Skip to content

Commit

Permalink
Update All patch-minor dependencies
Browse files Browse the repository at this point in the history
  • Loading branch information
renovate[bot] authored Jul 12, 2023
1 parent 942a8b7 commit 3a31ed2
Show file tree
Hide file tree
Showing 5 changed files with 81 additions and 81 deletions.
154 changes: 77 additions & 77 deletions build.gradle
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
buildscript {
ext {
springBootVersion = '2.6.10'
springBootVersion = '2.7.13'
}
dependencies {
classpath 'org.jsonschema2pojo:jsonschema2pojo-gradle-plugin:1.1.1'
classpath 'org.jsonschema2pojo:jsonschema2pojo-gradle-plugin:1.2.1'
}
dependencies {
classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.7'
classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.8.0.1969'
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
Expand All @@ -15,19 +15,19 @@ buildscript {

plugins {
id 'application'
id 'com.github.ben-manes.versions' version '0.20.0'
id 'io.spring.dependency-management' version '1.0.10.RELEASE'
id 'org.sonarqube' version '2.7'
id 'com.github.ben-manes.versions' version '0.47.0'
id 'io.spring.dependency-management' version '1.1.0'
id 'org.sonarqube' version '2.8'
id 'jacoco'
id 'com.github.kt3k.coveralls' version '2.8.2'
id 'se.patrikerdes.use-latest-versions' version '0.2.7'
id 'com.github.kt3k.coveralls' version '2.12.2'
id 'se.patrikerdes.use-latest-versions' version '0.2.18'
id 'net.ltgt.apt' version '0.21'
id 'com.github.spacialcircumstances.gradle-cucumber-reporting' version '0.1.23'
id "org.jetbrains.gradle.plugin.idea-ext" version "0.7"
id "info.solidsoft.pitest" version '1.4.0'
id "io.freefair.lombok" version "5.3.0"
id 'uk.gov.hmcts.java' version '0.12.40'
id 'au.com.dius.pact' version '4.1.0'
id 'com.github.spacialcircumstances.gradle-cucumber-reporting' version '0.1.25'
id "org.jetbrains.gradle.plugin.idea-ext" version "0.10"
id "info.solidsoft.pitest" version '1.9.11'
id "io.freefair.lombok" version "5.3.3.3"
id 'uk.gov.hmcts.java' version '0.12.43'
id 'au.com.dius.pact' version '4.6.1'
}

apply plugin: 'java'
Expand All @@ -46,7 +46,7 @@ apply plugin: 'se.patrikerdes.use-latest-versions'
apply from: './gradle/suppress.gradle'

def versions = [
pact_version : '4.1.7',
pact_version : '4.6.1',
]
ext['spring-security.version'] = '5.6.9'
ext['spring-framework.version'] = '5.3.26'
Expand Down Expand Up @@ -83,14 +83,14 @@ repositories {
// end::repositories[]

ext {
junitJupiterVersion = '5.8.2'
junitVintageVersion = '5.8.2'
powermockVersion = '2.0.7'
junitJupiterVersion = '5.9.3'
junitVintageVersion = '5.9.3'
powermockVersion = '2.0.9'
reformLogging = '5.1.9'
appInsightsVersion = '2.4.1'
swagger2Version = '3.0.0'
hibernateVersion = '5.6.10.Final'
hazelcastVersion = '5.2.1'
hibernateVersion = '5.6.15.Final'
hazelcastVersion = '5.3.1'
limits = [
'instruction': 90,
'branch' : 85,
Expand All @@ -99,7 +99,7 @@ ext {
'method' : 90,
'class' : 98
]
springCloudVersion = '2021.0.3'
springCloudVersion = '2021.0.8'
}

group 'uk.gov.hmcts.ccd'
Expand Down Expand Up @@ -139,17 +139,17 @@ tasks.withType(Test) {
}

dependencies {
implementation 'com.google.code.gson:gson:2.8.9'
implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-bootstrap', version: '3.1.3'
implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '3.1.3'
implementation 'com.google.code.gson:gson:2.10.1'
implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-bootstrap', version: '3.1.7'
implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '3.1.8'

