From b8aae5a0e52567886d5473f0fb656d5c0f5c1557 Mon Sep 17 00:00:00 2001 From: Gabriel Dorsch Date: Wed, 13 Mar 2024 10:57:47 -0400 Subject: [PATCH] Massive dependabot upgrade (#13596) * Bump io.swagger:swagger-annotations in /prime-router Bumps io.swagger:swagger-annotations from 1.6.12 to 1.6.13. --- updated-dependencies: - dependency-name: io.swagger:swagger-annotations dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump com.microsoft.azure.functions:azure-functions-java-library Bumps [com.microsoft.azure.functions:azure-functions-java-library](https://github.com/Azure/azure-functions-java-worker) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/Azure/azure-functions-java-worker/releases) - [Commits](https://github.com/Azure/azure-functions-java-worker/commits) --- updated-dependencies: - dependency-name: com.microsoft.azure.functions:azure-functions-java-library dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * Bump org.apache.commons:commons-lang3 in /prime-router Bumps org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-lang3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * Bump com.github.doyaaaaaken:kotlin-csv-jvm in /prime-router Bumps [com.github.doyaaaaaken:kotlin-csv-jvm](https://github.com/doyaaaaaken/kotlin-csv) from 1.9.2 to 1.9.3. - [Release notes](https://github.com/doyaaaaaken/kotlin-csv/releases) - [Commits](https://github.com/doyaaaaaken/kotlin-csv/compare/1.9.2...1.9.3) --- updated-dependencies: - dependency-name: com.github.doyaaaaaken:kotlin-csv-jvm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump ktorVersion from 2.3.6 to 2.3.8 in /prime-router Bumps `ktorVersion` from 2.3.6 to 2.3.8. Updates `io.ktor:ktor-client-core` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-client-cio` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-client-apache` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-client-auth` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-client-logging` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-client-encoding` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-client-content-negotiation` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-serialization-kotlinx` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-serialization-kotlinx-json` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) Updates `io.ktor:ktor-client-mock` from 2.3.6 to 2.3.8 - [Release notes](https://github.com/ktorio/ktor/releases) - [Changelog](https://github.com/ktorio/ktor/blob/2.3.8/CHANGELOG.md) - [Commits](https://github.com/ktorio/ktor/compare/2.3.6...2.3.8) --- updated-dependencies: - dependency-name: io.ktor:ktor-client-core dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-client-cio dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-client-apache dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-client-auth dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-client-logging dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-client-encoding dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-client-content-negotiation dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-serialization-kotlinx dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-serialization-kotlinx-json dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.ktor:ktor-client-mock dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump org.json:json from 20231013 to 20240205 in /prime-router Bumps [org.json:json](https://github.com/douglascrockford/JSON-java) from 20231013 to 20240205. - [Release notes](https://github.com/douglascrockford/JSON-java/releases) - [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md) - [Commits](https://github.com/douglascrockford/JSON-java/commits) --- updated-dependencies: - dependency-name: org.json:json dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 in /prime-router Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.16.0 to 1.16.1. