Update vulnerable dependencies

[sdc.git] / asdctool / pom.xml

diff --git a/asdctool/pom.xml b/asdctool/pom.xml
index 4dba42e..6431e31 100644 (file)
--- a/asdctool/pom.xml
+++ b/asdctool/pom.xml
@@ -12,6 +12,10 @@
     <version>1.12.4-SNAPSHOT</version>
   </parent>
 
+  <properties>
+    <apache-poi.version>5.2.3</apache-poi.version>
+  </properties>
+
   <dependencies>
     <dependency>
       <groupId>com.google.guava</groupId>
@@ -265,14 +269,7 @@
       <scope>compile</scope>
     </dependency>
 
-    <!-- slf4j + logback -->
-    <dependency>
-      <groupId>org.slf4j</groupId>
-      <artifactId>slf4j-api</artifactId>
-      <version>${slf4j-api.version}</version>
-      <scope>compile</scope>
-    </dependency>
-
+    <!-- logback -->
     <dependency>
       <groupId>ch.qos.logback</groupId>
       <artifactId>logback-classic</artifactId>
@@ -372,6 +369,10 @@
       <version>${janusgraph.version}</version>
       <scope>compile</scope>
       <exclusions>
+        <exclusion>
+          <groupId>joda-time</groupId>
+          <artifactId>joda-time</artifactId>
+        </exclusion>
         <exclusion>
           <groupId>org.slf4j</groupId>
           <artifactId>slf4j-log4j12</artifactId>
@@ -654,6 +655,7 @@
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-assembly-plugin</artifactId>
+        <version>${mvn.assembly.version}</version>
         <executions>
           <execution>
             <configuration>