Merge pull request #75 from leanix/feature/CID-2409/fix-vulnerabilities

CID-2409: fix vulnerabilities

.github/workflows/snyk-scan.yml

@@ -11,11 +11,10 @@ jobs:
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@master
- - name: Get credentials
- uses: leanix/secrets-action@master
- with:
- secret-store-credentials: ${{ secrets.INJECTED_SECRET_STORE_CREDENTIALS }}
+
  - uses: snyk/actions/gradle@master
  with:
  command: monitor
  args: --all-projects --exclude=k8s -d --severity-threshold=high --remote-repo-url=leanix/vsm-sbom-booster --project-tags=Team=Cider
+ env:
+ SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

build.gradle.kts

@@ -2,7 +2,7 @@ import com.expediagroup.graphql.plugin.gradle.tasks.GraphQLGenerateClientTask
 import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
 
 plugins {
- id("org.springframework.boot") version "3.2.0"
+ id("org.springframework.boot") version "3.2.3"
  id("io.spring.dependency-management") version "1.1.4"
  id("com.expediagroup.graphql") version "7.0.2"
  id("io.gitlab.arturbosch.detekt") version "1.23.4"
@@ -80,4 +80,4 @@ configurations.all {
  force("ch.qos.logback:logback-core:1.4.14")
  force("ch.qos.logback:logback-classic:1.4.14")
  }
-}
+}