Skip to content

Commit d1ebc2d

Browse files
antonioT90antonioT90
authored
fix: P4ADEV-3829 CVE fix (#28)
1 parent 5f574a8 commit d1ebc2d

File tree

3 files changed

+20
-16
lines changed

3 files changed

+20
-16
lines changed

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ ARG IMAGE_VERSION="21-alpine-3.21"
88
ARG IMAGE_SHA="cafcfad1d9d3b6e7dd983fa367f085ca1c846ce792da59bcb420ac4424296d56"
99
ARG GRADLE_VERSION="8.10.2"
1010
ARG GRADLE_DOWNLOAD_SHA256="31c55713e40233a8303827ceb42ca48a47267a0ad4bab9177123121e71524c26"
11-
ARG APPINSIGHTS_VERSION="3.7.3"
11+
ARG APPINSIGHTS_VERSION="3.7.4"
1212

1313
# 🌍 Timezone Configuration
1414
ARG TZ="Europe/Rome"

build.gradle.kts

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -3,10 +3,10 @@ plugins {
33
id("org.springframework.boot") version "3.5.3"
44
id("io.spring.dependency-management") version "1.1.7"
55
jacoco
6-
id("org.sonarqube") version "6.2.0.5505"
6+
id("org.sonarqube") version "6.3.1.5724"
77
id("com.github.ben-manes.versions") version "0.52.0"
8-
id("org.openapi.generator") version "7.13.0"
9-
id("com.gorylenko.gradle-git-properties") version "2.5.0"
8+
id("org.openapi.generator") version "7.15.0"
9+
id("com.gorylenko.gradle-git-properties") version "2.5.3"
1010
}
1111

1212
group = "it.gov.pagopa.payhub"
@@ -29,9 +29,10 @@ repositories {
2929
mavenCentral()
3030
}
3131

32-
val springDocOpenApiVersion = "2.8.9"
33-
val openApiToolsVersion = "0.2.6"
34-
val micrometerVersion = "1.5.1"
32+
val springDocOpenApiVersion = "2.8.13"
33+
val janinoVersion = "3.1.12"
34+
val openApiToolsVersion = "0.2.7"
35+
val micrometerVersion = "1.5.4"
3536
val httpClientVersion = "5.5"
3637

3738
dependencies {
@@ -40,6 +41,7 @@ dependencies {
4041
implementation("org.springframework.boot:spring-boot-starter-validation")
4142
implementation("org.springframework.boot:spring-boot-starter-actuator")
4243
implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:$springDocOpenApiVersion")
44+
implementation("org.codehaus.janino:janino:$janinoVersion")
4345
implementation("io.micrometer:micrometer-tracing-bridge-otel:$micrometerVersion")
4446
implementation("io.micrometer:micrometer-registry-prometheus")
4547
implementation("com.fasterxml.jackson.datatype:jackson-datatype-jsr310")

gradle.lockfile

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ io.micrometer:micrometer-core:1.15.1=compileClasspath
1919
io.micrometer:micrometer-jakarta9:1.15.1=compileClasspath
2020
io.micrometer:micrometer-observation:1.15.1=compileClasspath
2121
io.micrometer:micrometer-registry-prometheus:1.15.1=compileClasspath
22-
io.micrometer:micrometer-tracing-bridge-otel:1.5.1=compileClasspath
22+
io.micrometer:micrometer-tracing-bridge-otel:1.5.4=compileClasspath
2323
io.micrometer:micrometer-tracing:1.5.1=compileClasspath
2424
io.opentelemetry.semconv:opentelemetry-semconv:1.32.0=compileClasspath
2525
io.opentelemetry:opentelemetry-api:1.49.0=compileClasspath
@@ -34,9 +34,9 @@ io.prometheus:prometheus-metrics-config:1.3.8=compileClasspath
3434
io.prometheus:prometheus-metrics-core:1.3.8=compileClasspath
3535
io.prometheus:prometheus-metrics-model:1.3.8=compileClasspath
3636
io.prometheus:prometheus-metrics-tracer-common:1.3.8=compileClasspath
37-
io.swagger.core.v3:swagger-annotations-jakarta:2.2.30=compileClasspath
38-
io.swagger.core.v3:swagger-core-jakarta:2.2.30=compileClasspath
39-
io.swagger.core.v3:swagger-models-jakarta:2.2.30=compileClasspath
37+
io.swagger.core.v3:swagger-annotations-jakarta:2.2.36=compileClasspath
38+
io.swagger.core.v3:swagger-core-jakarta:2.2.36=compileClasspath
39+
io.swagger.core.v3:swagger-models-jakarta:2.2.36=compileClasspath
4040
jakarta.activation:jakarta.activation-api:2.1.3=compileClasspath
4141
jakarta.annotation:jakarta.annotation-api:2.1.1=compileClasspath
4242
jakarta.validation:jakarta.validation-api:3.0.2=compileClasspath
@@ -50,16 +50,18 @@ org.apache.logging.log4j:log4j-to-slf4j:2.24.3=compileClasspath
5050
org.apache.tomcat.embed:tomcat-embed-core:10.1.42=compileClasspath
5151
org.apache.tomcat.embed:tomcat-embed-el:10.1.42=compileClasspath
5252
org.apache.tomcat.embed:tomcat-embed-websocket:10.1.42=compileClasspath
53+
org.codehaus.janino:commons-compiler:3.1.12=compileClasspath
54+
org.codehaus.janino:janino:3.1.12=compileClasspath
5355
org.hibernate.validator:hibernate-validator:8.0.2.Final=compileClasspath
5456
org.jboss.logging:jboss-logging:3.6.1.Final=compileClasspath
5557
org.jspecify:jspecify:1.0.0=compileClasspath
56-
org.openapitools:jackson-databind-nullable:0.2.6=compileClasspath
58+
org.openapitools:jackson-databind-nullable:0.2.7=compileClasspath
5759
org.projectlombok:lombok:1.18.38=compileClasspath
5860
org.slf4j:jul-to-slf4j:2.0.17=compileClasspath
5961
org.slf4j:slf4j-api:2.0.17=compileClasspath
60-
org.springdoc:springdoc-openapi-starter-common:2.8.9=compileClasspath
61-
org.springdoc:springdoc-openapi-starter-webmvc-api:2.8.9=compileClasspath
62-
org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.9=compileClasspath
62+
org.springdoc:springdoc-openapi-starter-common:2.8.13=compileClasspath
63+
org.springdoc:springdoc-openapi-starter-webmvc-api:2.8.13=compileClasspath
64+
org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.13=compileClasspath
6365
org.springframework.boot:spring-boot-actuator-autoconfigure:3.5.3=compileClasspath
6466
org.springframework.boot:spring-boot-actuator:3.5.3=compileClasspath
6567
org.springframework.boot:spring-boot-autoconfigure:3.5.3=compileClasspath
@@ -79,7 +81,7 @@ org.springframework:spring-expression:6.2.8=compileClasspath
7981
org.springframework:spring-jcl:6.2.8=compileClasspath
8082
org.springframework:spring-web:6.2.8=compileClasspath
8183
org.springframework:spring-webmvc:6.2.8=compileClasspath
82-
org.webjars:swagger-ui:5.21.0=compileClasspath
84+
org.webjars:swagger-ui:5.28.1=compileClasspath
8385
org.webjars:webjars-locator-lite:1.1.0=compileClasspath
8486
org.yaml:snakeyaml:2.4=compileClasspath
8587
empty=

0 commit comments

Comments
 (0)