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.16.0...rel/commons-codec-1.16.1) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump nu.studer.jooq from 8.2.1 to 9.0 in /prime-router Bumps nu.studer.jooq from 8.2.1 to 9.0. --- updated-dependencies: - dependency-name: nu.studer.jooq dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * Bump com.helger.as2:as2-lib from 5.1.1 to 5.1.2 in /prime-router Bumps [com.helger.as2:as2-lib](https://github.com/phax/as2-lib) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/phax/as2-lib/releases) - [Commits](https://github.com/phax/as2-lib/compare/as2-lib-parent-pom-5.1.1...as2-lib-parent-pom-5.1.2) --- updated-dependencies: - dependency-name: com.helger.as2:as2-lib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump org.jetbrains.kotlinx:kotlinx-coroutines-core in /prime-router Bumps [org.jetbrains.kotlinx:kotlinx-coroutines-core](https://github.com/Kotlin/kotlinx.coroutines) from 1.7.3 to 1.8.0. - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.3...1.8.0) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * Bump com.sendgrid:sendgrid-java from 4.10.1 to 4.10.2 in /prime-router Bumps [com.sendgrid:sendgrid-java](https://github.com/sendgrid/sendgrid-java) from 4.10.1 to 4.10.2. - [Release notes](https://github.com/sendgrid/sendgrid-java/releases) - [Changelog](https://github.com/sendgrid/sendgrid-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/sendgrid/sendgrid-java/compare/4.10.1...4.10.2) --- updated-dependencies: - dependency-name: com.sendgrid:sendgrid-java dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Pin com.nimbusds:nimbus-jose-jwt@9.37.2 in /prime-router to mitigate snyk finding https://app.snyk.io/org/prime-reportstream/project/3995ae6a-2093-4f94-b638-312e1e409404#issue-SNYK-JAVA-COMNIMBUSDS-6247633 * Bump com.googlecode.libphonenumber:libphonenumber in /prime-router Bumps [com.googlecode.libphonenumber:libphonenumber](https://github.com/google/libphonenumber) from 8.13.30 to 8.13.31. - [Release notes](https://github.com/google/libphonenumber/releases) - [Changelog](https://github.com/google/libphonenumber/blob/master/making-metadata-changes.md) - [Commits](https://github.com/google/libphonenumber/compare/v8.13.30...v8.13.31) --- updated-dependencies: - dependency-name: com.googlecode.libphonenumber:libphonenumber dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump commons-io:commons-io from 2.15.0 to 2.15.1 in /prime-router Bumps commons-io:commons-io from 2.15.0 to 2.15.1. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump com.avast.gradle.docker-compose in /prime-router Bumps [com.avast.gradle.docker-compose](https://github.com/avast/gradle-docker-compose-plugin) from 0.17.5 to 0.17.6. - [Release notes](https://github.com/avast/gradle-docker-compose-plugin/releases) - [Commits](https://github.com/avast/gradle-docker-compose-plugin/compare/0.17.5...0.17.6) --- updated-dependencies: - dependency-name: com.avast.gradle.docker-compose dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump org.jsoup:jsoup from 1.16.2 to 1.17.2 in /prime-router Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.16.2 to 1.17.2. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES.md) - [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.16.2...jsoup-1.17.2) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * Bump io.mockk:mockk from 1.13.8 to 1.13.10 in /prime-router Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.8 to 1.13.10. - [Release notes](https://github.com/mockk/mockk/releases) - [Commits](https://github.com/mockk/mockk/compare/1.13.8...1.13.10) --- updated-dependencies: - dependency-name: io.mockk:mockk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump com.microsoft.azure:applicationinsights-core in /prime-router Bumps [com.microsoft.azure:applicationinsights-core](https://github.com/Microsoft/ApplicationInsights-Java) from 