🔒️ Fix commons-io CVE (#21)

rbleuse · web-flow · commit f73edc08da46 · 2022-12-19T14:22:24.000+04:00
* chore: update commons-io to 2.7 This fixes CVE-2021-29425
diff --git a/build.gradle b/build.gradle
@@ -42,9 +42,9 @@ dependencies {
     implementation "org.slf4j:slf4j-api:${slf4j_version}"
     implementation "com.github.adedayo.intellij.sdk:annotations-java8:${intellij_annotations_version}"
     implementation "commons-codec:commons-codec:${commons_codec_version}"
-    implementation "commons-io:commons-io:${commons_version}"
+    implementation "commons-io:commons-io:${commons_io_version}"
     implementation "com.google.guava:guava:${guava_version}"
-    implementation "commons-lang:commons-lang:${commons_version}"
+    implementation "commons-lang:commons-lang:${commons_lang_version}"
     implementation "com.vdurmont:semver4j:${semver4j_version}"
 
     testImplementation "org.junit.jupiter:junit-jupiter-api:${junit_version}"
diff --git a/gradle.properties b/gradle.properties
@@ -9,7 +9,8 @@ slf4j_version=1.7.33
 semver4j_version=3.1.0
 intellij_annotations_version=142.1
 commons_codec_version=1.15
-commons_version=2.6
+commons_lang_version=2.6
+commons_io_version=2.7
 guava_version=31.0.1-jre
 
 # tests
