Fix 7 vulnerable dependencies identified by Prisma Cloud

bridgeit-devops-bot · bridgeit-devops-bot · commit 1bbe8e44f2fb · 2023-12-31T07:09:26.000Z
diff --git a/packages/pom.xml b/packages/pom.xml
@@ -28,7 +28,7 @@
 		<dependency>
 			<groupId>org.apache.commons</groupId>
 			<artifactId>commons-compress</artifactId>
-			<version>1.15</version>
+			<version>1.21</version>
 		</dependency>
 		<dependency>
 			<groupId>junit</groupId>
diff --git a/packages/requirements.txt b/packages/requirements.txt
@@ -1,2 +1,2 @@
-django==1.2 
+django == 3.2.4 
 
diff --git a/packages/sub/.hidden/requirements.txt b/packages/sub/.hidden/requirements.txt
@@ -1,2 +1,2 @@
-django==1.2
+django == 3.2.4 
 
diff --git a/packages/sub/pom.xml b/packages/sub/pom.xml
@@ -23,14 +23,14 @@
 		<maven.compiler.source>1.7</maven.compiler.source>
 		<maven.compiler.target>1.7</maven.compiler.target>
    		<cloud.function.context.version>3.1.0</cloud.function.context.version>
-    		<log4j.version>2.14.0</log4j.version>
+    		<log4j.version>2.17.1</log4j.version>
   	</properties>
 
   	<dependencies>
 		<dependency>
 			<groupId>com.fasterxml.jackson.core</groupId>
 			<artifactId>jackson-databind</artifactId>
-			<version>2.12.4</version>
+			<version>2.16.0</version>
 		</dependency>
 	    	<dependency>
 			<groupId>org.apache.logging.log4j</groupId>
@@ -40,12 +40,12 @@
 	    	<dependency>
 		      <groupId>org.apache.commons</groupId>
 		      <artifactId>commons-compress</artifactId>
-		      <version>1.20</version>
+		      <version>1.21</version>
 	    	</dependency>
 	    	<dependency>
 		      <groupId>org.springframework</groupId>
 		      <artifactId>spring-core</artifactId>
-		      <version>5.3.0</version>
+		      <version>6.0.8</version>
 	    	</dependency>
 	</dependencies>
 	

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`		`-django==1.2`
	`1`	`+django == 3.2.4`
`2`	`2`