From e3e984aa83692cbcbbb228e2c51044407b4a702d Mon Sep 17 00:00:00 2001
From: leanne <leanne@moderne.io>
Date: Thu, 2 Jan 2025 15:46:06 -0800
Subject: [PATCH] Addressing Vulnerabilities

We are pulling in rewrite-jenkins@17 which has the following CVEs: CVE-2022-34793, CVE-2022-34792, CVE-2022-34794

This is just a runtimeDependency so we have the option of ignoring it, as it's an easy fix to remove I remove it instead of suppressing it
---
 build.gradle.kts | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index c9dfa8a..13c455e 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -29,10 +29,10 @@ dependencies {
     runtimeOnly("ai.timefold.solver:timefold-solver-migration:latest.release") {
         exclude(module = "jakarta.xml.bind-api")
     }
-    runtimeOnly("io.quarkus:quarkus-update-recipes:latest.release")
-    runtimeOnly("org.apache.camel.upgrade:camel-upgrade-recipes:latest.release")
-    runtimeOnly("org.apache.wicket:wicket-migration:latest.release")
-    runtimeOnly("org.axonframework:axon-migration:latest.release")
+    runtimeOnly("io.quarkus:quarkus-update-recipes:latest.release") {isTransitive = false}
+    runtimeOnly("org.apache.camel.upgrade:camel-upgrade-recipes:latest.release") {isTransitive = false}
+    runtimeOnly("org.apache.wicket:wicket-migration:latest.release") {isTransitive = false}
+    runtimeOnly("org.axonframework:axon-migration:latest.release") {isTransitive = false}
     runtimeOnly("software.amazon.awssdk:v2-migration:latest.release")
     runtimeOnly("tech.picnic.error-prone-support:error-prone-contrib:latest.release:recipes")