diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index dc0e75e76..2dc50cd87 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -10,7 +10,7 @@ updates:
target-branch: "dep/dependency_upgrade_staging"
open-pull-requests-limit: 30
schedule:
- interval: "daily"
+ interval: "weekly"
- package-ecosystem: "npm"
# Look for `package.json` and `lock` files in the `cerberus-dashboard` directory
directory: "/cerberus-dashboard"
@@ -18,11 +18,11 @@ updates:
open-pull-requests-limit: 30
# Check the npm registry for updates every day (weekdays)
schedule:
- interval: "daily"
+ interval: "weekly"
- package-ecosystem: "github-actions"
# Look for `package.json` and `lock` files in the `cerberus-dashboard` directory
directory: "/"
target-branch: "dep/dependency_upgrade_staging"
# Check the npm registry for updates every day (weekdays)
schedule:
- interval: "daily"
\ No newline at end of file
+ interval: "weekly"
\ No newline at end of file
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 18160767d..e92bf07a8 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -34,7 +34,7 @@ jobs:
verbose: true
- name: Slack notification when master build fails
if: ${{ failure() && github.ref == 'refs/heads/master'}}
- uses: rtCamp/action-slack-notify@v2.1.0
+ uses: rtCamp/action-slack-notify@v2.1.2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_CHANNEL: cerberus-alerts
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b8b34a9f4..0f6398eb2 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -44,7 +44,7 @@ jobs:
tag: ${{ github.ref }}
- name: Slack notification when release fails
if: ${{ failure() }}
- uses: rtCamp/action-slack-notify@v2.1.0
+ uses: rtCamp/action-slack-notify@v2.1.2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_CHANNEL: cerberus-alerts
diff --git a/build.gradle b/build.gradle
index 0e62775d8..079459022 100644
--- a/build.gradle
+++ b/build.gradle
@@ -23,8 +23,8 @@ buildscript {
versions = [
lombok: '1.18.18',
resilience4j: '1.7.0',
- awsSdkVersion: '1.11.946',
- kork: '7.98.0',
+ awsSdkVersion: '1.11.948',
+ kork: '7.99.0',
guava: '30.1-jre',
springBoot: '2.4.2',
]
@@ -50,7 +50,7 @@ buildscript {
plugins {
id "io.spring.dependency-management" version "1.0.11.RELEASE"
- id "com.github.nbaztec.coveralls-jacoco" version "1.2.10"
+ id "com.github.nbaztec.coveralls-jacoco" version "1.2.11"
id "com.github.spotbugs" version "4.6.0"
}
diff --git a/cerberus-core/build.gradle b/cerberus-core/build.gradle
index 6c5142c77..4f26dca00 100644
--- a/cerberus-core/build.gradle
+++ b/cerberus-core/build.gradle
@@ -42,7 +42,7 @@ dependencies {
configurations.all {
resolutionStrategy {
- force "org.jetbrains.kotlin:kotlin-stdlib-common:1.4.21-2"
+ force "org.jetbrains.kotlin:kotlin-stdlib-common:1.4.30"
force "org.jetbrains.kotlin:kotlin-stdlib:1.4.21-2"
}
}
diff --git a/dependency-check-supressions.xml b/dependency-check-supressions.xml
index 350597e63..30c2b6e35 100644
--- a/dependency-check-supressions.xml
+++ b/dependency-check-supressions.xml
@@ -98,4 +98,11 @@
^pkg:npm/immer@.*$
cpe:/a:immer_project:immer
+
+
+ ^pkg:npm/faye\-websocket@.*$
+ CVE-2020-15133
+
diff --git a/gradle.properties b/gradle.properties
index d5913fdfd..dc0c92b66 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -14,5 +14,5 @@
# limitations under the License.
#
-version=4.10.1
+version=4.10.2
group=com.nike.cerberus