Dep/dependency upgrade staging (#49)

* Remove SNIExtension=false that is causing issues with the dependency check plugin.

* Chore: Update slack notification for GHA.

* Ensure GHA kicks off when we push to a branch.

* dep: modify build.gradle to be compatible with dependabot

* Bump slf4j-simple from 1.7.25 to 1.7.30 (#48)

Bumps [slf4j-simple](https://github.com/qos-ch/slf4j) from 1.7.25 to 1.7.30.
- [Release notes](https://github.com/qos-ch/slf4j/releases)
- [Commits](qos-ch/slf4j@v_1.7.25...v_1.7.30)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump junit from 4.12 to 4.13.1 (#47)

Bumps [junit](https://github.com/junit-team/junit4) from 4.12 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.12.md)
- [Commits](junit-team/junit4@r4.12...r4.13.1)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump httpclient from 4.5.12 to 4.5.13 (#44)

Bumps httpclient from 4.5.12 to 4.5.13.

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump archaius-aws from 0.6.5 to 0.7.7 (#42)

Bumps [archaius-aws](https://github.com/Netflix/archaius) from 0.6.5 to 0.7.7.
- [Release notes](https://github.com/Netflix/archaius/releases)
- [Commits](Netflix/archaius@0.6.5...v0.7.7)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump jetty-http from 9.4.33.v20201020 to 11.0.0 (#40)

Bumps [jetty-http](https://github.com/eclipse/jetty.project) from 9.4.33.v20201020 to 11.0.0.
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-9.4.33.v20201020...jetty-11.0.0)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump commons-lang3 from 3.5 to 3.11 (#38)

Bumps commons-lang3 from 3.5 to 3.11.

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump rtCamp/action-slack-notify from v2.1.0 to v2.1.2 (#32)

Bumps [rtCamp/action-slack-notify](https://github.com/rtCamp/action-slack-notify) from v2.1.0 to v2.1.2.
- [Release notes](https://github.com/rtCamp/action-slack-notify/releases)
- [Commits](rtCamp/action-slack-notify@v2.1.0...ae42232)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump slf4j-api from 1.7.25 to 1.7.30 (#41)

Bumps [slf4j-api](https://github.com/qos-ch/slf4j) from 1.7.25 to 1.7.30.
- [Release notes](https://github.com/qos-ch/slf4j/releases)
- [Commits](qos-ch/slf4j@v_1.7.25...v_1.7.30)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump mockito-core from 2.7.9 to 3.7.7 (#37)

Bumps [mockito-core](https://github.com/mockito/mockito) from 2.7.9 to 3.7.7.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v2.7.9...v3.7.7)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump jackson-databind from 2.11.1 to 2.12.1 (#36)

Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.11.1 to 2.12.1.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump cerberus-client from 7.3.2 to 7.4.0 (#34)

Bumps cerberus-client from 7.3.2 to 7.4.0.

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* dep: Rev version and upgrade dependency check plugin

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/build.yml

@@ -38,7 +38,7 @@ jobs:
           verbose: true
       - name: Slack notification when master build fails
         if: ${{ failure() && github.ref == 'refs/heads/master'}}
-        uses: rtCamp/[email protected].0
+        uses: rtCamp/[email protected].2
         env:
           SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
           SLACK_CHANNEL: cerberus-alerts

.github/workflows/release.yml

@@ -37,7 +37,7 @@ jobs:
         run: ./gradlew bintrayUpload
       - name: Slack notification when release fails
         if: ${{ failure() }}
-        uses: rtCamp/[email protected].0
+        uses: rtCamp/[email protected].2
         env:
           SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
           SLACK_CHANNEL: cerberus-alerts

build.gradle

@@ -46,10 +46,10 @@ task copyProjectVersion() {
 }
 tasks.jar.dependsOn copyProjectVersion
 
-apply from: file('gradle/dependencies.gradle')
-apply from: file('gradle/check.gradle')
-apply from: file('gradle/integration.gradle')
-apply from: file('gradle/bintray.gradle')
-apply from: file('gradle/owasp-dependency-check.gradle')
+apply from: 'gradle/dependencies.gradle'
+apply from: 'gradle/check.gradle'
+apply from: 'gradle/integration.gradle'
+apply from: 'gradle/bintray.gradle'
+apply from: 'gradle/owasp-dependency-check.gradle'
 
 group = groupId

gradle.properties

@@ -14,7 +14,7 @@
 # limitations under the License.
 #
 
-version=7.1.3
+version=7.1.4
 groupId=com.nike
 artifactId=cerberus-archaius-client
 

gradle/buildscript.gradle

@@ -23,5 +23,5 @@ dependencies {
     classpath 'com.jfrog.bintray.gradle:gradle-bintray-plugin:1.8.5'
     classpath 'org.kt3k.gradle.plugin:coveralls-gradle-plugin:2.6.3'
     classpath "com.diffplug.spotless:spotless-plugin-gradle:3.30.0"
-    classpath 'org.owasp:dependency-check-gradle:5.3.2'
+    classpath 'org.owasp:dependency-check-gradle:6.1.0'
 }

gradle/dependencies.gradle

@@ -29,29 +29,29 @@ configurations.all {
         force "net.sourceforge.pmd:pmd-java:6.21.0"
         force "com.fasterxml.jackson:jackson-core:2.11.1"
         force "com.fasterxml.jackson:jackson-annotations:2.11.1"
-        force "com.fasterxml.jackson.core:jackson-databind:2.11.1"
-        force "org.apache.httpcomponents:httpclient:4.5.12"
+        force "com.fasterxml.jackson.core:jackson-databind:2.12.1"
+        force "org.apache.httpcomponents:httpclient:4.5.13"
 
         dependencySubstitution {
             substitute module("org.mortbay.jetty:jetty") with module("org.eclipse.jetty:jetty-server:9.4.33.v20201020")
             substitute module("org.mortbay.jetty:jetty-util") with module("org.eclipse.jetty:jetty-util:9.4.33.v20201020")
-            substitute module("org.mortbay.jetty:jetty-http") with module("org.eclipse.jetty:jetty-http:9.4.33.v20201020")
+            substitute module("org.mortbay.jetty:jetty-http") with module("org.eclipse.jetty:jetty-http:11.0.0")
         }
     }
     exclude group: 'org.mortbay.jetty', module:'servlet-api-2.5'
 }
 
 dependencies {
-    compile 'com.netflix.archaius:archaius-aws:0.6.5'
-    compile 'com.nike:cerberus-client:7.3.2'
+    compile 'com.netflix.archaius:archaius-aws:0.7.7'
+    compile 'com.nike:cerberus-client:7.4.0'
 
-    compile "org.apache.commons:commons-lang3:3.5"
+    compile "org.apache.commons:commons-lang3:3.11"
     compile "com.squareup.okhttp3:okhttp:3.9.0"
 
-    compile 'org.slf4j:slf4j-api:1.7.25'
-    testRuntime 'org.slf4j:slf4j-simple:1.7.25'
+    compile 'org.slf4j:slf4j-api:1.7.30'
+    testRuntime 'org.slf4j:slf4j-simple:1.7.30'
 
-    testCompile 'junit:junit:4.12'
-    testCompile 'org.mockito:mockito-core:2.7.9'
+    testCompile 'junit:junit:4.13.1'
+    testCompile 'org.mockito:mockito-core:3.7.7'
     testCompile 'org.assertj:assertj-core:2.6.0'
 }