3.4.19 to 3.5.0. - [Release notes](https://github.com/Microsoft/ApplicationInsights-Java/releases) - [Changelog](https://github.com/microsoft/ApplicationInsights-Java/blob/main/CHANGELOG.md) - [Commits](https://github.com/Microsoft/ApplicationInsights-Java/compare/3.4.19...v3.5.0) --- updated-dependencies: - dependency-name: com.microsoft.azure:applicationinsights-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * Bump com.azure:azure-security-keyvault-secrets in /prime-router Bumps [com.azure:azure-security-keyvault-secrets](https://github.com/Azure/azure-sdk-for-java) from 4.7.3 to 4.8.0. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](https://github.com/Azure/azure-sdk-for-java/compare/azure-security-keyvault-keys_4.7.3...azure-cosmos_4.8.0) --- updated-dependencies: - dependency-name: com.azure:azure-security-keyvault-secrets dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * Bump the azurestorage group in /prime-router with 2 updates Bumps the azurestorage group in /prime-router with 2 updates: [com.azure:azure-storage-blob](https://github.com/Azure/azure-sdk-for-java) and [com.azure:azure-storage-queue](https://github.com/Azure/azure-sdk-for-java). Updates `com.azure:azure-storage-blob` from 12.25.1 to 12.25.2 - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](https://github.com/Azure/azure-sdk-for-java/compare/azure-storage-blob_12.25.1...azure-storage-blob_12.25.2) Updates `com.azure:azure-storage-queue` from 12.20.1 to 12.20.2 - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](https://github.com/Azure/azure-sdk-for-java/compare/azure-storage-blob_12.20.1...azure-storage-blob_12.20.2) --- updated-dependencies: - dependency-name: com.azure:azure-storage-blob dependency-type: direct:production update-type: version-update:semver-patch dependency-group: azurestorage - dependency-name: com.azure:azure-storage-queue dependency-type: direct:production update-type: version-update:semver-patch dependency-group: azurestorage ... Signed-off-by: dependabot[bot] * Bump the skrapeit group in /prime-router with 2 updates Bumps the skrapeit group in /prime-router with 2 updates: [it.skrape:skrapeit-html-parser](https://github.com/skrapeit/skrape.it) and [it.skrape:skrapeit-http-fetcher](https://github.com/skrapeit/skrape.it). Updates `it.skrape:skrapeit-html-parser` from 1.3.0-alpha.1 to 1.3.0-alpha.2 - [Commits](https://github.com/skrapeit/skrape.it/compare/1.3.0-alpha.1...1.3.0-alpha.2) Updates `it.skrape:skrapeit-http-fetcher` from 1.3.0-alpha.1 to 1.3.0-alpha.2 - [Commits](https://github.com/skrapeit/skrape.it/compare/1.3.0-alpha.1...1.3.0-alpha.2) --- updated-dependencies: - dependency-name: it.skrape:skrapeit-html-parser dependency-type: direct:production update-type: version-update:semver-patch dependency-group: skrapeit - dependency-name: it.skrape:skrapeit-http-fetcher dependency-type: direct:production update-type: version-update:semver-patch dependency-group: skrapeit ... Signed-off-by: dependabot[bot] * Bump the hapifhir group in /prime-router with 3 updates Bumps the hapifhir group in /prime-router with 3 updates: ca.uhn.hapi.fhir:hapi-fhir-structures-r4, ca.uhn.hapi.fhir:hapi-fhir-caching-caffeine and ca.uhn.hapi.fhir:hapi-fhir-client. Updates `ca.uhn.hapi.fhir:hapi-fhir-structures-r4` from 6.10.4 to 7.0.0 Updates `ca.uhn.hapi.fhir:hapi-fhir-caching-caffeine` from 6.10.4 to 7.0.0 Updates `ca.uhn.hapi.fhir:hapi-fhir-client` from 6.10.4 to 7.0.0 --- updated-dependencies: - dependency-name: ca.uhn.hapi.fhir:hapi-fhir-structures-r4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: hapifhir - dependency-name: ca.uhn.hapi.fhir:hapi-fhir-caching-caffeine dependency-type: direct:production update-type: version-update:semver-major dependency-group: hapifhir - dependency-name: ca.uhn.hapi.fhir:hapi-fhir-client dependency-type: direct:production