chore:remove guava/netty/jackson dependency overwrite (24.2) [skip ci] (#4602)

* chore:remove guava/netty/jackson dependency overwrite

* chore: use form-filler 1.0-SNAPSHOT

Author: ZheSun88

scripts/generateAndCheckSBOM.js

@@ -46,11 +46,6 @@ const licenseWhiteList = [
 ];
 
 const cveWhiteList = {
-  // exclude jackson-databind:2.15.2, as https://github.com/jeremylong/DependencyCheck/issues/5779 and https://nvd.nist.gov/vuln/detail/CVE-2023-35116
-  'pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.15.2': ['CVE-2023-35116'],
-  // exclude false positive based on https://github.com/jeremylong/DependencyCheck/issues/5912
-  'pkg:maven/io.netty/netty-handler@4.1.94.Final': ['CVE-2023-4586'],
-  'pkg:maven/io.netty/netty-transport@4.1.94.Final': ['CVE-2023-4586'],
   // remove after using the dependency-check-plugin 8.4.1 
   'pkg:maven/com.vaadin.flow.ai/form-filler-addon@1.0.0': ['CVE-2019-25027', 'CVE-2021-31412', 'CVE-2018-25007', 'CVE-2021-31404']
 }

vaadin-testbench/pom.xml

@@ -38,59 +38,7 @@
             <artifactId>vaadin-testbench-core</artifactId>
             <scope>compile</scope>
         </dependency>
-
-        <!-- TEMPORARY FIX OF DEP VULNERABILITIES -->
-        <dependency>
-            <groupId>com.google.guava</groupId>
-            <artifactId>guava</artifactId>
-            <version>32.0.1-jre</version>
-        </dependency>
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-transport</artifactId>
-            <version>4.1.94.Final</version>
-        </dependency>
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-transport-native-epoll</artifactId>
-            <version>4.1.94.Final</version>
-        </dependency>
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-transport-native-kqueue</artifactId>
-            <version>4.1.94.Final</version>
-        </dependency>
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-codec-http</artifactId>
-            <version>4.1.94.Final</version>
-        </dependency>
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-codec-socks</artifactId>
-            <version>4.1.94.Final</version>
-        </dependency>
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-handler-proxy</artifactId>
-            <version>4.1.94.Final</version>
-        </dependency>
-        <dependency>
-            <groupId>org.asynchttpclient</groupId>
-            <artifactId>async-http-client</artifactId>
-            <version>2.12.3</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>io.netty</groupId>
-                    <artifactId>netty-transport-native-kqueue</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>io.netty</groupId>
-                    <artifactId>netty-transport-native-epoll</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-
+        
         <!-- Flow HTML components -->
         <dependency>
             <groupId>com.vaadin</groupId>

versions.json

@@ -108,7 +108,7 @@
             "javaVersion": "15.0.1"
         },
         "flow-form-filler": {
-            "javaVersion": "1.0.0"
+            "javaVersion": "1.0-SNAPSHOT"
         },
         "form-layout": {
             "javaVersion": "{{version}}",