Add spring dependencies into dependency management

Some dependencies were missing in oparent and then did not respect the
spring.version parameter for setting the spring version, dragging in the
vulnerable version of spring-beans.

Issue-ID: POLICY-4070
Change-Id: I819062a6165bbec33498414c4f4401cb41475028
Signed-off-by: liamfallon <liam.fallon@est.tech>

diff --git a/.gitignore b/.gitignore
index 32edeae..d7497b4 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -3,4 +3,5 @@ target
 .project
 .settings
 .classpath
+**/*.iml
 cia/

diff --git a/dependencies/pom.xml b/dependencies/pom.xml
index f75a7c5..33b10e0 100644 (file)
--- a/dependencies/pom.xml
+++ b/dependencies/pom.xml
@@ -67,6 +67,11 @@
         <artifactId>spring-core</artifactId>
         <version>${spring.version}</version>
       </dependency>
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-beans</artifactId>
+        <version>${spring.version}</version>
+      </dependency>
       <dependency>
         <groupId>org.springframework</groupId>
         <artifactId>spring-expression</artifactId>
@@ -82,6 +87,16 @@
         <artifactId>spring-webmvc</artifactId>
         <version>${spring.version}</version>
       </dependency>
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-jdbc</artifactId>
+        <version>${spring.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-webflux</artifactId>
+        <version>${spring.version}</version>
+      </dependency>
       <dependency>
         <groupId>commons-beanutils</groupId>
         <artifactId>commons-beanutils</artifactId>