From 6c431fdec58026ab14c7734b61b8b8ff85e65a14 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:16:39 +0000 Subject: [PATCH 01/22] fix: upgrade org.slf4j:slf4j-log4j12 from 1.7.26 to 1.7.36 Snyk has created this PR to upgrade org.slf4j:slf4j-log4j12 from 1.7.26 to 1.7.36. See this package in Maven Repository: https://mvnrepository.com/artifact/org.slf4j/slf4j-log4j12/ See this project in Snyk: https://app.snyk.io/org/jshook/project/e8231ecd-1e2c-4c81-a8c0-29a5d5128048?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..03d856ae2 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -420,7 +420,7 @@ org.slf4j slf4j-log4j12 - 1.7.26 + 1.7.36 From 43ec20d73781c1693178fe1f96b26756f5cf8133 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:16:43 +0000 Subject: [PATCH 02/22] fix: upgrade org.slf4j:slf4j-api from 1.7.30 to 1.7.36 Snyk has created this PR to upgrade org.slf4j:slf4j-api from 1.7.30 to 1.7.36. See this package in Maven Repository: https://mvnrepository.com/artifact/org.slf4j/slf4j-api/ See this project in Snyk: https://app.snyk.io/org/jshook/project/e8231ecd-1e2c-4c81-a8c0-29a5d5128048?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..071df53ee 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -414,7 +414,7 @@ org.slf4j slf4j-api - 1.7.30 + 1.7.36 From e17e97108a3debd883da07aec71a34628e87e176 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:16:48 +0000 Subject: [PATCH 03/22] fix: upgrade org.apache.kafka:kafka-clients from 2.0.0 to 2.8.1 Snyk has created this PR to upgrade org.apache.kafka:kafka-clients from 2.0.0 to 2.8.1. See this package in Maven Repository: https://mvnrepository.com/artifact/org.apache.kafka/kafka-clients/ See this project in Snyk: https://app.snyk.io/org/jshook/project/47c3eea5-928a-40fb-b197-32123f5066a1?utm_source=github&utm_medium=referral&page=upgrade-pr --- driver-kafka/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/driver-kafka/pom.xml b/driver-kafka/pom.xml index e26e5dd00..bf9ddcf14 100644 --- a/driver-kafka/pom.xml +++ b/driver-kafka/pom.xml @@ -24,7 +24,7 @@ org.apache.kafka kafka-clients - 2.0.0 + 2.8.1 From b42076dfb3bd68849f63818cdfa2398af89a1c26 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:16:54 +0000 Subject: [PATCH 04/22] fix: upgrade org.apache.avro:avro from 1.10.0 to 1.11.0 Snyk has created this PR to upgrade org.apache.avro:avro from 1.10.0 to 1.11.0. See this package in Maven Repository: https://mvnrepository.com/artifact/org.apache.avro/avro/ See this project in Snyk: https://app.snyk.io/org/jshook/project/47c3eea5-928a-40fb-b197-32123f5066a1?utm_source=github&utm_medium=referral&page=upgrade-pr --- driver-kafka/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/driver-kafka/pom.xml b/driver-kafka/pom.xml index e26e5dd00..8ae9a7500 100644 --- a/driver-kafka/pom.xml +++ b/driver-kafka/pom.xml @@ -31,7 +31,7 @@ org.apache.avro avro - 1.10.0 + 1.11.0 From 739eb236f5317a2bd6edb4a3d0165407cd932748 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:02 +0000 Subject: [PATCH 05/22] fix: upgrade io.dropwizard.metrics:metrics-core from 4.1.9 to 4.2.8 Snyk has created this PR to upgrade io.dropwizard.metrics:metrics-core from 4.1.9 to 4.2.8. See this package in Maven Repository: https://mvnrepository.com/artifact/io.dropwizard.metrics/metrics-core/ See this project in Snyk: https://app.snyk.io/org/jshook/project/fc9e1bd9-1d9a-474f-bde4-efb614c52ffe?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..676d2ee2e 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -128,7 +128,7 @@ io.dropwizard.metrics metrics-core - 4.1.9 + 4.2.8 From d6396821c862eee61cc0e856f9d641d24c5e634f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:03 +0000 Subject: [PATCH 06/22] fix: upgrade com.squareup:javapoet from 1.11.1 to 1.13.0 Snyk has created this PR to upgrade com.squareup:javapoet from 1.11.1 to 1.13.0. See this package in Maven Repository: https://mvnrepository.com/artifact/com.squareup/javapoet/ See this project in Snyk: https://app.snyk.io/org/jshook/project/627ce680-0fed-4cc5-bd10-791988847316?