chore(security): xxx bumps

.github/workflows/publish-documentation.yaml

@@ -127,7 +127,7 @@ jobs:
           mv docs/src/diagram-replacer/assets/ docs/target/generated-docs/assets/
 
       - name: GitHub Pages action
-        uses: peaceiris/actions-gh-pages@v3.9.3
+        uses: peaceiris/actions-gh-pages@v4.0.0
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           publish_dir: "./docs/target/generated-docs"

.github/workflows/trivy.yml

@@ -72,7 +72,7 @@ jobs:
         run: docker build -t localhost:5000/traceability-foss:fe_${{ github.sha }} -f ./frontend/Dockerfile .
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.18.0
+        uses: aquasecurity/trivy-action@0.19.0
         with:
           trivyignores: "./.github/workflows/.trivyignore"
           image-ref: 'localhost:5000/traceability-foss:fe_${{ github.sha }}'
@@ -132,7 +132,7 @@ jobs:
           ref: ${{needs.prepare-env.outputs.check_sha}}
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.18.0
+        uses: aquasecurity/trivy-action@0.19.0
         with:
           trivyignores: "./.github/workflows/.trivyignore"
           scan-type: "config"
@@ -178,7 +178,7 @@ jobs:
           tags: localhost:5000/traceability-foss:trivy
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.18.0
+        uses: aquasecurity/trivy-action@0.19.0
         with:
           image-ref: localhost:5000/traceability-foss:trivy
           trivyignores: "./.github/workflows/.trivyignore"

pom.xml

@@ -64,11 +64,11 @@ SPDX-License-Identifier: Apache-2.0
         <!-- versions for 3rd party dependecies -->
         <eclipse-dash-ip.version>1.1.0</eclipse-dash-ip.version>
         <nimbus-jose-jwt.version>9.37.3</nimbus-jose-jwt.version>
-        <ascii-doctor-j-diagram.version>2.2.13</ascii-doctor-j-diagram.version>
+        <ascii-doctor-j-diagram.version>2.3.0</ascii-doctor-j-diagram.version>
         <ascii-dcotor-j.version>2.5.8</ascii-dcotor-j.version>
         <auth-0-java-jwt.version>4.4.0</auth-0-java-jwt.version>
         <jruby.version>9.4.3.0</jruby.version>
-        <spring-cloud.version>2023.0.0</spring-cloud.version>
+        <spring-cloud.version>2023.0.1</spring-cloud.version>
         <jetbrains-annotation.version>24.1.0</jetbrains-annotation.version>
         <findbugs-jsr305.version>3.0.2</findbugs-jsr305.version>
         <swagger-annotation.version>1.6.12</swagger-annotation.version>
@@ -84,9 +84,9 @@ SPDX-License-Identifier: Apache-2.0
         <commons-collections.version>4.4</commons-collections.version>
         <lombok.version>1.18.30</lombok.version>
         <json-unit-assertj.version>3.2.2</json-unit-assertj.version>
-        <cucumber.version>7.15.0</cucumber.version>
+        <cucumber.version>7.16.1</cucumber.version>
         <junit-bom.version>5.10.2</junit-bom.version>
-        <awaitility.version>3.0.0</awaitility.version>
+        <awaitility.version>4.2.1</awaitility.version>
         <irs-client-lib.version>1.8.0</irs-client-lib.version>
         <json-schema-validator.version>5.4.0</json-schema-validator.version>
         <!-- Sonar related properties -->

tx-cucumber-tests/src/test/java/org/eclipse/tractusx/traceability/test/TraceabilityTestStepDefinition.java

@@ -28,15 +28,15 @@
 import io.cucumber.java.en.Then;
 import io.cucumber.java.en.When;
 import lombok.extern.slf4j.Slf4j;
-import org.awaitility.Duration;
+import notification.request.UpdateNotificationStatusRequest;
+import notification.response.NotificationIdResponse;
+import notification.response.NotificationResponse;
+import org.awaitility.Durations;
 import org.eclipse.tractusx.traceability.test.exteption.MissingStepDefinitionException;
 import org.eclipse.tractusx.traceability.test.tooling.TraceXEnvironmentEnum;
 import org.eclipse.tractusx.traceability.test.tooling.rest.RestProvider;
 import org.eclipse.tractusx.traceability.test.validator.NotificationValidator;
 import org.hamcrest.Matchers;
-import notification.request.UpdateNotificationStatusRequest;
-import notification.response.NotificationIdResponse;
-import notification.response.NotificationResponse;
 
