From: Jacek <jacek.poreda@sonarsource.com>
Date: Thu, 3 Feb 2022 07:36:56 +0000 (+0100)
Subject: [NO-JIRA] Upgrade minor backend dependencies
X-Git-Tag: 9.4.0.54424~238
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=b8f26423e8abec36f9f3dbd9d083dedcc3810570;p=sonarqube.git

[NO-JIRA] Upgrade minor backend dependencies
---

diff --git a/build.gradle b/build.gradle
index 3eadda98b05..8b674f592fb 100644
--- a/build.gradle
+++ b/build.gradle
@@ -163,7 +163,7 @@ subprojects {
   }
 
   ext {
-    protobufVersion = '3.19.3'
+    protobufVersion = '3.19.4'
 
     // define a method which can be called by project to change Java version to compile to
     configureCompileJavaToVersion = { javaVersion ->
@@ -282,15 +282,15 @@ subprojects {
         entry 'logback-classic'
         entry 'logback-core'
       }
-      dependency('commons-beanutils:commons-beanutils:1.8.3') {
+      dependency('commons-beanutils:commons-beanutils:1.9.4') {
         exclude 'commons-logging:commons-logging'
       }
       dependency 'commons-codec:commons-codec:1.15'
       dependency 'commons-dbutils:commons-dbutils:1.7'
       dependency 'commons-io:commons-io:2.11.0'
       dependency 'commons-lang:commons-lang:2.6'
-      imports { mavenBom 'com.fasterxml.jackson:jackson-bom:2.11.4' }
-      dependencySet(group: 'com.fasterxml.jackson.dataformat', version: '2.11.4') {
+      imports { mavenBom 'com.fasterxml.jackson:jackson-bom:2.13.1' }
+      dependencySet(group: 'com.fasterxml.jackson.dataformat', version: '2.13.1') {
         entry 'jackson-dataformat-cbor'
         entry 'jackson-dataformat-smile'
         entry 'jackson-dataformat-yaml'
@@ -330,10 +330,10 @@ subprojects {
       // Documentation must be updated if mssql-jdbc is updated: https://github.com/SonarSource/sonarqube/commit/03e4773ebf6cba854cdcf57a600095f65f4f53e7
       dependency 'com.microsoft.sqlserver:mssql-jdbc:9.4.1.jre11'
       dependency 'com.oracle.database.jdbc:ojdbc8:21.4.0.0.1'
-      dependency 'org.aspectj:aspectjtools:1.9.6'
+      dependency 'org.aspectj:aspectjtools:1.9.7'
       // upgrade okhttp3 dependency kotlin to get rid of not exploitable CVE-2020-29582
-      dependency 'org.jetbrains.kotlin:kotlin-stdlib-common:1.4.21'
-      dependency 'org.jetbrains.kotlin:kotlin-stdlib:1.4.21'
+      dependency 'org.jetbrains.kotlin:kotlin-stdlib-common:1.6.10'
+      dependency 'org.jetbrains.kotlin:kotlin-stdlib:1.6.10'
       dependencySet(group: 'com.squareup.okhttp3', version: '4.9.3') {
         entry 'okhttp'
         entry 'mockwebserver'
@@ -345,17 +345,17 @@ subprojects {
         entry 'jjwt-impl'
         entry 'jjwt-jackson'
       }
-      dependency 'com.auth0:java-jwt:3.18.2'
-      dependency 'io.netty:netty-all:4.1.70.Final'
-      dependency 'com.sun.mail:javax.mail:1.5.6'
+      dependency 'com.auth0:java-jwt:3.18.3'
+      dependency 'io.netty:netty-all:4.1.73.Final'
+      dependency 'com.sun.mail:javax.mail:1.6.2'
       dependency 'javax.annotation:javax.annotation-api:1.3.2'
       dependency 'javax.inject:javax.inject:1'
       dependency 'javax.servlet:javax.servlet-api:3.1.0'
-      dependency 'javax.xml.bind:jaxb-api:2.3.0'
+      dependency 'javax.xml.bind:jaxb-api:2.3.1'
       dependency 'junit:junit:4.13.2'
-      dependency 'org.junit.jupiter:junit-jupiter-api:5.8.1'
-      dependency 'org.xmlunit:xmlunit-core:2.8.3'
-      dependency 'org.xmlunit:xmlunit-matchers:2.8.3'
+      dependency 'org.junit.jupiter:junit-jupiter-api:5.8.2'
+      dependency 'org.xmlunit:xmlunit-core:2.9.0'
+      dependency 'org.xmlunit:xmlunit-matchers:2.9.0'
       dependency 'net.jpountz.lz4:lz4:1.3.0'
       dependency 'net.lightbody.bmp:littleproxy:1.1.0-beta-bmp-17'
       dependency 'org.awaitility:awaitility:4.1.1'
@@ -377,7 +377,7 @@ subprojects {
           exclude 'org.eclipse.jdt.core.compiler:ecj'
         }
       }
-      dependency 'org.assertj:assertj-core:3.21.0'
+      dependency 'org.assertj:assertj-core:3.22.0'
       dependency 'org.assertj:assertj-guava:3.4.0'
       dependency('org.codehaus.sonar:sonar-channel:4.2') {
         exclude 'org.slf4j:slf4j-api'
@@ -393,17 +393,17 @@ subprojects {
         exclude 'org.apache.logging.log4j:log4j-core'
       }
       dependency 'org.elasticsearch.plugin:transport-netty4-client:7.16.0'
-      dependency 'org.elasticsearch:mocksocket:1.0'
+      dependency 'org.elasticsearch:mocksocket:1.2'
       dependency 'org.codelibs.elasticsearch.module:analysis-common:7.16.0'
       dependency 'org.eclipse.jgit:org.eclipse.jgit:5.13.0.202109080827-r'
-      dependency 'org.tmatesoft.svnkit:svnkit:1.10.3'
+      dependency 'org.tmatesoft.svnkit:svnkit:1.10.4'
       dependency 'org.hamcrest:hamcrest-all:1.3'
       dependency 'org.jsoup:jsoup:1.14.3'
       dependency 'org.mindrot:jbcrypt:0.4'
       dependency('org.mockito:mockito-core:3.12.4') {
         exclude 'org.hamcrest:hamcrest-core'
       }
-      dependency 'org.mybatis:mybatis:3.5.7'
+      dependency 'org.mybatis:mybatis:3.5.9'
       dependency 'org.nanohttpd:nanohttpd:2.3.1'
       dependency 'org.picocontainer:picocontainer:2.15'
       dependencySet(group: 'org.slf4j', version: '1.7.30') {
@@ -412,16 +412,16 @@ subprojects {
         entry 'log4j-over-slf4j'
         entry 'slf4j-api'
       }
-      dependency 'org.postgresql:postgresql:42.3.1'
+      dependency 'org.postgresql:postgresql:42.3.2'
       dependency 'org.reflections:reflections:0.10.2'
       dependency 'org.simpleframework:simple:4.1.21'
-      dependency 'org.sonarsource.orchestrator:sonar-orchestrator:3.36.0.63'
+      dependency 'org.sonarsource.orchestrator:sonar-orchestrator:3.37.0.87'
       dependency 'org.sonarsource.update-center:sonar-update-center-common:1.23.0.723'
-      dependency('org.springframework:spring-context:5.3.14') {
+      dependency('org.springframework:spring-context:5.3.15') {
         exclude 'commons-logging:commons-logging'
       }
       dependency 'org.subethamail:subethasmtp:3.1.7'
-      dependency 'org.yaml:snakeyaml:1.26'
+      dependency 'org.yaml:snakeyaml:1.30'
       dependency 'xml-apis:xml-apis:1.4.01'
 
