security updates

.snyk

@@ -2,25 +2,48 @@
 version: v1.25.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
-  SNYK-JAVA-ORGECLIPSEJETTY-5958847:
-    - '*':
-        reason: Only used in tests
-        expires: 2025-05-07T10:08:57.000Z
-        created: 2024-05-08T10:08:57.000Z
-  SNYK-JAVA-IONETTY-5953332:
-    - '*':
-        reason: Only used in load tests
-        expires: 2025-05-07T10:08:57.000Z
-        created: 2024-05-08T10:08:57.000Z
   SNYK-JAVA-ORGYAML-2806360:
     - '*':
         reason: Not using YAML for user-facing code
-        expires: 2024-05-07T10:09:27.027Z
-        created: 2023-05-08T10:09:27.030Z
-  SNYK-JAVA-ORGSPRINGFRAMEWORKBOOT-5441321:
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-ORGYAML-6056527:
+    - '*':
+        reason: Not using YAML for user-facing code
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-CHQOSLOGBACK-6094942:
+    - '*':
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-CHQOSLOGBACK-6097492:
+    - '*':
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-CHQOSLOGBACK-6094943:
+    - '*':
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-CHQOSLOGBACK-6097493:
+    - '*':
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-ORGSPRINGFRAMEWORK-6444790:
+    - '*':
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-ORGSPRINGFRAMEWORK-6261586:
+    - '*':
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITY-6457293:
+    - '*':
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-ORGJBOSSXNIO-6403375:
+    - '*':
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
+  SNYK-JAVA-COMNIMBUSDS-6247633:
     - '*':
-        reason: Not hosting in CloudFoundry
-        expires: 2024-05-07T10:09:52.346Z
-        created: 2023-05-08T10:09:52.353Z
+        reason: Pending spring security update
+        expires: 2025-01-01T00:00:00.000Z
 patch: {}
-severityThreshold: high

build.gradle

@@ -182,9 +182,9 @@ dependencies {
     }
     implementation ("org.springframework.boot:spring-boot-starter-undertow")
     // Fix vulnerabilities
-    runtimeOnly("io.undertow:undertow-websockets-jsr:2.2.25.Final")
-    runtimeOnly("io.undertow:undertow-servlet:2.2.25.Final")
-    runtimeOnly("io.undertow:undertow-core:2.2.25.Final")
+    runtimeOnly("io.undertow:undertow-websockets-jsr:${undertow_version}")
+    runtimeOnly("io.undertow:undertow-servlet:${undertow_version}")
+    runtimeOnly("io.undertow:undertow-core:${undertow_version}")
 
     implementation "org.springframework.boot:spring-boot-starter-thymeleaf"
     runtimeOnly("org.thymeleaf:thymeleaf:${thymeleaf_version}")

gradle.properties

@@ -27,7 +27,7 @@ springfox_version=2.6.1
 spring_boot_version=2.7.15
 gatling_version=3.10.0
 mapstruct_version=1.4.2.Final
-undertow_version=1.4.10.Final
+undertow_version=2.2.32.Final
 yarn_version=1.22.15
 spring_data_envers_version=2.5.6
 jackson_version=2.13.4

tslint.json

@@ -1,7 +1,4 @@
 {
-    "rulesDirectory": [
-        "node_modules/codelyzer"
-    ],
     "rules": {
         "class-name": true,
         "comment-format": [