From 8cf81ac9f2f768087b05432377fa4f07ccd71aad Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Mar 2024 11:11:01 +0000 Subject: [PATCH] build(deps): bump org.keycloak:keycloak-installed-adapter from 22.0.1 to 24.0.1 , apache compress to 1.24 and others (#745) * build(deps): bump org.keycloak:keycloak-installed-adapter Bumps org.keycloak:keycloak-installed-adapter from 22.0.1 to 24.0.1. --- updated-dependencies: - dependency-name: org.keycloak:keycloak-installed-adapter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * build(deps): bump apache-compress, test dependency and bumped snakeyaml Signed-off-by: Stephane Bouchet * build(deps): fix apache-compress Signed-off-by: Stephane Bouchet * build(deps): fix apache-compress Signed-off-by: Stephane Bouchet * build(deps): fix apache-compress Signed-off-by: Stephane Bouchet --------- Signed-off-by: dependabot[bot] Signed-off-by: Stephane Bouchet Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Stephane Bouchet --- build.gradle | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/build.gradle b/build.gradle index edba4a5bb..658201c1d 100644 --- a/build.gradle +++ b/build.gradle @@ -153,19 +153,19 @@ tasks.register('copyKey', Copy) { dependencies { implementation( 'io.fabric8:openshift-client:6.4.1', - 'org.apache.commons:commons-compress:1.21', + 'org.apache.commons:commons-compress:1.26.1', 'org.apache.commons:commons-exec:1.3', 'com.redhat.devtools.intellij:intellij-common:1.9.3', 'io.jsonwebtoken:jjwt-impl:0.11.2', 'io.jsonwebtoken:jjwt-jackson:0.11.2', - 'org.keycloak:keycloak-installed-adapter:22.0.1', + 'org.keycloak:keycloak-installed-adapter:24.0.1', 'com.squareup.retrofit2:converter-jackson:2.9.0', 'com.google.code.gson:gson:2.10.1') testImplementation( 'org.junit.platform:junit-platform-launcher:1.10.0', 'org.mockito:mockito-core:5.11.0', 'org.easytesting:fest-assert:1.4', - 'com.redhat.devtools.intellij:intellij-common:1.9.3-SNAPSHOT:test', + 'com.redhat.devtools.intellij:intellij-common:1.9.3:test', 'org.awaitility:awaitility:4.2.0', 'org.mock-server:mockserver-client-java:5.15.0', 'org.mock-server:mockserver-netty:5.15.0', @@ -174,18 +174,21 @@ dependencies { 'org.junit.jupiter:junit-jupiter-api:5.10.0', 'org.junit.jupiter:junit-jupiter:5.10.0') constraints { - implementation('io.undertow:undertow-core:2.3.7.Final') { //keycloak + implementation('io.undertow:undertow-core:2.3.12.Final') { //keycloak because 'https://app.snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-3339519' } implementation('com.squareup.okhttp3:okhttp:4.12.0') { //retrofit because 'https://app.snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044' } - implementation('org.jboss.xnio:xnio-api:3.8.9.Final') { //keycloak + implementation('org.jboss.xnio:xnio-api:3.8.13.Final') { //keycloak because 'https://app.snyk.io/vuln/SNYK-JAVA-ORGJBOSSXNIO-2994360' } - testImplementation('maven:junit:junit:4.13.1') { //intellij-common-ui-test-library + testImplementation('maven:junit:junit:4.13.2') { //intellij-common-ui-test-library because 'https://github.com/advisories/GHSA-269g-pwp5-87pp' } + implementation('org.yaml:snakeyaml:2.2') { //openshift-client + because 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471' + } } }