implementation group: 'com.github.hmcts.java-logging', name: 'logging', version: reformLogging
implementation group: 'com.github.hmcts.java-logging', name: 'logging-appinsights', version: reformLogging

implementation 'org.mapstruct:mapstruct-jdk8:1.3.1.Final'
implementation 'org.projectlombok:lombok:1.18.16'
annotationProcessor 'org.mapstruct:mapstruct-processor:1.3.1.Final', 'org.projectlombok:lombok:1.18.16', 'org.projectlombok:lombok-mapstruct-binding:0.2.0'
testAnnotationProcessor 'org.mapstruct:mapstruct-processor:1.3.1.Final', 'org.projectlombok:lombok:1.18.16', 'org.projectlombok:lombok-mapstruct-binding:0.2.0'
implementation 'org.mapstruct:mapstruct-jdk8:1.5.5.Final'
implementation 'org.projectlombok:lombok:1.18.28'
annotationProcessor 'org.mapstruct:mapstruct-processor:1.5.5.Final', 'org.projectlombok:lombok:1.18.28', 'org.projectlombok:lombok-mapstruct-binding:0.2.0'
testAnnotationProcessor 'org.mapstruct:mapstruct-processor:1.5.5.Final', 'org.projectlombok:lombok:1.18.28', 'org.projectlombok:lombok-mapstruct-binding:0.2.0'

implementation('org.springframework.boot:spring-boot-starter-actuator')

Expand All @@ -166,63 +166,63 @@ dependencies {
implementation group: 'com.hazelcast', name: 'hazelcast-spring', version: hazelcastVersion

implementation group: 'javax.inject', name: 'javax.inject', version: '1'
implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.7'
implementation group: 'org.apache.logging.log4j', name: 'log4j-api', version: '2.17.1'
implementation group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.13'
implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.12.0'
implementation group: 'org.apache.logging.log4j', name: 'log4j-api', version: '2.20.0'
implementation group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.14'
implementation group: 'io.springfox', name: 'springfox-boot-starter', version: swagger2Version

compile "org.flywaydb:flyway-core:6.5.7"
compile group: 'org.yaml', name: 'snakeyaml', version: '1.32'
compile group: 'org.yaml', name: 'snakeyaml', version: '1.33'
compile group: 'io.jsonwebtoken', name: 'jjwt', version:'0.9.1'
compile group: 'com.github.hmcts', name: 'service-auth-provider-java-client', version: '4.0.3'
compile group: 'com.github.hmcts', name: 'idam-java-client', version: '2.0.1'
compile group: 'com.github.hmcts', name: 'service-auth-provider-java-client', version: '4.1.2'
compile group: 'com.github.hmcts', name: 'idam-java-client', version: '2.1.1'
compile group: 'org.bouncycastle', name: 'bcpkix-jdk15on', version: '1.70'

implementation group: 'org.springframework.security', name: 'spring-security-oauth2-client'
implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-resource-server', version: '2.5.14'
implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-resource-server', version: '2.7.13'
implementation group: 'org.springframework.security', name: 'spring-security-oauth2-resource-server'
implementation group: 'org.springframework.security', name: 'spring-security-oauth2-core'
implementation group: 'org.springframework.security', name: 'spring-security-oauth2-jose'

implementation "io.github.openfeign:feign-httpclient:11.0"
implementation "io.github.openfeign:feign-httpclient:11.10"

implementation group: 'net.minidev', name: 'json-smart', version: '2.4.7'
implementation group: 'net.minidev', name: 'json-smart', version: '2.5.0'

implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.21'
implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.31'
implementation group: 'io.vavr', name: 'vavr', version: '0.10.4'

testCompile group: 'io.github.openfeign.form', name: 'feign-form', version: '3.8.0'
implementation group: 'io.github.openfeign.form', name: 'feign-form-spring', version: '3.8.0'

