Fix vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42

remove the use of commons-codec as it's not needed and also a vulnerability and use the released version of pomba-audit-common Issue-ID: LOG-1066 Issue-ID: LOG-1067 Issue-ID: LOG-1099 Signed-off-by: Prudence Au <prudence.au@amdocs.com> Change-Id: Iaaedfef7c59a80dae468ff937375b09b56216d98
author: Prudence Au <prudence.au@amdocs.com> 2019-08-10 21:51:27 -0400
committer: Prudence Au <prudence.au@amdocs.com> 2019-08-10 21:51:27 -0400
commit: 412c6b69b11edbfd462dc84a76a8c31d98ac5f54 (patch)
tree: 6f961772d59ee16c08b5f911ba6b3883a2e05ab5
parent: d802a34480c912a686fd1075b2b438ebae88557e (diff)
1 files changed, 14 insertions, 2 deletions
diff --git a/pom.xml b/pom.xml
index aa33780..e15e84d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -46,7 +46,7 @@ limitations under the License.
                 <!-- Import dependency management from Spring Boot -->
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
-                <version>1.5.17.RELEASE</version>
+                <version>1.5.22.RELEASE</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -65,6 +65,12 @@ limitations under the License.
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework.boot</groupId>
+                    <artifactId>spring-boot-starter-json</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -129,7 +135,7 @@ limitations under the License.
         <dependency>
            <groupId>org.onap.logging-analytics.pomba</groupId>
            <artifactId>pomba-audit-common</artifactId>
-           <version>1.4.0</version>
+           <version>1.5.0</version>
         </dependency>
         <dependency>
             <groupId>com.google.guava</groupId>
@@ -163,6 +169,12 @@ limitations under the License.
             <groupId>org.kie</groupId>
             <artifactId>kie-ci</artifactId>
             <version>${kie.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>commons-codec</groupId>
+                    <artifactId>commons-codec</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
 
         <!-- Test dependencies -->
author	Prudence Au <prudence.au@amdocs.com>	2019-08-10 21:51:27 -0400
committer	Prudence Au <prudence.au@amdocs.com>	2019-08-10 21:51:27 -0400
commit	412c6b69b11edbfd462dc84a76a8c31d98ac5f54 (patch)
tree	6f961772d59ee16c08b5f911ba6b3883a2e05ab5
parent	d802a34480c912a686fd1075b2b438ebae88557e (diff)