Update All patch-minor dependencies

hmcts · Jun 3, 2023 · e6e0939 · e6e0939
1 parent 544416d
commit e6e0939
Show file tree

Hide file tree

Showing 5 changed files with 81 additions and 81 deletions.
diff --git a/build.gradle b/build.gradle
@@ -1,12 +1,12 @@
 buildscript {
     ext {
-        springBootVersion = '2.6.10'
+        springBootVersion = '2.7.12'
     }
     dependencies {
-        classpath 'org.jsonschema2pojo:jsonschema2pojo-gradle-plugin:1.1.1'
+        classpath 'org.jsonschema2pojo:jsonschema2pojo-gradle-plugin:1.2.1'
     }
     dependencies {
-        classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.7'
+        classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.8.0.1969'
     }
     dependencies {
         classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
@@ -15,19 +15,19 @@ buildscript {
 
 plugins {
     id 'application'
-    id 'com.github.ben-manes.versions' version '0.20.0'
-    id 'io.spring.dependency-management' version '1.0.10.RELEASE'
-    id 'org.sonarqube' version '2.7'
+    id 'com.github.ben-manes.versions' version '0.46.0'
+    id 'io.spring.dependency-management' version '1.1.0'
+    id 'org.sonarqube' version '2.8'
     id 'jacoco'
-    id 'com.github.kt3k.coveralls' version '2.8.2'
-    id 'se.patrikerdes.use-latest-versions' version '0.2.7'
+    id 'com.github.kt3k.coveralls' version '2.12.2'
+    id 'se.patrikerdes.use-latest-versions' version '0.2.18'
     id 'net.ltgt.apt' version '0.21'
-    id 'com.github.spacialcircumstances.gradle-cucumber-reporting' version '0.1.23'
-    id "org.jetbrains.gradle.plugin.idea-ext" version "0.7"
-    id "info.solidsoft.pitest" version '1.4.0'
-    id "io.freefair.lombok" version "5.3.0"
-    id 'uk.gov.hmcts.java' version '0.12.40'
-    id 'au.com.dius.pact' version '4.1.0'
+    id 'com.github.spacialcircumstances.gradle-cucumber-reporting' version '0.1.25'
+    id "org.jetbrains.gradle.plugin.idea-ext" version "0.10"
+    id "info.solidsoft.pitest" version '1.9.11'
+    id "io.freefair.lombok" version "5.3.3.3"
+    id 'uk.gov.hmcts.java' version '0.12.43'
+    id 'au.com.dius.pact' version '4.6.0'
 }
 
 apply plugin: 'java'
@@ -46,7 +46,7 @@ apply plugin: 'se.patrikerdes.use-latest-versions'
 apply from: './gradle/suppress.gradle'
 
 def versions = [
-        pact_version    : '4.1.7',
+        pact_version    : '4.6.0',
 ]
 ext['spring-security.version'] = '5.6.9'
 ext['spring-framework.version'] = '5.3.26'
@@ -83,14 +83,14 @@ repositories {
 // end::repositories[]
 
 ext {
-    junitJupiterVersion = '5.8.2'
-    junitVintageVersion = '5.8.2'
-    powermockVersion = '2.0.7'
+    junitJupiterVersion = '5.9.3'
+    junitVintageVersion = '5.9.3'
+    powermockVersion = '2.0.9'
     reformLogging = '5.1.9'
     appInsightsVersion = '2.4.1'
     swagger2Version = '3.0.0'
-    hibernateVersion = '5.6.10.Final'
-    hazelcastVersion = '5.2.1'
+    hibernateVersion = '5.6.15.Final'
+    hazelcastVersion = '5.3.0'
     limits = [
             'instruction': 90,
             'branch'     : 85,
@@ -99,7 +99,7 @@ ext {
             'method'     : 90,
             'class'      : 98
     ]
-    springCloudVersion = '2021.0.3'
+    springCloudVersion = '2021.0.7'
 }
 
 group 'uk.gov.hmcts.ccd'
@@ -139,17 +139,17 @@ tasks.withType(Test) {
 }
 
 dependencies {
-    implementation 'com.google.code.gson:gson:2.8.9'
-    implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-bootstrap', version: '3.1.3'
-    implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '3.1.3'
+    implementation 'com.google.code.gson:gson:2.10.1'
+    implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-bootstrap', version: '3.1.6'
+    implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '3.1.7'
 
     implementation group: 'com.github.hmcts.java-logging', name: 'logging', version: reformLogging
     implementation group: 'com.github.hmcts.java-logging', name: 'logging-appinsights', version: reformLogging
 
