From 1b52576a970a94b80a647d0e3875fe1db7ab374e Mon Sep 17 00:00:00 2001
From: Martin Gaievski <gaievski@amazon.com>
Date: Wed, 6 Dec 2023 09:29:00 -0800
Subject: [PATCH] Upversion all dependencies in hope of fixing CVEs

Signed-off-by: Martin Gaievski <gaievski@amazon.com>
---
 CHANGELOG.md | 2 +-
 build.gradle | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4d5068e8b..3f02272c4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,7 +13,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 ### Infrastructure
 ### Documentation
 ### Maintenance
-Added support for jdk-21 ([#500](https://github.com/opensearch-project/neural-search/pull/500)))
+- Added support for jdk-21 ([#500](https://github.com/opensearch-project/neural-search/pull/500)))
 ### Refactoring
 
 ## [Unreleased 2.x](https://github.com/opensearch-project/neural-search/compare/2.11...2.x)
diff --git a/build.gradle b/build.gradle
index 7ee6faa07..a9368ed02 100644
--- a/build.gradle
+++ b/build.gradle
@@ -109,7 +109,7 @@ buildscript {
 
     dependencies {
         classpath "${opensearch_group}.gradle:build-tools:${opensearch_version}"
-        classpath "com.diffplug.spotless:spotless-plugin-gradle:6.22.0"
+        classpath "com.diffplug.spotless:spotless-plugin-gradle:6.23.2"
         classpath "io.freefair.gradle:lombok-plugin:8.4"
     }
 }
@@ -144,7 +144,7 @@ dependencies {
     zipArchive group: 'org.opensearch.plugin', name:'opensearch-ml-plugin', version: "${opensearch_build}"
     compileOnly fileTree(dir: knnJarDirectory, include: '*.jar')
     api group: 'org.opensearch', name:'opensearch-ml-client', version: "${opensearch_build}"
-    implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.10'
+    implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.14.0'
     // ml-common excluded reflection for runtime so we need to add it by ourselves.
     // https://github.com/opensearch-project/ml-commons/commit/464bfe34c66d7a729a00dd457f03587ea4e504d9
     // TODO: Remove following three lines of dependencies if ml-common include them in their jar