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..efea7c885 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -38,7 +38,7 @@ 1.9 3.2.1 3.0.0-RC1 - 1.11.1 + 1.13.0 2.4.0-b180830.0359 2.3.0.1 2.4.0-b180830.0438 From 5f336bbc59a28e6c74cbba0dd393f181daa0e013 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:04 +0000 Subject: [PATCH 07/22] fix: upgrade io.netty:netty-handler from 4.1.51.Final to 4.1.74.Final Snyk has created this PR to upgrade io.netty:netty-handler from 4.1.51.Final to 4.1.74.Final. See this package in Maven Repository: https://mvnrepository.com/artifact/io.netty/netty-handler/ See this project in Snyk: https://app.snyk.io/org/jshook/project/1830e4b8-f3ac-4d17-97f7-6ab4f6b54ef9?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..aa87b58a8 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -176,7 +176,7 @@ io.netty netty-handler - 4.1.51.Final + 4.1.74.Final From cc2ca6add23ef59bc21218ac949e36d2ad2706c6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:07 +0000 Subject: [PATCH 08/22] fix: upgrade org.apache.commons:commons-lang3 from 3.9 to 3.12.0 Snyk has created this PR to upgrade org.apache.commons:commons-lang3 from 3.9 to 3.12.0. See this package in Maven Repository: https://mvnrepository.com/artifact/org.apache.commons/commons-lang3/ See this project in Snyk: https://app.snyk.io/org/jshook/project/627ce680-0fed-4cc5-bd10-791988847316?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..a422805bd 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -33,7 +33,7 @@ 1.21 1.15 1.8 - 3.9 + 3.12.0 3.6.1 1.9 3.2.1 From 743a57ca1fcffdce1b2605e6b0a4cd865dc9a43d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:08 +0000 Subject: [PATCH 09/22] fix: upgrade com.github.docker-java:docker-java from 3.2.1 to 3.2.13 Snyk has created this PR to upgrade com.github.docker-java:docker-java from 3.2.1 to 3.2.13. See this package in Maven Repository: https://mvnrepository.com/artifact/com.github.docker-java/docker-java/ See this project in Snyk: https://app.snyk.io/org/jshook/project/1830e4b8-f3ac-4d17-97f7-6ab4f6b54ef9?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..bbe37e955 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -36,7 +36,7 @@ 3.9 3.6.1 1.9 - 3.2.1 + 3.2.13 3.0.0-RC1 1.11.1 2.4.0-b180830.0359 From 952809b76a46c8e5849726778a68250079be308a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:13 +0000 Subject: [PATCH 10/22] fix: upgrade org.openjdk.jmh:jmh-core from 1.22 to 1.34 Snyk has created this PR to upgrade org.openjdk.jmh:jmh-core from 1.22 to 1.34. See this package in Maven Repository: https://mvnrepository.com/artifact/org.openjdk.jmh/jmh-core/ See this project in Snyk: https://app.snyk.io/org/jshook/project/fc9e1bd9-1d9a-474f-bde4-efb614c52ffe?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..fdb18dd19 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -42,7 +42,7 @@ 2.4.0-b180830.0359 2.3.0.1 2.4.0-b180830.0438 - 1.22 + 1.34 2.9.9 5.7.2 From 7a923e49913f863379f8a6b5ad758aa69c2df306 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:16 +0000 Subject: [PATCH 11/22] fix: upgrade org.eclipse.jetty:jetty-rewrite from 11.0.1 to 11.0.8 Snyk has created this PR to upgrade org.eclipse.jetty:jetty-rewrite from 11.0.1 to 11.0.8. See this package in Maven Repository: https://mvnrepository.com/artifact/org.eclipse.jetty/jetty-rewrite/ See this project in Snyk: https://app.snyk.io/org/jshook/project/03cbee46-d5d2-41d3-89cc-a2ad77ab807a?utm_source=github&utm_medium=referral&page=upgrade-pr --- docsys/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docsys/pom.xml b/docsys/pom.xml index 327b22d2f..9948971d7 100644 --- a/docsys/pom.xml +++ b/docsys/pom.xml @@ -49,7 +49,7 @@ org.eclipse.jetty jetty-rewrite - 11.0.1 + 11.0.8 From 