From 5f2f7b1d3c71fd3c27288b33467a4792131c2cff Mon Sep 17 00:00:00 2001
From: Matthieu Geerebaert <matthieu.geerebaert@orange.com>
Date: Mon, 13 Jan 2020 16:24:23 +0100
Subject: Security improvement

Update dependencies to reduce security threat ( see jenkins clm )

Change-Id: I09165f017853dfe37caefdbae1f390c224198297
Issue-ID: EXTAPI-377
Signed-off-by: MatthieuGeerebaert <matthieu.geerebaert@orange.com>
---
 pom.xml | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

(limited to 'pom.xml')

diff --git a/pom.xml b/pom.xml
index d30b8c4..e738f19 100644
--- a/pom.xml
+++ b/pom.xml
@@ -121,7 +121,7 @@
       <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-dependencies</artifactId>
-        <version>2.1.7.RELEASE</version>
+        <version>2.2.2.RELEASE</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>
@@ -144,7 +144,7 @@
     <dependency>
       <groupId>org.apache.tomcat.embed</groupId>
       <artifactId>tomcat-embed-core</artifactId>
-      <version>9.0.24</version>
+      <version>9.0.30</version>
     </dependency>
 
     <dependency>
@@ -212,7 +212,7 @@
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-databind</artifactId>
-      <version>2.9.9.3</version>
+      <version>2.10.1</version>
 	</dependency>   
 
     <dependency>
@@ -345,19 +345,29 @@
           <groupId>com.squareup.okhttp3</groupId>
           <artifactId>okhttp</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>com.squareup.retrofit2</groupId>
+          <artifactId>retrofit</artifactId>
+        </exclusion>        
       </exclusions>
     </dependency>
 
     <dependency>
       <groupId>com.squareup.okhttp3</groupId>
       <artifactId>okhttp</artifactId>
-      <version>3.14.2</version>
+      <version>4.3.1</version>
     </dependency>
 
     <dependency>
       <groupId>com.google.guava</groupId>
       <artifactId>guava</artifactId>
     </dependency>
+    
+    <dependency>
+      <groupId>com.squareup.retrofit2</groupId>
+      <artifactId>retrofit</artifactId>
+      <version>2.7.1</version>
+    </dependency>    
 
     <!-- karate -->
 
-- 
cgit 1.2.3-korg