.18'
 
     // https://mvnrepository.com/artifact/ch.qos.logback/logback-classic
-    testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.3'
+    testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.14'
 
     // https://mvnrepository.com/artifact/com.google.code.gson/gson
     testImplementation group: 'com.google.code.gson', name: 'gson', version: '2.3.1'
 
     testImplementation 'com.tngtech.archunit:archunit-junit4:0.22.0'
 
     // https://mvnrepository.com/artifact/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml
-    testImplementation group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-yaml', version: '2.14.0'
+    testImplementation group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-yaml', version: '2.14.2'
 
     // https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-core
-    testImplementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.14.0'
+    testImplementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.16.1'
 }
 
 jar {

implementationDependencies.json

@@ -2,9 +2,9 @@
   "_comment": "Contains list of implementation dependencies URL for this project",
   "list": [
     {
-      "jar": "https://repo1.maven.org/maven2/org/postgresql/postgresql/42.2.10/postgresql-42.2.10.jar",
-      "name": "PostgreSQL JDBC Driver 4.2",
-      "src": "https://repo1.maven.org/maven2/org/postgresql/postgresql/42.2.10/postgresql-42.2.10-sources.jar"
+      "jar": "https://repo1.maven.org/maven2/org/postgresql/postgresql/42.7.1/postgresql-42.7.1.jar",
+      "name": "PostgreSQL JDBC Driver 42.7.1",
+      "src": "https://repo1.maven.org/maven2/org/postgresql/postgresql/42.7.1/postgresql-42.7.1-sources.jar"
     },
     {
       "jar": "https://repo1.maven.org/maven2/com/zaxxer/HikariCP/3.4.1/HikariCP-3.4.1.jar",