From: adheli.tavares <adheli.tavares@est.tech>
Date: Tue, 16 Jan 2024 14:30:13 +0000 (+0000)
Subject: Update dependencies to fix security breaches.
X-Git-Tag: 4.1.1~3
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=policy%2Fparent.git;a=commitdiff_plain;h=39ff87f698ba7692b7342537cb14e671fed722c9

Update dependencies to fix security breaches.

- spring (core, boot and security)
- logback and slf4j
- apache tomcat

Issue-ID: POLICY-4893
Change-Id: Ia0e5b5e8480e8feb924eb68232364c8ac07cfe3e
Signed-off-by: adheli.tavares <adheli.tavares@est.tech>
---

diff --git a/.gitignore b/.gitignore
index 6bb994f1..4a55ac87 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,4 @@ docs/html/
 docs/_static/
 docs/__pycache__/
 .vscode/
+**/*.log
diff --git a/integration/pom.xml b/integration/pom.xml
index 8bd36b21..30623eff 100644
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -58,7 +58,7 @@
         <version.jetty>11.0.18</version.jetty>
         <version.jupiter>5.10.0</version.jupiter>
         <version.log4j>2.20.0</version.log4j>
-        <version.logback>1.4.8</version.logback>
+        <version.logback>1.4.14</version.logback>
         <version.maven-remote-resources-plugin>3.1.0</version.maven-remote-resources-plugin>
         <version.medeia.validator>1.1.1</version.medeia.validator>
         <version.micrometer>1.11.4</version.micrometer>
@@ -69,10 +69,10 @@
         <version.nsa-sa-client>1.3.0-oss</version.nsa-sa-client>
         <version.plexus>3.5.0</version.plexus>
         <version.sdc>2.0.1</version.sdc>
-        <version.slf4j>2.0.7</version.slf4j>
-        <version.spring>6.0.12</version.spring>
-        <version.springboot>3.1.4</version.springboot>
-        <version.spring-security>6.1.4</version.spring-security>
+        <version.slf4j>2.0.11</version.slf4j>
+        <version.spring>6.0.14</version.spring>
+        <version.springboot>3.1.7</version.springboot>
+        <version.spring-security>6.1.6</version.spring-security>
         <version.swagger.codegen.v3>3.0.46</version.swagger.codegen.v3>
         <version.swagger.core.v3>2.2.15</version.swagger.core.v3>
         <surefireArgLine>
@@ -161,7 +161,7 @@
             <dependency>
                 <groupId>jakarta.xml.bind</groupId>
                 <artifactId>jakarta.xml.bind-api</artifactId>
-                <version>4.0.0</version>
+                <version>4.0.1</version>
             </dependency>
             <dependency>
                 <groupId>jakarta.servlet</groupId>
@@ -762,7 +762,7 @@
             <dependency>
                 <groupId>org.apache.tomcat.embed</groupId>
                 <artifactId>tomcat-embed-core</artifactId>
-                <version>10.1.16</version>
+                <version>10.1.18</version>
             </dependency>
             <dependency>
                 <groupId>org.springframework</groupId>