build: bump version

chore: update hapi-fhir dependency to 6.10.2
This mitigates CVE-2023-6378, CVE-2023-2976 and CVE-2020-8908
2025-07-01 22:22:53 +00:00 · 2023-12-29 17:27:21 +01:00 · 2023-12-29 17:27:17 +01:00 · 2023-12-29 17:27:10 +01:00 · 2023-12-29 17:26:51 +01:00 · 2023-12-29 17:06:47 +01:00
1 changed files with 3 additions and 9 deletions
--- a/build.gradle.kts
+++ b/build.gradle.kts
@ -4,26 +4,22 @@ import org.springframework.boot.gradle.tasks.bundling.BootBuildImage
 plugins {
    war
-    id("org.springframework.boot") version "3.2.0"
+    id("org.springframework.boot") version "3.2.1"
    id("io.spring.dependency-management") version "1.1.4"
    kotlin("jvm") version "1.9.21"
    kotlin("plugin.spring") version "1.9.21"
 }
 group = "de.ukw.ccc"
-version = "0.3.0"
+version = "0.3.1"
 var versions = mapOf(
    "bwhc-dto-java" to "0.2.0",
-    "hapi-fhir" to "6.6.2",
+    "hapi-fhir" to "6.10.2",
    "httpclient5" to "5.2.1",
    "mockito-kotlin" to "5.1.0"
 )
 // Override Apache Kafka to be used
 // Fixes: CVE-2023-34455, CVE-2023-34454, CVE-2023-34453 and CVE-2023-43642
 extra["kafka.version"] = "3.6.0"
 java {
    sourceCompatibility = JavaVersion.VERSION_17
 }
@ -60,8 +56,6 @@ dependencies {
    implementation("org.springframework.boot:spring-boot-starter-data-jdbc")
    implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
    implementation("org.springframework.kafka:spring-kafka")
    // fix CVE-2022-1471
    implementation("org.yaml:snakeyaml:2.1")
    implementation("org.flywaydb:flyway-mysql")
    implementation("commons-codec:commons-codec")
    implementation("io.projectreactor.kotlin:reactor-kotlin-extensions")
Author	SHA1	Message	Date
Paul-Christian Volkmer	5d0e815037	build: bump version	2023-12-29 17:27:21 +01:00
Paul-Christian Volkmer	a5a19e0cea	chore: update hapi-fhir dependency to 6.10.2 This mitigates CVE-2023-6378, CVE-2023-2976 and CVE-2020-8908	2023-12-29 17:27:17 +01:00
Paul-Christian Volkmer	1493a63e02	chore: remove snakeyaml dependency version override Spring Boot 3.2.1 uses newer version 2.2, so there is no need to override dependency version.	2023-12-29 17:27:10 +01:00
Paul-Christian Volkmer	fe927e65aa	chore: remove explicit kafka dependency version Spring Boot 3.6.1 uses Kafka 3.6.1 that mitigates CVE-2023-34453, CVE-2023-34454, CVE-2023-34455, CVE-2023-43642 and new CVE-2023-44981 from version 3.6.0	2023-12-29 17:26:51 +01:00
Paul-Christian Volkmer	add09c3f9c	chore: update spring boot to version 3.2.1	2023-12-29 17:06:47 +01:00