       // please keep this list alphabetically ordered
@@ -617,7 +617,7 @@ subprojects {
       dependencies {
         testCompile project(":ut-monitoring")
 
-        utMonitoring 'org.aspectj:aspectjweaver:1.9.6'
+        utMonitoring 'org.aspectj:aspectjweaver:1.9.7'
       }
 
       doFirst {
diff --git a/server/sonar-alm-client/build.gradle b/server/sonar-alm-client/build.gradle
index 8bd62231ff1..24941c47926 100644
--- a/server/sonar-alm-client/build.gradle
+++ b/server/sonar-alm-client/build.gradle
@@ -9,7 +9,7 @@ dependencies {
     compile 'com.squareup.okhttp3:okhttp'
     compile 'commons-codec:commons-codec'
     compile 'com.auth0:java-jwt'
-    compile 'org.bouncycastle:bcpkix-jdk15on:1.69'
+    compile 'org.bouncycastle:bcpkix-jdk15on:1.70'
 
     testCompile project(':sonar-plugin-api-impl')
 
diff --git a/server/sonar-auth-saml/build.gradle b/server/sonar-auth-saml/build.gradle
index 6414fb5f0a2..06cb4c9d8aa 100644
--- a/server/sonar-auth-saml/build.gradle
+++ b/server/sonar-auth-saml/build.gradle
@@ -5,7 +5,7 @@ configurations {
 }
 
 ext {
-    oneLoginVersion = '2.8.0'
+    oneLoginVersion = '2.9.0'
 }
 
 dependencies {