<version>1.2.0</version>
</dependency>
<!-- DMAAP-656:
- - removed this dependency because it utilized a third party
- - lib called com.google.guava:20.0 which had severe threat identified.
- - build code without this dependency and it seemed to work, so perhaps it
- - is not needed?
+ - override this dependency because it utilized a third party
+ - lib called com.google.guava:20.0 which had severe security threat identified.
+ -->
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <version>24.1.1-jre</version>
+ </dependency>
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-core</artifactId>
<version>${swagger.version}</version>
</dependency>
- -->
<dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-jersey2-jaxrs</artifactId>
<jackson.version>2.9.5</jackson.version>
<jersey.version>2.26</jersey.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <jettyVersion>9.3.8.RC0</jettyVersion>
+ <jettyVersion>9.4.12.RC0</jettyVersion>
<eelf.version>0.0.1</eelf.version>
<artifact.version>1.0.15-SNAPSHOT</artifact.version>
<!-- SONAR -->