-    implementation 'org.mapstruct:mapstruct-jdk8:1.3.1.Final'
-    implementation 'org.projectlombok:lombok:1.18.16'
-    annotationProcessor 'org.mapstruct:mapstruct-processor:1.3.1.Final', 'org.projectlombok:lombok:1.18.16', 'org.projectlombok:lombok-mapstruct-binding:0.2.0'
-    testAnnotationProcessor 'org.mapstruct:mapstruct-processor:1.3.1.Final', 'org.projectlombok:lombok:1.18.16', 'org.projectlombok:lombok-mapstruct-binding:0.2.0'
+    implementation 'org.mapstruct:mapstruct-jdk8:1.5.5.Final'
+    implementation 'org.projectlombok:lombok:1.18.28'
+    annotationProcessor 'org.mapstruct:mapstruct-processor:1.5.5.Final', 'org.projectlombok:lombok:1.18.28', 'org.projectlombok:lombok-mapstruct-binding:0.2.0'
+    testAnnotationProcessor 'org.mapstruct:mapstruct-processor:1.5.5.Final', 'org.projectlombok:lombok:1.18.28', 'org.projectlombok:lombok-mapstruct-binding:0.2.0'
 
     implementation('org.springframework.boot:spring-boot-starter-actuator')
 
@@ -166,63 +166,63 @@ dependencies {
     implementation group: 'com.hazelcast', name: 'hazelcast-spring', version: hazelcastVersion
 
     implementation group: 'javax.inject', name: 'javax.inject', version: '1'
-    implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.7'
-    implementation group: 'org.apache.logging.log4j', name: 'log4j-api', version: '2.17.1'
-    implementation group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.13'
+    implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.12.0'
+    implementation group: 'org.apache.logging.log4j', name: 'log4j-api', version: '2.20.0'
+    implementation group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.14'
     implementation group: 'io.springfox', name: 'springfox-boot-starter', version: swagger2Version
 
     compile "org.flywaydb:flyway-core:6.5.7"
-    compile group: 'org.yaml', name: 'snakeyaml', version: '1.32'
+    compile group: 'org.yaml', name: 'snakeyaml', version: '1.33'
     compile group: 'io.jsonwebtoken', name: 'jjwt', version:'0.9.1'
-    compile group: 'com.github.hmcts', name: 'service-auth-provider-java-client', version: '4.0.3'
-    compile group: 'com.github.hmcts', name: 'idam-java-client', version: '2.0.1'
+    compile group: 'com.github.hmcts', name: 'service-auth-provider-java-client', version: '4.1.2'
+    compile group: 'com.github.hmcts', name: 'idam-java-client', version: '2.1.1'
     compile group: 'org.bouncycastle', name: 'bcpkix-jdk15on', version: '1.70'
 
     implementation group: 'org.springframework.security', name: 'spring-security-oauth2-client'
-    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-resource-server', version: '2.5.14'
+    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-resource-server', version: '2.7.12'
     implementation group: 'org.springframework.security', name: 'spring-security-oauth2-resource-server'
     implementation group: 'org.springframework.security', name: 'spring-security-oauth2-core'
     implementation group: 'org.springframework.security', name: 'spring-security-oauth2-jose'
 
-    implementation "io.github.openfeign:feign-httpclient:11.0"
+    implementation "io.github.openfeign:feign-httpclient:11.10"
 
-    implementation group: 'net.minidev', name: 'json-smart', version: '2.4.7'
+    implementation group: 'net.minidev', name: 'json-smart', version: '2.4.11'
 
-    implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.21'
+    implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.31'
     implementation group: 'io.vavr', name: 'vavr', version: '0.10.4'
 
     testCompile group: 'io.github.openfeign.form', name: 'feign-form', version: '3.8.0'
     implementation group: 'io.github.openfeign.form', name: 'feign-form-spring', version: '3.8.0'
 
