From 011c983a5d12522c9d7743b4c8e923b2fed3f457 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20Jare=C5=A1?=
 <58428711+pj892031@users.noreply.github.com>
Date: Wed, 13 Sep 2023 15:36:00 +0200
Subject: [PATCH]  chore: Update dependencies to avoid vulnerabilities V2
 (#3074)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Pavel Jareš <pavel.jares@broadcom.com>
---
 build.gradle           |  4 ++++
 gradle/versions.gradle | 12 ++++++------
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/build.gradle b/build.gradle
index 41fd943939..3a33088326 100644
--- a/build.gradle
+++ b/build.gradle
@@ -101,6 +101,10 @@ allprojects {
             //substitute(module('javax.inject:javax.inject:1')).using(module('jakarta.inject:jakarta.inject-api:1.0.5'))
             substitute(module('javax.activation:javax.activation-api:1.0')).using(module('jakarta.activation:jakarta.activation-api:1.2.2'))
         }
+
+        resolutionStrategy.force libs.slf4j.api
+        resolutionStrategy.force libs.log4j.api
+        resolutionStrategy.force libs.log4j.to.slf4j
     }
 }
 
diff --git a/gradle/versions.gradle b/gradle/versions.gradle
index 9b5f9bb97e..e32e5c37ed 100644
--- a/gradle/versions.gradle
+++ b/gradle/versions.gradle
@@ -5,10 +5,10 @@ dependencyResolutionManagement {
             version('projectNode', '18.14.0')
             version('projectNpm', '9.3.1')
 
-            version('springBoot', '2.7.12')
+            version('springBoot', '2.7.15')
             version('springCloud', '2.2.10.RELEASE')
-            version('springCloudCommons', '3.1.6')
-            version('springCloudVersion3', '3.1.6')
+            version('springCloudCommons', '3.1.7')
+            version('springCloudVersion3', '3.1.7')
             version('springCloudCB', '2.1.7')
             version('springCloudGateway', '3.1.7')
             version('springSecurity') {
@@ -48,7 +48,7 @@ dependencyResolutionManagement {
             version('gradleGitProperties', '2.2.4') // Used in classpath dependencies
             version('gradleNode', '3.0.1') // Used in classpath dependencies
             version('gson', '2.9.1')
-            version('guava', '31.1-jre')
+            version('guava', '32.1.2-jre')
             version('hamcrest', '1.3')
             version('httpClient', '4.5.14')
             version('httpCore', '4.4.16')
@@ -109,7 +109,7 @@ dependencyResolutionManagement {
             version('restAssured', '5.3.0')
             version('rhino', '1.7.14')
             version('slf4j', '1.7.36')
-            version('snakeyaml', '2.0')
+            version('snakeyaml', '2.2')
             version('springFox', '2.9.2')
             version('springDoc') {
                 // version 1.7+ has a conflict with Jackson databind (displaying of examples)
@@ -122,7 +122,7 @@ dependencyResolutionManagement {
             version('swaggerCore', '1.6.10')
             version('swaggerInflector', '2.0.9')
             version('swaggerJaxrs2', '2.2.9')
-            version('thymeleaf', '3.0.15.RELEASE')
+            version('thymeleaf', '3.1.2.RELEASE')
             version('tomcat', '9.0.75')
             version('velocity', '2.3')
             version('woodstoxCore', '6.5.1')