Stephen Nesman
Stephen Nesman
Signed-off-by: Stephen Nesman
This PR pins glob to 9.3.5 to mitigate snyk [finding](https://app.snyk.io/org/prime-reportstream/project/cc6712e9-a739-4407-9fc0-411dd7d67e12#issue-SNYK-JS-INFLIGHT-6095116) in 7.2.3 dependency `inflight`. `inflight` is deprecated and will not be updated. Unfortunately the latest v10 has a breaking change....
This PR updates braces from 3.0.2 to 3.0.3 to mitigate Snyk [finding](https://app.snyk.io/org/prime-reportstream/project/cc6712e9-a739-4407-9fc0-411dd7d67e12#issue-SNYK-JS-BRACES-6838727). **If you are suggesting a fix for a currently exploitable issue, please disclose the issue to the prime-reportstream...
This PR updates Gradle from 8.8 to 8.10. **If you are suggesting a fix for a currently exploitable issue, please disclose the issue to the prime-reportstream team directly outside of...
This PR enables the OWASP Dependency Check plugin. This plugin is easier to use than the OWASP Dependency Check CLI. **If you are suggesting a fix for a currently exploitable...
## Problem statement Today the on-call roster reports: > GitHub Actions [9:35 AM] > [CDCgov/prime-reportstream](https://github.com/CDCgov/prime-reportstream) > PagerDuty On-Call > PRIME ReportStream > :exclamation:Now: Jeremy P*** > ReportStream Dependabot > :exclamation:Now:...
This PR pins spring-web to 6.1.12 to mitigate Snyk [finding](https://app.snyk.io/org/prime-reportstream/project/5a7e2623-190c-4044-955c-ee9f01f20ec9#issue-SNYK-JAVA-ORGSPRINGFRAMEWORK-7687447). **If you are suggesting a fix for a currently exploitable issue, please disclose the issue to the prime-reportstream team directly...