-    implementation group: 'com.sun.mail', name: 'mailapi', version: '1.6.1'
+    implementation group: 'com.sun.mail', name: 'mailapi', version: '1.6.7'
     implementation group: 'commons-lang', name: 'commons-lang', version: '2.6'
-    implementation group: 'commons-validator', name: 'commons-validator', version: '1.6'
+    implementation group: 'commons-validator', name: 'commons-validator', version: '1.7'
     // CVE-2019-10086 force update of commons-beanutils.
     implementation group: 'commons-beanutils', name: 'commons-beanutils', version: '1.9.4'
-    implementation group: 'com.jayway.jsonpath', name: 'json-path', version: '2.4.0'
+    implementation group: 'com.jayway.jsonpath', name: 'json-path', version: '2.8.0'
     implementation group: 'org.awaitility', name: 'awaitility', version: '3.1.6'
 
     // CVE-2021-28170
-    implementation "org.glassfish:jakarta.el:4.0.1"
+    implementation "org.glassfish:jakarta.el:4.0.2"
 
     implementation group: 'commons-fileupload', name: 'commons-fileupload', version: '1.5'
-    implementation group: 'commons-io', name: 'commons-io', version: '2.8.0'
+    implementation group: 'commons-io', name: 'commons-io', version: '2.12.0'
 
     // use the latest org.springframework.security
     implementation group: 'org.springframework.security', name: 'spring-security-core'
     implementation group: 'org.springframework.security', name: 'spring-security-config'
     implementation group: 'org.springframework.security', name: 'spring-security-web'
     implementation group: 'org.springframework.security', name: 'spring-security-crypto'
 
-    implementation group: 'com.vladmihalcea', name: 'hibernate-types-52', version: '2.9.13'
+    implementation group: 'com.vladmihalcea', name: 'hibernate-types-52', version: '2.21.1'
     implementation "org.hibernate:hibernate-core:${hibernateVersion}"
-    implementation group: 'org.apache.commons', name: 'commons-jexl3', version: '3.1'
-    implementation group: 'pl.jalokim.propertiestojson', name: 'java-properties-to-json', version: '5.1.3'
+    implementation group: 'org.apache.commons', name: 'commons-jexl3', version: '3.3'
+    implementation group: 'pl.jalokim.propertiestojson', name: 'java-properties-to-json', version: '5.3.0'
 
     // FIXME 0.6 doesn't support jsonb; 0.7 doesn't work on Windows
 //    runtime group: 'com.impossibl.pgjdbc-ng', name: 'pgjdbc-ng', version: '0.6'
-    runtimeOnly group: 'org.postgresql', name: 'postgresql', version: '42.5.1'
-    runtimeOnly group: 'com.zaxxer', name: 'HikariCP', version: '4.0.2'
+    runtimeOnly group: 'org.postgresql', name: 'postgresql', version: '42.6.0'
+    runtimeOnly group: 'com.zaxxer', name: 'HikariCP', version: '4.0.3'
 
     implementation 'org.springframework.boot:spring-boot-starter-validation'
 