update-type: version-update:semver-major dependency-group: hapifhir ... Signed-off-by: dependabot[bot] * Bump the bouncycastle group in /prime-router with 3 updates Bumps the bouncycastle group in /prime-router with 3 updates: [org.bouncycastle:bcprov-jdk15to18](https://github.com/bcgit/bc-java), [org.bouncycastle:bcprov-jdk18on](https://github.com/bcgit/bc-java) and [org.bouncycastle:bcmail-jdk15to18](https://github.com/bcgit/bc-java). Updates `org.bouncycastle:bcprov-jdk15to18` from 1.76 to 1.77 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `org.bouncycastle:bcprov-jdk18on` from 1.76 to 1.77 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `org.bouncycastle:bcmail-jdk15to18` from 1.76 to 1.77 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) --- updated-dependencies: - dependency-name: org.bouncycastle:bcprov-jdk15to18 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: bouncycastle - dependency-name: org.bouncycastle:bcprov-jdk18on dependency-type: direct:production update-type: version-update:semver-minor dependency-group: bouncycastle - dependency-name: org.bouncycastle:bcmail-jdk15to18 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: bouncycastle ... Signed-off-by: dependabot[bot] * Bump the junit group in /prime-router with 3 updates Bumps the junit group in /prime-router with 3 updates: [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit5), [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit5) and [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5). Updates `org.junit.jupiter:junit-jupiter-api` from 5.10.1 to 5.10.2 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.10.1...r5.10.2) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.10.1 to 5.10.2 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.10.1...r5.10.2) Updates `org.junit.jupiter:junit-jupiter` from 5.10.1 to 5.10.2 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.10.1...r5.10.2) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: junit - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-type: direct:production update-type: version-update:semver-patch dependency-group: junit - dependency-name: org.junit.jupiter:junit-jupiter dependency-type: direct:production update-type: version-update:semver-patch dependency-group: junit ... Signed-off-by: dependabot[bot] * Bump the azurecore group in /prime-router with 2 updates Bumps the azurecore group in /prime-router with 2 updates: [com.azure:azure-core](https://github.com/Azure/azure-sdk-for-java) and [com.azure:azure-core-http-netty](https://github.com/Azure/azure-sdk-for-java). Updates `com.azure:azure-core` from 1.45.1 to 1.47.0 - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](https://github.com/Azure/azure-sdk-for-java/compare/azure-core_1.45.1...azure-core_1.47.0) Updates `com.azure:azure-core-http-netty` from 1.13.11 to 1.14.1 - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](https://github.com/Azure/azure-sdk-for-java/compare/azure-core-http-netty_1.13.11...azure-core_1.14.1) --- updated-dependencies: - dependency-name: com.azure:azure-core dependency-type: direct:production update-type: version-update:semver-minor dependency-group: azurecore - dependency-name: com.azure:azure-core-http-netty dependency-type: direct:production update-type: version-update:semver-minor dependency-group: azurecore ... Signed-off-by: dependabot[bot] * Bump the testcontainers group in /prime-router with 3 updates Bumps the testcontainers group in /prime-router with 3 updates: [org.testcontainers:testcontainers](https://github.com/testcontainers/testcontainers-java), [org.testcontainers:junit-jupiter](https://github.com/testcontainers/testcontainers-java) and [org.testcontainers:postgresql](https://github.com/testcontainers/testcontainers-java). Updates `org.testcontainers:testcontainers` from 1.19.1 to 1.19.6 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.6) Updates `org.testcontainers:junit-jupiter` from 1.19.1 to 1.19.6 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.6) Updates `org.testcontainers:postgresql` from 1.19.1 to 1.19.6 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.1...1.19.6) --- updated-dependencies: - dependency-name: org.testcontainers:testcontainers dependency-type: direct:production update-type: version-update:semver-patch dependency-group: testcontainers - dependency-name: org.testcontainers:junit-jupiter dependency-type: direct:production update-type: version-update:semver-patch dependency-group: testcontainers - dependency-name: org.testcontainers:postgresql dependency-type: direct:production update-type: version-update:semver-patch dependency-group: testcontainers ... Signed-off-by: dependabot[bot] * Bump the flyway group in /prime-router with 3 updates Bumps the flyway group in /prime-router with 3 updates: org.flywaydb:flyway-database-postgresql, [org.flywaydb:flyway-core](https://github.com/flyway/flyway) and org.flywaydb.flyway. Updates `org.flywaydb:flyway-database-postgresql` from 10.7.2 to 10.8.1 Updates `org.flywaydb:flyway-core` from 10.7.2 to 10.8.1 - [Release notes](https://github.com/flyway/flyway/releases) - [Commits](https://github.com/flyway/flyway/compare/flyway-10.7.2...flyway-10.8.1) Updates `org.flywaydb.flyway` from 10.7.2 to 10.8.1 --- updated-dependencies: - dependency-name: org.flywaydb:flyway-database-postgresql dependency-type: direct:production update-type: version-update:semver-minor dependency-group: flyway - dependency-name: org.flywaydb:flyway-core dependency-type: direct:production update-type: version-update:semver-minor dependency-group: flyway - dependency-name: org.flywaydb.flyway dependency-type: direct:production update-type: version-update:semver-minor dependency-group: flyway ... Signed-off-by: dependabot[bot] * Bump the swagger group in /prime-router with 2 updates Bumps the swagger group in /prime-router with 2 updates: io.swagger.core.v3:swagger-jaxrs2 and io.swagger.core.v3.swagger-gradle-plugin. Updates `io.swagger.core.v3:swagger-jaxrs2` from 2.2.19 to 2.2.20 Updates `io.swagger.core.v3.swagger-gradle-plugin` from 2.2.19 to 2.2.20 --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-jaxrs2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: swagger - dependency-name: io.swagger.core.v3.swagger-gradle-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: swagger ... Signed-off-by: dependabot[bot] * Bump the log4j group in /prime-router with 5 updates Bumps the log4j group in /prime-router with 5 updates: | Package | From | To | | --- | --- | --- | | org.apache.logging.log4j:log4j-api | `2.22.0` | `2.23.0` | | org.apache.logging.log4j:log4j-core | `2.22.0` | `2.23.0` | | org.apache.logging.log4j:log4j-slf4j2-impl | `2.22.0` | `2.23.0` | | org.apache.logging.log4j:log4j-layout-template-json | `2.22.0` | `2.23.0` | | [org.apache.logging.log4j:log4j-api-kotlin](https://github.com/apache/logging-log4j-kotlin) | `1.3.0` | `1.4.0` | Updates `org.apache.logging.log4j:log4j-api` from 2.22.0 to 2.23.0 Updates `org.apache.logging.log4j:log4j-core` from 2.22.0 to 2.23.0 Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.22.0 to 2.23.0 Updates `org.apache.logging.log4j:log4j-layout-template-json` from 2.22.0 to 2.23.0 Updates `org.apache.logging.log4j:log4j-api-kotlin` from 1.3.0 to 1.4.0 - [Release notes](https://github.com/apache/logging-log4j-kotlin/releases) - [Commits](https://github.com/apache/logging-log4j-kotlin/compare/rel/1.3.0...rel/1.4.0) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: log4j - dependency-name: org.apache.logging.log4j:log4j-core dependency-type: direct:production update-type: version-update:semver-minor dependency-group: log4j - dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl dependency-type: direct:production update-type: version-update:semver-minor dependency-group: log4j - dependency-name: org.apache.logging.log4j:log4j-layout-template-json dependency-type: direct:production update-type: version-update:semver-minor dependency-group: log4j - dependency-name: org.apache.logging.log4j:log4j-api-kotlin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: log4j ... Signed-off-by: dependabot[bot] * Bump com.azure:azure-identity from 1.11.1 to 1.11.3 in /prime-router Bumps [com.azure:azure-identity](https://github.com/Azure/azure-sdk-for-java) from 1.11.1 to 1.11.3. