From a2426ed285133dc6e4a7355aa12a843abf864a88 Mon Sep 17 00:00:00 2001
From: Simon Brandhof <simon.brandhof@sonarsource.com>
Date: Wed, 18 Mar 2020 20:40:32 +0100
Subject: [PATCH] SONAR-13155 upgrade commons-collection to fix vulnerability

(that can't be exploited)
---
 sonar-ws-generator/build.gradle | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sonar-ws-generator/build.gradle b/sonar-ws-generator/build.gradle
index 3c7ae776b08..e872e414c79 100644
--- a/sonar-ws-generator/build.gradle
+++ b/sonar-ws-generator/build.gradle
@@ -8,6 +8,9 @@ dependencies {
   compile 'com.google.code.gson:gson'
   compile 'com.google.guava:guava'
   compile 'commons-io:commons-io'
+  // transitive dependency of Velocity that must be upgraded
+  // in order to fix a vulnerability
+  compile 'commons-collections:commons-collections:3.2.2'
   compile 'org.apache.velocity:velocity:1.7'
   compile 'org.slf4j:log4j-over-slf4j'
   compile 'org.sonarsource.orchestrator:sonar-orchestrator'
-- 
2.39.5