implementation group: 'com.sun.mail', name: 'mailapi', version: '1.6.1'
implementation group: 'com.sun.mail', name: 'mailapi', version: '1.6.7'
implementation group: 'commons-lang', name: 'commons-lang', version: '2.6'
implementation group: 'commons-validator', name: 'commons-validator', version: '1.6'
implementation group: 'commons-validator', name: 'commons-validator', version: '1.7'
// CVE-2019-10086 force update of commons-beanutils.
implementation group: 'commons-beanutils', name: 'commons-beanutils', version: '1.9.4'
implementation group: 'com.jayway.jsonpath', name: 'json-path', version: '2.4.0'
implementation group: 'com.jayway.jsonpath', name: 'json-path', version: '2.8.0'
implementation group: 'org.awaitility', name: 'awaitility', version: '3.1.6'

// CVE-2021-28170
implementation "org.glassfish:jakarta.el:4.0.1"
implementation "org.glassfish:jakarta.el:4.0.2"

implementation group: 'commons-fileupload', name: 'commons-fileupload', version: '1.5'
implementation group: 'commons-io', name: 'commons-io', version: '2.8.0'
implementation group: 'commons-io', name: 'commons-io', version: '2.13.0'

// use the latest org.springframework.security
implementation group: 'org.springframework.security', name: 'spring-security-core'
implementation group: 'org.springframework.security', name: 'spring-security-config'
implementation group: 'org.springframework.security', name: 'spring-security-web'
implementation group: 'org.springframework.security', name: 'spring-security-crypto'

implementation group: 'com.vladmihalcea', name: 'hibernate-types-52', version: '2.9.13'
implementation group: 'com.vladmihalcea', name: 'hibernate-types-52', version: '2.21.1'
implementation "org.hibernate:hibernate-core:${hibernateVersion}"
implementation group: 'org.apache.commons', name: 'commons-jexl3', version: '3.1'
implementation group: 'pl.jalokim.propertiestojson', name: 'java-properties-to-json', version: '5.1.3'
implementation group: 'org.apache.commons', name: 'commons-jexl3', version: '3.3'
implementation group: 'pl.jalokim.propertiestojson', name: 'java-properties-to-json', version: '5.3.0'

// FIXME 0.6 doesn't support jsonb; 0.7 doesn't work on Windows
// runtime group: 'com.impossibl.pgjdbc-ng', name: 'pgjdbc-ng', version: '0.6'
runtimeOnly group: 'org.postgresql', name: 'postgresql', version: '42.5.1'
runtimeOnly group: 'com.zaxxer', name: 'HikariCP', version: '4.0.2'
runtimeOnly group: 'org.postgresql', name: 'postgresql', version: '42.6.0'
runtimeOnly group: 'com.zaxxer', name: 'HikariCP', version: '4.0.3'

implementation 'org.springframework.boot:spring-boot-starter-validation'