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](https://github.com/Azure/azure-sdk-for-java/compare/azure-identity_1.11.1...azure-identity_1.11.3) --- updated-dependencies: - dependency-name: com.azure:azure-identity dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Stephen Nesman <94193373+snesm@users.noreply.github.com> Co-authored-by: Josiah Siegel --- prime-router/build.gradle.kts | 102 +++++++++++++++++----------------- 1 file changed, 52 insertions(+), 50 deletions(-) diff --git a/prime-router/build.gradle.kts b/prime-router/build.gradle.kts index 7e48ee9094e..b43e0d09a77 100644 --- a/prime-router/build.gradle.kts +++ b/prime-router/build.gradle.kts @@ -32,18 +32,18 @@ import java.util.Properties plugins { val kotlinVersion by System.getProperties() kotlin("jvm") version "$kotlinVersion" - id("org.flywaydb.flyway") version "10.7.2" - id("nu.studer.jooq") version "8.2.1" + id("org.flywaydb.flyway") version "10.8.1" + id("nu.studer.jooq") version "9.0" id("com.github.johnrengelman.shadow") version "8.1.1" id("com.microsoft.azure.azurefunctions") version "1.14.0" id("org.jlleitschuh.gradle.ktlint") version "12.1.0" id("com.adarshr.test-logger") version "4.0.0" id("jacoco") id("org.jetbrains.dokka") version "1.9.10" - id("com.avast.gradle.docker-compose") version "0.17.5" + id("com.avast.gradle.docker-compose") version "0.17.6" id("org.jetbrains.kotlin.plugin.serialization") version "$kotlinVersion" id("com.nocwriter.runsql") version ("1.0.3") - id("io.swagger.core.v3.swagger-gradle-plugin") version "2.2.19" + id("io.swagger.core.v3.swagger-gradle-plugin") version "2.2.20" } group = "gov.cdc.prime" @@ -61,7 +61,7 @@ val javaVersion = when (appJvmTarget) { "21" -> JavaVersion.VERSION_21 else -> JavaVersion.VERSION_17 } -val ktorVersion = "2.3.6" +val ktorVersion = "2.3.8" val kotlinVersion by System.getProperties() val jacksonVersion = "2.16.1" jacoco.toolVersion = "0.8.10" @@ -797,7 +797,7 @@ buildscript { // will need to be removed once this issue is resolved in Maven. classpath("net.minidev:json-smart:2.5.0") // as per flyway v10 docs the postgres flyway module must be on the project buildpath - classpath("org.flywaydb:flyway-database-postgresql:10.7.2") + classpath("org.flywaydb:flyway-database-postgresql:10.8.1") } } @@ -815,32 +815,34 @@ dependencies { implementation("org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlinVersion") implementation("org.jetbrains.kotlin:kotlin-stdlib-common:$kotlinVersion") implementation("org.jetbrains.kotlin:kotlin-reflect:$kotlinVersion") - implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.7.3") - implementation("com.microsoft.azure.functions:azure-functions-java-library:3.0.0") - implementation("com.microsoft.azure:applicationinsights-core:3.4.19") - implementation("com.azure:azure-core:1.45.1") - implementation("com.azure:azure-core-http-netty:1.13.11") - implementation("com.azure:azure-storage-blob:12.25.1") { + implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.8.0") + implementation("com.microsoft.azure.functions:azure-functions-java-library:3.1.0") + implementation("com.microsoft.azure:applicationinsights-core:3.5.0") + implementation("com.azure:azure-core:1.47.0") + implementation("com.azure:azure-core-http-netty:1.14.1") + implementation("com.azure:azure-storage-blob:12.25.2") { exclude(group = "com.azure", module = "azure-core") } - implementation("com.azure:azure-storage-queue:12.20.1") { + implementation("com.azure:azure-storage-queue:12.20.2") { exclude(group = "com.azure", module = "azure-core") } - implementation("com.azure:azure-security-keyvault-secrets:4.7.3") { + implementation("com.azure:azure-security-keyvault-secrets:4.8.0") { exclude(group = "com.azure", module = "azure-core") exclude(group = "com.azure", module = "azure-core-http-netty") } - implementation("com.azure:azure-identity:1.11.1") { + implementation("com.azure:azure-identity:1.11.3") { exclude(group = "com.azure", module = "azure-core") exclude(group = "com.azure", module = "azure-core-http-netty") } - implementation("org.apache.logging.log4j:log4j-api:2.22.0") - implementation("org.apache.logging.log4j:log4j-core:2.22.0") - implementation("org.apache.logging.log4j:log4j-slf4j2-impl:2.22.0") - implementation("org.apache.logging.log4j:log4j-layout-template-json:2.22.0") - implementation("org.apache.logging.log4j:log4j-api-kotlin:1.3.0") + // pin com.nimbusds:nimbus-jose-jwt to mitigate CVE-2023-52428 + implementation("com.nimbusds:nimbus-jose-jwt:9.37.2") + implementation("org.apache.logging.log4j:log4j-api:2.23.0") + implementation("org.apache.logging.log4j:log4j-core:2.23.0") + implementation("org.apache.logging.log4j:log4j-slf4j2-impl:2.23.0") + implementation("org.apache.logging.log4j:log4j-layout-template-json:2.23.0") + implementation("org.apache.logging.log4j:log4j-api-kotlin:1.4.0") implementation("io.github.oshai:kotlin-logging-jvm:6.0.3") - implementation("com.github.doyaaaaaken:kotlin-csv-jvm:1.9.2") + implementation("com.github.doyaaaaaken:kotlin-csv-jvm:1.9.3") implementation("tech.tablesaw:tablesaw-core:0.43.1") implementation("com.github.ajalt.clikt:clikt-jvm:4.2.2") implementation("com.fasterxml.jackson.module:jackson-module-kotlin:$jacksonVersion") @@ -856,41 +858,41 @@ dependencies { branch = "master" } } - implementation("ca.uhn.hapi.fhir:hapi-fhir-structures-r4:6.10.4") + implementation("ca.uhn.hapi.fhir:hapi-fhir-structures-r4:7.0.0") // https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-caching-caffeine - implementation("ca.uhn.hapi.fhir:hapi-fhir-caching-caffeine:6.10.4") - implementation("ca.uhn.hapi.fhir:hapi-fhir-client:6.10.4") + implementation("ca.uhn.hapi.fhir:hapi-fhir-caching-caffeine:7.0.0") + implementation("ca.uhn.hapi.fhir:hapi-fhir-client:7.0.0") implementation("ca.uhn.hapi:hapi-base:2.5.1") implementation("ca.uhn.hapi:hapi-structures-v251:2.5.1") implementation("ca.uhn.hapi:hapi-structures-v27:2.5.1") - implementation("com.googlecode.libphonenumber:libphonenumber:8.13.30") + implementation("com.googlecode.libphonenumber:libphonenumber:8.13.31") implementation("org.thymeleaf:thymeleaf:3.1.2.RELEASE") - implementation("com.sendgrid:sendgrid-java:4.10.1") + implementation("com.sendgrid:sendgrid-java:4.10.2") implementation("com.okta.jwt:okta-jwt-verifier:0.5.7") implementation("com.github.kittinunf.fuel:fuel:2.3.1") { exclude(group = "org.json", module = "json") } implementation("com.github.kittinunf.fuel:fuel-json:2.3.1") - implementation("org.json:json:20231013") + implementation("org.json:json:20240205") // DO NOT INCREMENT SSHJ to a newer version without first thoroughly testing it locally. implementation("com.hierynomus:sshj:0.38.0") implementation("com.jcraft:jsch:0.1.55") implementation("org.apache.poi:poi:5.2.5") implementation("org.apache.commons:commons-csv:1.10.0") - implementation("org.apache.commons:commons-lang3:3.13.0") + implementation("org.apache.commons:commons-lang3:3.14.0") implementation("org.apache.commons:commons-text:1.11.0") - implementation("commons-codec:commons-codec:1.16.0") - implementation("commons-io:commons-io:2.15.0") + implementation("commons-codec:commons-codec:1.16.1") + implementation("commons-io:commons-io:2.15.1") implementation("org.postgresql:postgresql:42.7.