From 8344edf1b16a10e85fc2fdff494f33b0ed8249a0 Mon Sep 17 00:00:00 2001
From: Mike Brown <michael.brown@hmcts.net>
Date: Thu, 6 Jul 2023 17:06:52 +0100
Subject: [PATCH] AM-2728 CVE-2022-1471 snakeyaml 2.0, springBoot 2.7.12,
 launchDarklySdk 5.10.8

---
 build.gradle                  | 6 +++---
 config/owasp/suppressions.xml | 4 ----
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/build.gradle b/build.gradle
index 439f881c9b..24625a5119 100644
--- a/build.gradle
+++ b/build.gradle
@@ -35,7 +35,7 @@ apply plugin: 'project-report'
 apply plugin: 'idea'
 apply plugin: 'io.spring.dependency-management'
 
-ext['snakeyaml.version'] = '1.32'
+ext['snakeyaml.version'] = '2.0'
 
 def versions = [
   junit          : '5.9.0',
@@ -46,7 +46,7 @@ def versions = [
   reformS2sClient: '4.0.2',
   serenity       : '2.2.12',
   sonarPitest    : '0.5',
-  springBoot     : '2.6.15',
+  springBoot     : '2.7.12',
   spring         : '5.3.27',
   springSecurity : '5.7.8',
   springHystrix  : '2.1.1.RELEASE',
@@ -56,7 +56,7 @@ def versions = [
   cucumber       : '5.7.0',
   feign_jackson  : '12.1',
   drools         : '7.69.0.Final',
-  launchDarklySdk: '5.10.7',
+  launchDarklySdk: '5.10.8',
   log4JVersion   : '2.19.0',
   logbackVersion : '1.2.10'
 ]
diff --git a/config/owasp/suppressions.xml b/config/owasp/suppressions.xml
index 18f9aab3bc..a8c58b7bb9 100644
--- a/config/owasp/suppressions.xml
+++ b/config/owasp/suppressions.xml
@@ -5,10 +5,6 @@
       https://tools.hmcts.net/jira/browse/AM-2840 json-java</notes>
     <cve>CVE-2022-45688</cve>
   </suppress>
-  <suppress>
-    <notes>CVE-2022-1471 https://tools.hmcts.net/jira/browse/AM-2728 snakeyaml</notes>
-    <cve>CVE-2022-1471</cve>
-  </suppress>
   <suppress>
     <notes>https://tools.hmcts.net/jira/browse/AM-2839 jackson-databind</notes>
     <cve>CVE-2023-35116</cve>