Expand All @@ -233,46 +233,46 @@ dependencies {

testImplementation('org.springframework.boot:spring-boot-starter-test')
testImplementation('org.springframework.cloud:spring-cloud-starter-contract-stub-runner')
testCompile ('com.opentable.components:otj-pg-embedded:0.12.0')
testImplementation group: 'org.assertj', name: 'assertj-core', version: '3.22.0'
testImplementation group: 'org.assertj', name: 'assertj-vavr', version: '0.4.2'
testImplementation("org.testcontainers:postgresql:1.15.2")
testCompile ('com.github.tomakehurst:wiremock-jre8:2.25.1')
testCompile ('org.springframework.cloud:spring-cloud-contract-wiremock:2.2.4.RELEASE')
testCompile ('com.opentable.components:otj-pg-embedded:0.13.4')
testImplementation group: 'org.assertj', name: 'assertj-core', version: '3.24.2'
testImplementation group: 'org.assertj', name: 'assertj-vavr', version: '0.4.3'
testImplementation("org.testcontainers:postgresql:1.18.3")
testCompile ('com.github.tomakehurst:wiremock-jre8:2.35.0')
testCompile ('org.springframework.cloud:spring-cloud-contract-wiremock:2.2.6.RELEASE')
// To avoid compiler warnings about @API annotations in JUnit5 code.
testCompileOnly 'org.apiguardian:apiguardian-api:1.0.0'
testCompileOnly 'org.apiguardian:apiguardian-api:1.1.2'
testCompile "org.junit.jupiter:junit-jupiter-api:${junitJupiterVersion}"
testRuntime "org.junit.jupiter:junit-jupiter-engine:${junitJupiterVersion}"
testRuntime "org.junit.vintage:junit-vintage-engine:${junitVintageVersion}"
testRuntime "org.junit.platform:junit-platform-commons:1.8.1"
testCompile group: 'org.mockito', name: 'mockito-core', version: '3.6.0'
testCompile group:'org.mockito', name: 'mockito-junit-jupiter', version:'3.6.0'
testRuntime "org.junit.platform:junit-platform-commons:1.9.3"
testCompile group: 'org.mockito', name: 'mockito-core', version: '3.12.4'
testCompile group:'org.mockito', name: 'mockito-junit-jupiter', version:'3.12.4'
testCompile group: 'org.powermock', name: 'powermock-api-mockito2', version: powermockVersion
testCompile group: 'org.powermock', name: 'powermock-module-junit4', version: powermockVersion
testCompile group: 'io.rest-assured', name: 'rest-assured', version: '4.3.0'
testCompile group: 'com.xebialabs.restito', name: 'restito', version: '0.9.3'
testCompile group: 'io.rest-assured', name: 'rest-assured', version: '4.5.1'
testCompile group: 'com.xebialabs.restito', name: 'restito', version: '0.9.5'
testCompile 'io.github.openfeign:feign-jackson:9.7.0'
testCompile 'pl.allegro.tech:embedded-elasticsearch:2.7.0'
testCompile 'pl.allegro.tech:embedded-elasticsearch:2.10.0'
testCompile 'com.github.hmcts:fortify-client:1.3.0:all'
testImplementation group: 'commons-lang', name: 'commons-lang', version: '2.6'

// for sonar analysis
testCompile group: 'org.openid4java', name: 'openid4java', version: '1.0.0'
// remove me once insights is in
implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.10'
implementation group: 'ch.qos.logback', name: 'logback-core', version: '1.2.10'
implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.8'
implementation group: 'ch.qos.logback', name: 'logback-core', version: '1.4.8'

//excluding log4j-core which causes a vulnerability issue
implementation(group: 'io.searchbox', name: 'jest', version: '6.3.1') {
exclude group: 'org.apache.logging.log4j', module: 'log4j-core'
}
implementation(group: 'org.elasticsearch', name: 'elasticsearch', version: '7.16.2') {
implementation(group: 'org.elasticsearch', name: 'elasticsearch', version: '7.17.11') {
exclude group: 'org.apache.logging.log4j', module: 'log4j-api'
}
implementation 'org.jooq:jool-java-8:0.9.14'
implementation 'com.github.hmcts:ccd-case-document-am-client:1.7.1'
implementation 'org.jooq:jool-java-8:0.9.15'
implementation 'com.github.hmcts:ccd-case-document-am-client:1.59'

testCompile group: 'com.github.hmcts', name: 'ccd-test-definitions', version: '7.19.11'
testCompile group: 'com.github.hmcts', name: 'ccd-test-definitions', version: '7.19.12'

testCompile group: 'com.github.hmcts', name: 'befta-fw', version: '8.7.11'