 import java.time.Instant;
 import java.util.Arrays;
@@ -116,7 +116,7 @@ public void iCreateQualityInvestigation(DataTable dataTable) {
     @When("I check, if quality investigation has proper values")
     public void iCheckIfQualityInvestigationHasProperValues(DataTable dataTable) {
         await()
-                .atMost(Duration.FIVE_MINUTES)
+                .atMost(Durations.FIVE_MINUTES)
                 .pollInterval(1, TimeUnit.SECONDS)
                 .ignoreExceptions()
                 .until(() -> {
@@ -161,7 +161,7 @@ public void iCloseQualityAlert() {
     public void iCanSeeNotificationWasReceived() {
         System.out.println("searching for notificationDescription: " + notificationDescription);
         final NotificationResponse notification = await()
-                .atMost(Duration.FIVE_MINUTES)
+                .atMost(Durations.FIVE_MINUTES)
                 .pollInterval(1, TimeUnit.SECONDS)
                 .until(() -> {
                             final List<NotificationResponse> result = restProvider.getReceivedNotifications();
@@ -270,7 +270,7 @@ public void iCreateQualityAlert(DataTable dataTable) {
     @When("I check, if quality alert has proper values")
     public void iCheckIfQualityAlertHasProperValues(DataTable dataTable) {
         await()
-                .atMost(Duration.FIVE_MINUTES)
+                .atMost(Durations.FIVE_MINUTES)
                 .pollInterval(1, TimeUnit.SECONDS)
                 .ignoreExceptions()
                 .until(() -> {
@@ -297,7 +297,7 @@ public void iApproveQualityAlert() {
     public void iCanSeeQualityAlertWasReceived() {
         System.out.println("searching for notificationDescription: " + notificationDescription);
         final NotificationResponse notification = await()
-                .atMost(Duration.FIVE_MINUTES)
+                .atMost(Durations.FIVE_MINUTES)
                 .pollInterval(1, TimeUnit.SECONDS)
                 .until(() -> {
                             final List<NotificationResponse> result = restProvider.getReceivedNotifications();

tx-cucumber-tests/src/test/java/org/eclipse/tractusx/traceability/test/tooling/rest/RestProvider.java

@@ -31,17 +31,17 @@
 import io.restassured.response.ValidatableResponse;
 import io.restassured.specification.RequestSpecification;
 import lombok.Getter;
-import org.apache.http.HttpStatus;
-import org.awaitility.Duration;
-import org.eclipse.tractusx.traceability.test.tooling.EnvVariablesResolver;
-import org.eclipse.tractusx.traceability.test.tooling.NotificationTypeEnum;
-import org.eclipse.tractusx.traceability.test.tooling.TraceXEnvironmentEnum;
 import notification.request.NotificationSeverityRequest;
 import notification.request.StartNotificationRequest;
-import notification.request.UpdateNotificationStatusTransitionRequest;
 import notification.request.UpdateNotificationStatusRequest;
+import notification.request.UpdateNotificationStatusTransitionRequest;
 import notification.response.NotificationIdResponse;
 import notification.response.NotificationResponse;
+import org.apache.http.HttpStatus;
+import org.awaitility.Durations;
+import org.eclipse.tractusx.traceability.test.tooling.EnvVariablesResolver;
+import org.eclipse.tractusx.traceability.test.tooling.NotificationTypeEnum;
+import org.eclipse.tractusx.traceability.test.tooling.TraceXEnvironmentEnum;
 
 import java.time.Instant;
 import java.util.List;
@@ -121,7 +121,7 @@ public NotificationIdResponse createNotification(
 
     public void approveNotification(final Long notificationId) {
         await()
-                .atMost(Duration.FIVE_MINUTES)
+                .atMost(Durations.FIVE_MINUTES)
                 .pollInterval(10, TimeUnit.SECONDS)
                 .ignoreExceptions()
                 .until(() -> {
@@ -159,7 +159,7 @@ public void cancelNotification(final Long notificationId) {
 
     public void closeNotification(final Long notificationId) {
         await()
-                .atMost(Duration.FIVE_MINUTES)
+                .atMost(Durations.FIVE_MINUTES)
                 .pollInterval(10, TimeUnit.SECONDS)
                 .ignoreExceptions()
                 .until(() -> {
@@ -190,7 +190,7 @@ public void updateNotification(final Long notificationId,
                 .build();
 
         await()
-                .atMost(Duration.FIVE_MINUTES)
+                .atMost(Durations.FIVE_MINUTES)
                 .pollInterval(10, TimeUnit.SECONDS)
                 .ignoreExceptions()
                 .until(() -> {

tx-models/pom.xml

@@ -80,12 +80,12 @@ SPDX-License-Identifier: Apache-2.0
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>
-            <version>1.4.14</version>
+            <version>1.5.4</version>
         </dependency>
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-core</artifactId>
-            <version>1.4.14</version>
+            <version>1.5.4</version>
         </dependency>
         <dependency>
             <groupId>org.mockito</groupId>