2") implementation("com.zaxxer:HikariCP:5.1.0") - implementation("org.flywaydb:flyway-core:10.7.2") - implementation("org.flywaydb:flyway-database-postgresql:10.7.2") + implementation("org.flywaydb:flyway-core:10.8.1") + implementation("org.flywaydb:flyway-database-postgresql:10.8.1") implementation("org.commonmark:commonmark:0.21.0") implementation("com.google.guava:guava:33.0.0-jre") - implementation("com.helger.as2:as2-lib:5.1.1") - implementation("org.bouncycastle:bcprov-jdk15to18:1.76") - implementation("org.bouncycastle:bcprov-jdk18on:1.76") - implementation("org.bouncycastle:bcmail-jdk15to18:1.76") + implementation("com.helger.as2:as2-lib:5.1.2") + implementation("org.bouncycastle:bcprov-jdk15to18:1.77") + implementation("org.bouncycastle:bcprov-jdk18on:1.77") + implementation("org.bouncycastle:bcmail-jdk15to18:1.77") implementation("commons-net:commons-net:3.10.0") implementation("com.cronutils:cron-utils:9.2.1") @@ -906,19 +908,19 @@ dependencies { implementation("io.ktor:ktor-client-content-negotiation:$ktorVersion") implementation("io.ktor:ktor-serialization-kotlinx:$ktorVersion") implementation("io.ktor:ktor-serialization-kotlinx-json:$ktorVersion") - implementation("it.skrape:skrapeit-html-parser:1.3.0-alpha.1") - implementation("it.skrape:skrapeit-http-fetcher:1.3.0-alpha.1") + implementation("it.skrape:skrapeit-html-parser:1.3.0-alpha.2") + implementation("it.skrape:skrapeit-http-fetcher:1.3.0-alpha.2") implementation("org.apache.poi:poi:5.2.5") implementation("org.apache.poi:poi-ooxml:5.2.5") // pin commons-compress to mitigate CVE-2024-25710 and CVE-2024-26308 implementation("org.apache.commons:commons-compress:1.26.0") - implementation("commons-io:commons-io:2.15.0") + implementation("commons-io:commons-io:2.15.1") implementation("com.anyascii:anyascii:0.3.2") // force jsoup since skrapeit-html-parser@1.2.1+ has not updated - implementation("org.jsoup:jsoup:1.16.2") + implementation("org.jsoup:jsoup:1.17.2") // https://mvnrepository.com/artifact/io.swagger/swagger-annotations - implementation("io.swagger:swagger-annotations:1.6.12") - implementation("io.swagger.core.v3:swagger-jaxrs2:2.2.19") + implementation("io.swagger:swagger-annotations:1.6.13") + implementation("io.swagger.core.v3:swagger-jaxrs2:2.2.20") // https://mvnrepository.com/artifact/javax.ws.rs/javax.ws.rs-api implementation("javax.ws.rs:javax.ws.rs-api:2.1.1") // https://mvnrepository.com/artifact/javax.servlet/javax.servlet-api @@ -943,17 +945,17 @@ dependencies { exclude(group = "com.github.kittinunf.fuel", module = "fuel") } // kotlinx-coroutines-core is needed by mock-fuel - testImplementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.7.3") + testImplementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.8.0") testImplementation("com.github.KennethWussmann:mock-fuel:1.3.0") - testImplementation("io.mockk:mockk:1.13.8") - testImplementation("org.junit.jupiter:junit-jupiter-api:5.10.1") + testImplementation("io.mockk:mockk:1.13.10") + testImplementation("org.junit.jupiter:junit-jupiter-api:5.10.2") testImplementation("com.willowtreeapps.assertk:assertk-jvm:0.27.0") testImplementation("io.ktor:ktor-client-mock:$ktorVersion") - testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.10.1") - testImplementation("org.junit.jupiter:junit-jupiter:5.10.1") - testImplementation("org.testcontainers:testcontainers:1.19.1") - testImplementation("org.testcontainers:junit-jupiter:1.19.1") - testImplementation("org.testcontainers:postgresql:1.19.1") + testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.10.2") + testImplementation("org.junit.jupiter:junit-jupiter:5.10.2") + testImplementation("org.testcontainers:testcontainers:1.19.6") + testImplementation("org.testcontainers:junit-jupiter:1.19.6") + testImplementation("org.testcontainers:postgresql:1.19.6") implementation(kotlin("script-runtime")) } \ No newline at end of file