88228ea37d6976afd43a9657ac1382b638c2dcf0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:20 +0000 Subject: [PATCH 12/22] fix: upgrade org.eclipse.jetty:jetty-servlet from 11.0.1 to 11.0.8 Snyk has created this PR to upgrade org.eclipse.jetty:jetty-servlet from 11.0.1 to 11.0.8. See this package in Maven Repository: https://mvnrepository.com/artifact/org.eclipse.jetty/jetty-servlet/ See this project in Snyk: https://app.snyk.io/org/jshook/project/03cbee46-d5d2-41d3-89cc-a2ad77ab807a?utm_source=github&utm_medium=referral&page=upgrade-pr --- docsys/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docsys/pom.xml b/docsys/pom.xml index 327b22d2f..f08aad8de 100644 --- a/docsys/pom.xml +++ b/docsys/pom.xml @@ -44,7 +44,7 @@ org.eclipse.jetty jetty-servlet - 11.0.1 + 11.0.8 org.eclipse.jetty From 432f659fa2df4a192a2990822d5f3da9ecf7e8d1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:22 +0000 Subject: [PATCH 13/22] fix: upgrade org.antlr:antlr4-runtime from 4.9.2 to 4.9.3 Snyk has created this PR to upgrade org.antlr:antlr4-runtime from 4.9.2 to 4.9.3. See this package in Maven Repository: https://mvnrepository.com/artifact/org.antlr/antlr4-runtime/ See this project in Snyk: https://app.snyk.io/org/jshook/project/4fe3cf6c-f4d3-4f3f-a866-bfa1af872852?utm_source=github&utm_medium=referral&page=upgrade-pr --- mvn-defaults/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mvn-defaults/pom.xml b/mvn-defaults/pom.xml index f25d312f0..7a6c9bfe5 100644 --- a/mvn-defaults/pom.xml +++ b/mvn-defaults/pom.xml @@ -29,7 +29,7 @@ 1.2.0 - 4.9.2 + 4.9.3 1.21 1.15 1.8 From 8b013e6741b862b58f2914c22085cfc93b9d99e8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:28 +0000 Subject: [PATCH 14/22] fix: upgrade org.projectlombok:lombok from 1.18.20 to 1.18.22 Snyk has created this PR to upgrade org.projectlombok:lombok from 1.18.20 to 1.18.22. See this package in Maven Repository: https://mvnrepository.com/artifact/org.projectlombok/lombok/ See this project in Snyk: https://app.snyk.io/org/jshook/project/eb02b5e3-2668-4f0f-a63a-47871c96a9ff?utm_source=github&utm_medium=referral&page=upgrade-pr --- driver-jms/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/driver-jms/pom.xml b/driver-jms/pom.xml index 8dea046ef..407facde6 100644 --- a/driver-jms/pom.xml +++ b/driver-jms/pom.xml @@ -60,7 +60,7 @@ org.projectlombok lombok - 1.18.20 + 1.18.22 provided From 258690a3640580ead3d42f8be3c5c8880f3d72b4 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:33 +0000 Subject: [PATCH 15/22] fix: upgrade io.swagger.core.v3:swagger-models from 2.1.10 to 2.1.13 Snyk has created this PR to upgrade io.swagger.core.v3:swagger-models from 2.1.10 to 2.1.13. See this package in Maven Repository: https://mvnrepository.com/artifact/io.swagger.core.v3/swagger-models/ See this project in Snyk: https://app.snyk.io/org/jshook/project/b808ba5a-fa96-49c2-9cae-4c2c2f8a1384?utm_source=github&utm_medium=referral&page=upgrade-pr --- engine-rest/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/engine-rest/pom.xml b/engine-rest/pom.xml index 74ce2afa2..7a23994eb 100644 --- a/engine-rest/pom.xml +++ b/engine-rest/pom.xml @@ -29,7 +29,7 @@ io.swagger.core.v3 swagger-models - 2.1.10 + 2.1.13 From a920b9304c25e347a96f2c64c43a6917632df6ef Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:17:53 +0000 Subject: [PATCH 16/22] fix: upgrade org.xerial.snappy:snappy-java from 1.1.7.3 to 1.1.8.4 Snyk has created this PR to upgrade org.xerial.snappy:snappy-java from 1.1.7.3 to 1.1.8.4. See this package in Maven Repository: https://mvnrepository.com/artifact/org.xerial.snappy/snappy-java/ See this project in Snyk: https://app.snyk.io/org/jshook/project/f2d62bab-282e-4a32-8fb9-1a067980e81a?utm_source=github&utm_medium=referral&page=upgrade-pr --- adapter-cqld4/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adapter-cqld4/pom.xml b/adapter-cqld4/pom.xml index 1123ce052..a7c460937 100644 --- a/adapter-cqld4/pom.xml +++ b/adapter-cqld4/pom.xml @@ -70,7 +70,7 @@ org.xerial.snappy snappy-java - 1.1.7.3 + 1.1.8.4 From d58f4245d57325e860103d7f494b74083c3772f0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:18:09 +0000 Subject: [PATCH 17/22] fix: upgrade org.mongodb:mongodb-driver-sync from 4.4.0 to 4.5.0 Snyk has created this PR to upgrade org.mongodb:mongodb-driver-sync from 4.4.0 to 4.5.0. See this package in Maven Repository: https://mvnrepository.com/artifact/org.mongodb/mongodb-driver-sync/ See this project in Snyk: https://app.snyk.io/org/jshook/project/59c91125-002d-4b9a-8473-f7cf9131b895?utm_source=github&utm_medium=referral&page=upgrade-pr --- driver-mongodb/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/driver-mongodb/pom.xml b/driver-mongodb/pom.xml index 48559adfc..ce1354a20 100644 --- a/driver-mongodb/pom.xml +++ b/driver-mongodb/pom.xml @@ -33,7 +33,7 @@ org.mongodb mongodb-driver-sync - 4.4.0 + 4.5.0 From be5ae056803286867ff9c6b1af3ee969e9d8ce54 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:19:17 +0000 Subject: [PATCH 18/22] fix: upgrade org.apache.avro:avro from 1.10.1 to 1.11.0 Snyk has created this PR to upgrade org.apache.avro:avro from 1.10.1 to 1.11.0. See this package in Maven Repository: https://mvnrepository.com/artifact/org.apache.avro/avro/ See this project in Snyk: https://app.snyk.io/org/jshook/project/82e7c627-460b-46d3-b43f-f03128c43fc2?utm_source=github&utm_medium=referral&page=upgrade-pr --- driver-pulsar/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/driver-pulsar/pom.xml b/driver-pulsar/pom.xml index 0fd73f016..edf78d570 100644 --- a/driver-pulsar/pom.xml +++ b/driver-pulsar/pom.xml @@ -67,7 +67,7 @@ org.apache.avro avro - 1.10.1 + 1.11.0 From 26aa58cc683ceedbfc05a35f2b1235c9b2296dd5 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Mar 2022 11:19:28 +0000 Subject: [PATCH 19/22] fix: upgrade org.apache.pulsar:pulsar-client from 2.8.2 to 2.9.1 Snyk has created this PR to upgrade org.apache.pulsar:pulsar-client from 2.8.2 to 2.9.1. See this package in Maven Repository: https://mvnrepository.com/artifact/org.apache.pulsar/pulsar-client/ See this project in Snyk: https://app.snyk.io/org/jshook/project/82e7c627-460b-46d3-b43f-f03128c43fc2?utm_source=github&utm_medium=referral&page=upgrade-pr --- driver-pulsar/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/driver-pulsar/pom.xml b/driver-pulsar/pom.xml index 0fd73f016..cd9ee490b 100644 --- a/driver-pulsar/pom.xml +++ b/driver-pulsar/pom.xml @@ -18,7 +18,7 @@ - 2.8.2 + 2.9.1 From 7afff559c19956bf5043ccf35cb1bde9e75c4770 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 16 Mar 2022 10:09:37 +0000 Subject: [PATCH 20/22] fix: nb-api/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244 --- nb-api/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb-api/pom.xml b/nb-api/pom.xml index 584a0b2fe..92c7b9b8e 100644 --- a/nb-api/pom.xml +++ b/nb-api/pom.xml @@ -69,7 +69,7 @@ com.amazonaws aws-java-sdk-s3 - 1.12.177 + 1.12.179 From 7df62865f17534021fbd36bcf497eed3e2bd1ff6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 17 Mar 2022 10:53:49 +0000 Subject: [PATCH 21/22] fix: nb-api/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244 --- nb-api/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb-api/pom.xml b/nb-api/pom.xml index 92c7b9b8e..4935ebbfc 100644 --- a/nb-api/pom.xml +++ b/nb-api/pom.xml @@ -69,7 +69,7 @@ com.amazonaws aws-java-sdk-s3 - 1.12.179 + 1.12.180 From 8c1362934fcff58328a4c2641c7c08697dbc89eb Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 21 Mar 2022 09:13:48 +0000 Subject: [PATCH 22/22] fix: docsys/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244 --- docsys/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docsys/pom.xml b/docsys/pom.xml index 327b22d2f..4a565234f 100644 --- a/docsys/pom.xml +++ b/docsys/pom.xml @@ -89,7 +89,7 @@ com.fasterxml.jackson.jaxrs jackson-jaxrs-json-provider - 2.13.0 + 2.13.2