Update dependency org.owasp:dependency-check-maven to v12.1.3

2025-06-10 13:01:16 +00:00
2 changed files with 11 additions and 17 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -24,9 +24,6 @@ steps:
  # check maven dependencies
  - name: dependency-check
    when:
      event:
        - push
    image: maven:3-eclipse-temurin-21
    commands:
      - mvn dependency-check:check --no-transfer-progress -B -V -DnvdApiKey=$NVD_API_KEY
@@ -36,9 +33,6 @@ steps:
  # run code analysis
  - name: code-analysis
    when:
      event:
        - push
    image: maven:3-eclipse-temurin-21
    commands:
      - mvn sonar:sonar --no-transfer-progress -Dsonar.projectKey=$SONAR_PROJECT_KEY -Dsonar.host.url=$SONAR_INSTANCE_URL -Dsonar.token=$SONAR_LOGIN_KEY -B -V
--- a/pom.xml
+++ b/pom.xml
@@ -13,58 +13,58 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-api</artifactId>
-            <version>2.25.2</version>
+            <version>2.24.3</version>
        </dependency>
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-core</artifactId>
-            <version>2.25.2</version>
+            <version>2.24.3</version>
        </dependency>
        <!-- Web Dependencies -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
-            <version>3.5.7</version>
+            <version>3.4.4</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-json</artifactId>
-            <version>3.5.7</version>
+            <version>3.4.4</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
-            <version>3.5.7</version>
+            <version>3.4.4</version>
        </dependency>
        <!-- Security and Auth -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
-            <version>3.5.7</version>
+            <version>3.4.4</version>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt-api</artifactId>
-            <version>0.13.0</version>
+            <version>0.12.6</version>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt-impl</artifactId>
-            <version>0.13.0</version>
+            <version>0.12.6</version>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt-jackson</artifactId>
-            <version>0.13.0</version>
+            <version>0.12.6</version>
        </dependency>
        <!-- Database Dependencies -->
        <dependency>
            <groupId>org.postgresql</groupId>
            <artifactId>postgresql</artifactId>
-            <version>42.7.8</version>
+            <version>42.7.6</version>
        </dependency>
    </dependencies>
@@ -73,7 +73,7 @@
            <plugin>
                <groupId>org.owasp</groupId>
                <artifactId>dependency-check-maven</artifactId>
-                <version>12.1.8</version>
+                <version>12.1.3</version>
                <configuration>
                    <failBuildOnCVSS>8</failBuildOnCVSS>
                    <nvdApiKey>${nvdApiKey}</nvdApiKey>