@@ -233,46 +233,46 @@ dependencies {
 
     testImplementation('org.springframework.boot:spring-boot-starter-test')
     testImplementation('org.springframework.cloud:spring-cloud-starter-contract-stub-runner')
-    testCompile ('com.opentable.components:otj-pg-embedded:0.12.0')
-    testImplementation group: 'org.assertj', name: 'assertj-core', version: '3.22.0'
-    testImplementation group: 'org.assertj', name: 'assertj-vavr', version: '0.4.2'
-    testImplementation("org.testcontainers:postgresql:1.15.2")
-    testCompile ('com.github.tomakehurst:wiremock-jre8:2.25.1')
-    testCompile ('org.springframework.cloud:spring-cloud-contract-wiremock:2.2.4.RELEASE')
+    testCompile ('com.opentable.components:otj-pg-embedded:0.13.4')
+    testImplementation group: 'org.assertj', name: 'assertj-core', version: '3.24.2'
+    testImplementation group: 'org.assertj', name: 'assertj-vavr', version: '0.4.3'
+    testImplementation("org.testcontainers:postgresql:1.18.3")
+    testCompile ('com.github.tomakehurst:wiremock-jre8:2.35.0')
+    testCompile ('org.springframework.cloud:spring-cloud-contract-wiremock:2.2.6.RELEASE')
     // To avoid compiler warnings about @API annotations in JUnit5 code.
-    testCompileOnly 'org.apiguardian:apiguardian-api:1.0.0'
+    testCompileOnly 'org.apiguardian:apiguardian-api:1.1.2'
     testCompile "org.junit.jupiter:junit-jupiter-api:${junitJupiterVersion}"
     testRuntime "org.junit.jupiter:junit-jupiter-engine:${junitJupiterVersion}"
     testRuntime "org.junit.vintage:junit-vintage-engine:${junitVintageVersion}"
-    testRuntime "org.junit.platform:junit-platform-commons:1.8.1"
-    testCompile group: 'org.mockito', name: 'mockito-core', version: '3.6.0'
-    testCompile group:'org.mockito', name: 'mockito-junit-jupiter', version:'3.6.0'
+    testRuntime "org.junit.platform:junit-platform-commons:1.9.3"
+    testCompile group: 'org.mockito', name: 'mockito-core', version: '3.12.4'
+    testCompile group:'org.mockito', name: 'mockito-junit-jupiter', version:'3.12.4'
     testCompile group: 'org.powermock', name: 'powermock-api-mockito2', version: powermockVersion
     testCompile group: 'org.powermock', name: 'powermock-module-junit4', version: powermockVersion
-    testCompile group: 'io.rest-assured', name: 'rest-assured', version: '4.3.0'
-    testCompile group: 'com.xebialabs.restito', name: 'restito', version: '0.9.3'
+    testCompile group: 'io.rest-assured', name: 'rest-assured', version: '4.5.1'
+    testCompile group: 'com.xebialabs.restito', name: 'restito', version: '0.9.5'
     testCompile 'io.github.openfeign:feign-jackson:9.7.0'
-    testCompile 'pl.allegro.tech:embedded-elasticsearch:2.7.0'
+    testCompile 'pl.allegro.tech:embedded-elasticsearch:2.10.0'
     testCompile 'com.github.hmcts:fortify-client:1.3.0:all'
     testImplementation group: 'commons-lang', name: 'commons-lang', version: '2.6'
 
     // for sonar analysis
     testCompile group: 'org.openid4java', name: 'openid4java', version: '1.0.0'
     // remove me once insights is in
-    implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.10'
-    implementation group: 'ch.qos.logback', name: 'logback-core', version: '1.2.10'
+    implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.7'
+    implementation group: 'ch.qos.logback', name: 'logback-core', version: '1.4.7'
 
     //excluding log4j-core which causes a vulnerability issue
     implementation(group: 'io.searchbox', name: 'jest', version: '6.3.1') {
         exclude group: 'org.apache.logging.log4j', module: 'log4j-core'
     }
-    implementation(group: 'org.elasticsearch', name: 'elasticsearch', version: '7.16.2') {
+    implementation(group: 'org.elasticsearch', name: 'elasticsearch', version: '7.17.10') {
         exclude group: 'org.apache.logging.log4j', module: 'log4j-api'
     }
-    implementation 'org.jooq:jool-java-8:0.9.14'
-    implementation 'com.github.hmcts:ccd-case-document-am-client:1.7.1'
+    implementation 'org.jooq:jool-java-8:0.9.15'
+    implementation 'com.github.hmcts:ccd-case-document-am-client:1.59'
 
-    testCompile group: 'com.github.hmcts', name: 'ccd-test-definitions', version: '7.19.11'
+    testCompile group: 'com.github.hmcts', name: 'ccd-test-definitions', version: '7.19.12'
 
     testCompile group: 'com.github.hmcts', name: 'befta-fw', version: '8.7.11'
 
