cve-resolution-strategy.gradle

configurations.all {
    resolutionStrategy {
        eachDependency { DependencyResolveDetails det ->
            /* JAR upgrades with latest versions for CVE fixes*/

            /*
                CVE-2021-28165, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-28169, CVE-2021-34429
            * */
            if (det.requested.name == 'jetty-client' || det.requested.name == 'jetty-continuation' || det.requested.name == 'jetty-http'
                    || det.requested.name == 'jetty-security' || det.requested.name == 'jetty-servlet' || det.requested.name == 'jetty-servlets'
                    || det.requested.name == 'jetty-util' || det.requested.name == 'jetty-webapp' || det.requested.name == 'jetty-xml'
                    || det.requested.name == 'jetty-server' || det.requested.name == 'jetty-_http_server' || det.requested.name == 'jetty-util-ajax'
                    || det.requested.name == 'mortbay_jetty' || det.requested.name == 'jetty-io') {
                det.useVersion '11.0.18'
            }

            /*
                For compatibility with Powermockito
            */
            if (det.requested.group == 'org.mockito') {
                det.useVersion '3.12.1'
            }

            /*CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090, CVE-2024-26308*/
            if (det.requested.name == 'commons-compress') {
                det.useVersion '1.26.0'
            }

            /* CVE-2024-1597 */
            if (det.requested.name == 'postgresql' && det.requested.group == 'org.postgresql') {
                det.useVersion '42.7.3'
            }
        }
    }
}