From dd8f514a57207c94e8ef1beeb6ff9cd48e0de887 Mon Sep 17 00:00:00 2001
From: Igor Baiborodine <igor@kiroule.com>
Date: Thu, 5 Oct 2023 15:19:41 -0400
Subject: [PATCH] chore: upgrade snakeyaml dependency to fix CVE-2022-1471
 vulnerability (#73)

---
 pom.xml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/pom.xml b/pom.xml
index 485b8de..2f03e59 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,6 +53,12 @@
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-actuator</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>org.yaml</groupId>
+          <artifactId>snakeyaml</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
@@ -85,6 +91,11 @@
       <scope>test</scope>
     </dependency>
     <!--AUXILIARY-->
+    <dependency>
+      <groupId>org.yaml</groupId>
+      <artifactId>snakeyaml</artifactId>
+      <version>2.2</version>
+    </dependency>
     <dependency>
       <groupId>org.springframework.retry</groupId>
       <artifactId>spring-retry</artifactId>
@@ -120,6 +131,12 @@
       <groupId>org.springdoc</groupId>
       <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
       <version>2.1.0</version>
+      <exclusions>
+        <exclusion>
+          <groupId>org.yaml</groupId>
+          <artifactId>snakeyaml</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>org.mapstruct</groupId>