@@ -286,9 +286,9 @@ dependencies {
     contractTestCompile group: 'org.springframework.security', name: 'spring-security-oauth2-resource-server'
     contractTestCompile group: 'org.springframework.security', name: 'spring-security-oauth2-core'
     contractTestCompile group: 'org.springframework.security', name: 'spring-security-oauth2-jose'
-    contractTestCompile group: 'com.microsoft.azure', name: 'applicationinsights-core', version: '2.6.1'
+    contractTestCompile group: 'com.microsoft.azure', name: 'applicationinsights-core', version: '2.6.4'
     contractTestCompile group: 'javax.inject', name: 'javax.inject', version: '1'
-    contractTestCompile group: 'com.github.hmcts', name: 'idam-java-client', version: '2.0.1'
+    contractTestCompile group: 'com.github.hmcts', name: 'idam-java-client', version: '2.1.1'
     contractTestCompile group: 'com.hazelcast', name: 'hazelcast', version: hazelcastVersion
     contractTestCompile group: 'com.hazelcast', name: 'hazelcast-spring', version: hazelcastVersion
     contractTestCompile('org.springframework.boot:spring-boot-starter-hateoas')
@@ -299,11 +299,11 @@ dependencies {
         exclude group: 'org.apache.tomcat', module: 'tomcat-jdbc'
     }
     contractTestCompile("org.springframework.boot:spring-boot-starter-data-jpa")
-    contractTestCompile group: 'org.apache.commons', name: 'commons-jexl3', version: '3.1'
-    contractTestCompile(group: 'org.elasticsearch', name: 'elasticsearch', version: '7.16.2') {
+    contractTestCompile group: 'org.apache.commons', name: 'commons-jexl3', version: '3.3'
+    contractTestCompile(group: 'org.elasticsearch', name: 'elasticsearch', version: '7.17.10') {
         exclude group: 'org.apache.logging.log4j', module: 'log4j-api'
     }
-    contractTestCompile 'com.github.hmcts:ccd-case-document-am-client:1.7.1'
+    contractTestCompile 'com.github.hmcts:ccd-case-document-am-client:1.59'
 
     aatCompile group: 'commons-lang', name: 'commons-lang', version: '2.6'
 }
@@ -316,9 +316,9 @@ dependencyManagement {
 
     dependencies {
         // Versions prior to 30.0 vulnerable to CVE-2020-8908
-        dependency 'com.google.guava:guava:30.1-jre'
+        dependency 'com.google.guava:guava:30.1.1-jre'
 
-        dependencySet(group: 'org.apache.tomcat.embed', version: '9.0.73') {
+        dependencySet(group: 'org.apache.tomcat.embed', version: '9.0.75') {
             entry 'tomcat-embed-core'
             entry 'tomcat-embed-el'
             entry 'tomcat-embed-websocket'
@@ -329,14 +329,14 @@ dependencyManagement {
         }
 
         // Required for Embedded ES with Java 11
-        dependency 'org.rauschig:jarchivelib:1.0.0'
+        dependency 'org.rauschig:jarchivelib:1.2.0'
 
         // Remove once BEFTA rest-assured is updated
-        dependencySet(group: 'io.rest-assured', version: '4.3.0') {
+        dependencySet(group: 'io.rest-assured', version: '4.5.1') {
             entry 'json-path'
             entry 'xml-path'
         }
-        dependencySet(group: 'org.codehaus.groovy', version: '3.0.2') {
+        dependencySet(group: 'org.codehaus.groovy', version: '3.0.17') {
             entry 'groovy'
             entry 'groovy-xml'
             entry 'groovy-json'

diff --git a/charts/ccd-data-store-api/Chart.yaml b/charts/ccd-data-store-api/Chart.yaml
@@ -2,13 +2,13 @@ description: Helm chart for the HMCTS CCD Data Store
 name: ccd-data-store-api
 apiVersion: v2
 home: https://github.com/hmcts/ccd-data-store-api
-version: 2.0.22
+version: 2.0.23
 maintainers:
   - name: HMCTS CCD Dev Team
     email: [email protected]
 dependencies:
   - name: java
-    version: 4.0.13
+    version: 4.1.2
     repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/'
   - name: elasticsearch
     version: 7.17.3

diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.8.3-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.9.4-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/infrastructure/.terraform-version b/infrastructure/.terraform-version
@@ -1 +1 @@
-1.3.9
+1.4.6