From 66fccbcb6b8ca1a12a8a511fcbda50b6884b3693 Mon Sep 17 00:00:00 2001
From: Krishna Bottla <40598480+kbottla@users.noreply.github.com>
Date: Thu, 7 May 2026 14:52:42 +0100
Subject: [PATCH] PP-15351 Override dependencies

- Overrides Jetty and Jackson dependencies due to vulnerable transitive dependencies, and the Dropwizard release with the latest versions of these libraries may take a while.
- Added BOM instead of overriding specific vulnerable dependencies to ensure all modules in the group are aligned to compatible versions.
---
 pom.xml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/pom.xml b/pom.xml
index ddeb44cae..f3807dd2e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,6 +22,20 @@
 
     <dependencyManagement>
         <dependencies>
+            <dependency>
+                <groupId>org.eclipse.jetty</groupId>
+                <artifactId>jetty-bom</artifactId>
+                <version>12.1.9</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+            <dependency>
+                <groupId>com.fasterxml.jackson</groupId>
+                <artifactId>jackson-bom</artifactId>
+                <version>2.21.3</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
             <dependency>
                 <groupId>io.dropwizard</groupId>
                 <artifactId>dropwizard-dependencies</artifactId>