From 3ccd095a6d9c7c1619628a1a426a32f8aff82c56 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 21 Dec 2024 20:05:58 +0000 Subject: [PATCH] Update all non-major dependencies --- Dockerfile | 2 +- build.gradle | 84 ++++++++++++------------ gradle/wrapper/gradle-wrapper.properties | 2 +- infrastructure/.terraform-version | 2 +- infrastructure/state.tf | 2 +- 5 files changed, 46 insertions(+), 46 deletions(-) diff --git a/Dockerfile b/Dockerfile index 95b4490d..cc1c936a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # renovate: datasource=github-releases depName=microsoft/ApplicationInsights-Java -ARG APP_INSIGHTS_AGENT_VERSION=3.4.18 +ARG APP_INSIGHTS_AGENT_VERSION=3.6.2 # Application image diff --git a/build.gradle b/build.gradle index e01a0b31..4ddb7f6e 100644 --- a/build.gradle +++ b/build.gradle @@ -11,13 +11,13 @@ plugins { id 'pmd' id 'jacoco' id "info.solidsoft.pitest" version '1.15.0' - id 'io.spring.dependency-management' version '1.1.4' + id 'io.spring.dependency-management' version '1.1.7' id 'org.springframework.boot' version '2.7.18' - id 'uk.gov.hmcts.java' version '0.12.48' - id 'org.owasp.dependencycheck' version '10.0.3' - id 'com.github.ben-manes.versions' version '0.50.0' - id 'org.sonarqube' version '4.3.0.3225' - id 'au.com.dius.pact' version '4.2.14' + id 'uk.gov.hmcts.java' version '0.12.63' + id 'org.owasp.dependencycheck' version '10.0.4' + id 'com.github.ben-manes.versions' version '0.51.0' + id 'org.sonarqube' version '4.4.1.3373' + id 'au.com.dius.pact' version '4.6.16' id 'com.adarshr.test-logger' version '3.2.0' } @@ -140,7 +140,7 @@ task fortifyScan(type: JavaExec, description: 'Run fortify scan.') { checkstyle { maxWarnings = 0 - toolVersion = '10.12.0' + toolVersion = '10.21.0' getConfigDirectory().set(new File(rootDir, 'config/checkstyle')) } @@ -200,7 +200,7 @@ sonarqube { project.ext { pacticipant = 'ia_casePaymentsApi' pacticipantVersion = System.env.GIT_COMMIT.substring(0,9) - set('springCloudVersion', "2021.0.8") + set('springCloudVersion', "2021.0.9") } def getCheckedOutGitCommitHash() { @@ -256,14 +256,14 @@ dependencyCheck { def versions = [ pitest : '1.15.3', gradlePitest : '1.15.0', - junit : '5.10.1', - junitPlatform : '1.10.1', + junit : '5.11.4', + junitPlatform : '1.11.4', reformLogging : '5.1.7', - springDoc : '1.7.0', - pact_version : '4.1.38', + springDoc : '1.8.0', + pact_version : '4.6.16', serenity : '3.9.8', sonarPitest : '0.5', - restAssured : '5.3.2' + restAssured : '5.5.0' ] @@ -273,7 +273,7 @@ dependencyManagement { } dependencies { // CVE-2018-10237 - Unbounded memory allocation - dependencySet(group: 'com.google.guava', version: '32.1.2-jre') { + dependencySet(group: 'com.google.guava', version: '32.1.3-jre') { entry 'guava' } @@ -281,27 +281,27 @@ dependencyManagement { entry 'commons-fileupload' } - dependencySet(group: 'com.fasterxml.jackson.core', version: '2.16.0') { + dependencySet(group: 'com.fasterxml.jackson.core', version: '2.18.2') { entry 'jackson-databind' entry 'jackson-core' entry 'jackson-annotations' } - dependencySet(group: 'com.fasterxml.jackson.dataformat', version: '2.16.0') { + dependencySet(group: 'com.fasterxml.jackson.dataformat', version: '2.18.2') { entry 'jackson-dataformat-yaml' } - dependencySet(group: 'com.fasterxml.jackson.datatype', version: '2.16.0') { + dependencySet(group: 'com.fasterxml.jackson.datatype', version: '2.18.2') { entry 'jackson-datatype-jsr310' entry 'jackson-datatype-jdk8' } - dependencySet(group: 'com.fasterxml.jackson.module', version: '2.16.0') { + dependencySet(group: 'com.fasterxml.jackson.module', version: '2.18.2') { entry 'jackson-module-parameter-names' entry 'jackson-module-afterburner' } - dependency group: 'org.yaml', name: 'snakeyaml', version: '2.2' + dependency group: 'org.yaml', name: 'snakeyaml', version: '2.3' } } @@ -367,10 +367,10 @@ dependencies { implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-resource-server' implementation group: 'org.springframework.boot', name: 'spring-boot-starter-validation' - implementation(group: 'org.springframework.cloud', name: 'spring-cloud-starter-bootstrap', version: '3.1.7') { + implementation(group: 'org.springframework.cloud', name: 'spring-cloud-starter-bootstrap', version: '3.1.9') { exclude group: "org.bouncycastle", module: "bcprov-jdk15on" } - implementation group: 'org.springframework.cloud', name: 'spring-cloud-dependencies', version: '2021.0.8' + implementation group: 'org.springframework.cloud', name: 'spring-cloud-dependencies', version: '2021.0.9' implementation(group: 'org.springframework.cloud', name: 'spring-cloud-starter-netflix-hystrix', version: '2.2.10.RELEASE') { exclude group: "org.bouncycastle", module: "bcprov-jdk15on" } @@ -379,14 +379,14 @@ dependencies { implementation group: 'org.springframework.security', name: 'spring-security-oauth2-resource-server' implementation group: 'org.springframework.security', name: 'spring-security-oauth2-jose' - implementation group: 'org.springframework', name: 'spring-aspects', version: '6.0.14' - implementation group: 'org.springframework.retry', name: 'spring-retry', version: '2.0.2' + implementation group: 'org.springframework', name: 'spring-aspects', version: '6.2.1' + implementation group: 'org.springframework.retry', name: 'spring-retry', version: '2.0.11' // CVE-2019-17195 - implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.37.1' + implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.48' // CVE-2021-27568 - implementation group: 'net.minidev', name: 'json-smart', version: '2.5.0' + implementation group: 'net.minidev', name: 'json-smart', version: '2.5.1' implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: versions.springDoc @@ -400,34 +400,34 @@ dependencies { implementation group: 'jakarta.servlet', name: 'jakarta.servlet-api', version: '5.0.0' implementation group: 'net.logstash.logback', name: 'logstash-logback-encoder', version: '8.0' - implementation group: 'com.github.hmcts.java-logging', name: 'logging', version: '6.0.1' - implementation group: 'com.github.hmcts.java-logging', name: 'logging-appinsights', version: '6.0.1' + implementation group: 'com.github.hmcts.java-logging', name: 'logging', version: '6.1.7' + implementation group: 'com.github.hmcts.java-logging', name: 'logging-appinsights', version: '6.1.7' - implementation(group: 'com.github.hmcts', name: 'service-auth-provider-java-client', version: '4.0.2') { + implementation(group: 'com.github.hmcts', name: 'service-auth-provider-java-client', version: '4.1.2') { exclude group: "org.bouncycastle", module: "bcprov-jdk15on" } implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: versions.springDoc - implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.13' - implementation group: 'ch.qos.logback', name: 'logback-core', version: '1.2.13' + implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.5.15' + implementation group: 'ch.qos.logback', name: 'logback-core', version: '1.5.15' - implementation group: 'com.github.hmcts', name: 'auth-checker-lib', version: '3.0.2' + implementation group: 'com.github.hmcts', name: 'auth-checker-lib', version: '3.0.4' - implementation group: 'org.bouncycastle', name: 'bcprov-jdk18on', version: '1.74' + implementation group: 'org.bouncycastle', name: 'bcprov-jdk18on', version: '1.79' implementation group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.14' - implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.83' - implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: '9.0.83' + implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.98' + implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: '9.0.98' - implementation group: 'commons-io', name: 'commons-io', version: '2.15.1' + implementation group: 'commons-io', name: 'commons-io', version: '2.18.0' implementation group: 'org.springframework.boot', name: 'spring-boot-starter-cache' implementation group: 'com.github.ben-manes.caffeine', name: 'caffeine' - annotationProcessor 'org.projectlombok:lombok:1.18.30' - implementation 'org.projectlombok:lombok:1.18.30' + annotationProcessor 'org.projectlombok:lombok:1.18.36' + implementation 'org.projectlombok:lombok:1.18.36' testImplementation group: 'org.springframework.security', name: 'spring-security-test' @@ -450,7 +450,7 @@ dependencies { testImplementation group: 'net.serenity-bdd', name: 'serenity-spring', version: versions.serenity - testImplementation group: 'com.github.hmcts', name: 'fortify-client', version: '1.3.0', classifier: 'all', { + testImplementation group: 'com.github.hmcts', name: 'fortify-client', version: '1.4.6', classifier: 'all', { exclude group: 'commons-io', module: 'commons-io' exclude group: 'org.apache.commons', module: 'commons-lang3' } @@ -459,9 +459,9 @@ dependencies { testImplementation "info.solidsoft.gradle.pitest:gradle-pitest-plugin:${versions.gradlePitest}" testImplementation "org.codehaus.sonar-plugins:sonar-pitest-plugin:${versions.sonarPitest}" - testImplementation group: 'nl.jqno.equalsverifier', name: 'equalsverifier', version: '3.7.2' + testImplementation group: 'nl.jqno.equalsverifier', name: 'equalsverifier', version: '3.17.5' - testImplementation(group: 'org.springframework.cloud', name: 'spring-cloud-contract-wiremock', version: '3.1.8') { + testImplementation(group: 'org.springframework.cloud', name: 'spring-cloud-contract-wiremock', version: '3.1.10') { exclude group: "com.github.tomakehurst", module: "wiremock-standalone" } @@ -487,9 +487,9 @@ dependencies { contractTestImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-api', version: versions.junit contractTestImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-engine', version: versions.junit - contractTestRuntimeOnly group: 'org.junit.platform', name: 'junit-platform-commons', version: '1.10.1' + contractTestRuntimeOnly group: 'org.junit.platform', name: 'junit-platform-commons', version: '1.11.4' - contractTestImplementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '3.1.8' + contractTestImplementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '3.1.9' contractTestImplementation group: 'org.springframework.cloud', name: 'spring-cloud-netflix-ribbon', version: '2.2.10.RELEASE' } diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index dedd5d1e..e0fd0202 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-all.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.12-all.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/infrastructure/.terraform-version b/infrastructure/.terraform-version index 9f05f9f2..587c5f0c 100644 --- a/infrastructure/.terraform-version +++ b/infrastructure/.terraform-version @@ -1 +1 @@ -1.6.5 +1.10.3 diff --git a/infrastructure/state.tf b/infrastructure/state.tf index 661444ae..08cc9c67 100644 --- a/infrastructure/state.tf +++ b/infrastructure/state.tf @@ -4,7 +4,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.82.0" + version = "~> 3.117.0" } } }