Expand All @@ -286,9 +286,9 @@ dependencies {
contractTestCompile group: 'org.springframework.security', name: 'spring-security-oauth2-resource-server'
contractTestCompile group: 'org.springframework.security', name: 'spring-security-oauth2-core'
contractTestCompile group: 'org.springframework.security', name: 'spring-security-oauth2-jose'
contractTestCompile group: 'com.microsoft.azure', name: 'applicationinsights-core', version: '2.6.1'
contractTestCompile group: 'com.microsoft.azure', name: 'applicationinsights-core', version: '2.6.4'
contractTestCompile group: 'javax.inject', name: 'javax.inject', version: '1'
contractTestCompile group: 'com.github.hmcts', name: 'idam-java-client', version: '2.0.1'
contractTestCompile group: 'com.github.hmcts', name: 'idam-java-client', version: '2.1.1'
contractTestCompile group: 'com.hazelcast', name: 'hazelcast', version: hazelcastVersion
contractTestCompile group: 'com.hazelcast', name: 'hazelcast-spring', version: hazelcastVersion
contractTestCompile('org.springframework.boot:spring-boot-starter-hateoas')
Expand All @@ -299,11 +299,11 @@ dependencies {
exclude group: 'org.apache.tomcat', module: 'tomcat-jdbc'
}
contractTestCompile("org.springframework.boot:spring-boot-starter-data-jpa")
contractTestCompile group: 'org.apache.commons', name: 'commons-jexl3', version: '3.1'
contractTestCompile(group: 'org.elasticsearch', name: 'elasticsearch', version: '7.16.2') {
contractTestCompile group: 'org.apache.commons', name: 'commons-jexl3', version: '3.3'
contractTestCompile(group: 'org.elasticsearch', name: 'elasticsearch', version: '7.17.11') {
exclude group: 'org.apache.logging.log4j', module: 'log4j-api'
}
contractTestCompile 'com.github.hmcts:ccd-case-document-am-client:1.7.1'
contractTestCompile 'com.github.hmcts:ccd-case-document-am-client:1.59'

aatCompile group: 'commons-lang', name: 'commons-lang', version: '2.6'
}
Expand All @@ -316,9 +316,9 @@ dependencyManagement {

dependencies {
// Versions prior to 30.0 vulnerable to CVE-2020-8908
dependency 'com.google.guava:guava:30.1-jre'
dependency 'com.google.guava:guava:30.1.1-jre'

dependencySet(group: 'org.apache.tomcat.embed', version: '9.0.73') {
dependencySet(group: 'org.apache.tomcat.embed', version: '9.0.78') {
entry 'tomcat-embed-core'
entry 'tomcat-embed-el'
entry 'tomcat-embed-websocket'
Expand All @@ -329,14 +329,14 @@ dependencyManagement {
}

// Required for Embedded ES with Java 11
dependency 'org.rauschig:jarchivelib:1.0.0'
dependency 'org.rauschig:jarchivelib:1.2.0'

// Remove once BEFTA rest-assured is updated
dependencySet(group: 'io.rest-assured', version: '4.3.0') {
dependencySet(group: 'io.rest-assured', version: '4.5.1') {
entry 'json-path'
entry 'xml-path'
}
dependencySet(group: 'org.codehaus.groovy', version: '3.0.2') {
dependencySet(group: 'org.codehaus.groovy', version: '3.0.18') {
entry 'groovy'
entry 'groovy-xml'
entry 'groovy-json'
Expand Down
4 changes: 2 additions & 2 deletions charts/ccd-data-store-api/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,13 @@ description: Helm chart for the HMCTS CCD Data Store
name: ccd-data-store-api
apiVersion: v2
home: https://github.com/hmcts/ccd-data-store-api
version: 2.0.23
version: 2.0.24
maintainers:
- name: HMCTS CCD Dev Team
email: [email protected]
dependencies:
- name: java
version: 4.0.13
version: 4.1.5
repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/'
- name: elasticsearch
version: 7.17.3
Expand Down
Binary file modified gradle/wrapper/gradle-wrapper.jar
Binary file not shown.
2 changes: 1 addition & 1 deletion gradle/wrapper/gradle-wrapper.properties
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-6.8.3-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-6.9.4-bin.zip
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
2 changes: 1 addition & 1 deletion infrastructure/.terraform-version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.3.9
1.5.3

0 comments on commit 3a31ed2

Please sign in to comment.