From 996769d7acc88adaaaf0953cf4c02e13a7fda9fd Mon Sep 17 00:00:00 2001 From: Hongchol Sinn Date: Tue, 2 Apr 2024 16:51:15 -0700 Subject: [PATCH] bump: The dependencies that we override the ones managed by spring-boot - To the latest patch versions - As part of monthly dependency bump tasks --- dependencies.gradle | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dependencies.gradle b/dependencies.gradle index 5daef7e2180..9818582bfa7 100644 --- a/dependencies.gradle +++ b/dependencies.gradle @@ -19,10 +19,10 @@ versions.seleniumVersion = "4.13.0" // Versions we're overriding from the Spring Boot Bom ext["flyway.version"] = "7.15.0" // flyway 8+ drops support for mysql 5.7 -ext["mariadb.version"] = "2.7.11" // Bumping to v3 breaks some pipeline jobs (and compatibility with Amazon Aurora MySQL), so pinning to v2 for now. v2 (current version) is stable and will be supported until about September 2025 (https://mariadb.com/kb/en/about-mariadb-connector-j/). +ext["mariadb.version"] = "2.7.12" // Bumping to v3 breaks some pipeline jobs (and compatibility with Amazon Aurora MySQL), so pinning to v2 for now. v2 (current version) is stable and will be supported until about September 2025 (https://mariadb.com/kb/en/about-mariadb-connector-j/). ext["snakeyaml.version"] = "2.2" // Needed to resolve CVEs in internal spring-boot 2.7.12 inclusion of snakeyaml -ext["jackson-bom.version"] = "2.16.1" // Bumping to latest version because of compatibility to snakeyaml 2.0 -ext["spring-framework.version"] = "5.3.32" // Bumping to latest version 5 patch for CVE-2024-22243 +ext["jackson-bom.version"] = "2.16.2" // Bumping to latest version because of compatibility to snakeyaml 2.0 +ext["spring-framework.version"] = "5.3.33" // Bumping to latest version 5 patch ext["selenium.version"] = "${versions.seleniumVersion}" ext {