From e098aef64b033ec5b673f947bb5e2e5977724916 Mon Sep 17 00:00:00 2001 From: kerenr-jfrog Date: Sun, 24 Aug 2025 18:11:25 +0300 Subject: [PATCH 1/2] fix sca vulnerability issues --- build.gradle | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build.gradle b/build.gradle index 5bb7cc53..c76324ea 100644 --- a/build.gradle +++ b/build.gradle @@ -43,8 +43,8 @@ dependencies { implementation group: 'com.google.guava', name: 'guava', version: '32.0.1-jre' implementation group: 'commons-codec', name: 'commons-codec', version: '1.13' implementation group: 'com.jfrog', name: 'gradle-dep-tree', version: '3.0.1' - implementation group: 'commons-io', name: 'commons-io', version: '2.9.0' - implementation(group: 'com.opencsv', name: 'opencsv', version: '5.7.0') { + implementation group: 'commons-io', name: 'commons-io', version: '2.14.0' + implementation(group: 'com.opencsv', name: 'opencsv', version: '5.11.1') { exclude group: 'common-collections', module: 'commons-collections' exclude group: 'org.apache.commons', module: 'commons-text' } From 1c77a4192583d6a5c4579269c86c42a56fd29b50 Mon Sep 17 00:00:00 2001 From: kerenr-jfrog Date: Mon, 1 Sep 2025 12:53:45 +0300 Subject: [PATCH 2/2] try upgrading commons-io to latest --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index c76324ea..6f0a3a9d 100644 --- a/build.gradle +++ b/build.gradle @@ -43,7 +43,7 @@ dependencies { implementation group: 'com.google.guava', name: 'guava', version: '32.0.1-jre' implementation group: 'commons-codec', name: 'commons-codec', version: '1.13' implementation group: 'com.jfrog', name: 'gradle-dep-tree', version: '3.0.1' - implementation group: 'commons-io', name: 'commons-io', version: '2.14.0' + implementation group: 'commons-io', name: 'commons-io', version: '2.20.0' implementation(group: 'com.opencsv', name: 'opencsv', version: '5.11.1') { exclude group: 'common-collections', module: 'commons-collections' exclude group: 'org.apache.commons', module: 'commons-text'