This is an automated email from the ASF dual-hosted git repository.
adamsaghy pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/fineract.git
The following commit(s) were added to refs/heads/develop by this push:
new e02aaa9a1c FINERACT-2326: Upgrade dependencies
e02aaa9a1c is described below
commit e02aaa9a1c3bf9a430778c11640476391160f46f
Author: Adam Saghy <[email protected]>
AuthorDate: Sun Sep 14 10:26:24 2025 -0500
FINERACT-2326: Upgrade dependencies
---
buildSrc/src/main/groovy/org.apache.fineract.dependencies.gradle | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/buildSrc/src/main/groovy/org.apache.fineract.dependencies.gradle
b/buildSrc/src/main/groovy/org.apache.fineract.dependencies.gradle
index 1e31bd4f7c..574f57066b 100644
--- a/buildSrc/src/main/groovy/org.apache.fineract.dependencies.gradle
+++ b/buildSrc/src/main/groovy/org.apache.fineract.dependencies.gradle
@@ -33,7 +33,7 @@ dependencyManagement {
mavenBom 'org.junit:junit-bom:5.11.3'
mavenBom 'com.fasterxml.jackson:jackson-bom:2.18.3'
mavenBom 'io.cucumber:cucumber-bom:7.20.1'
- mavenBom 'io.netty:netty-bom:4.1.119.Final'
+ mavenBom 'io.netty:netty-bom:4.1.125.Final'
mavenBom 'org.mockito:mockito-bom:5.14.2'
mavenBom 'software.amazon.awssdk:bom:2.29.9'
mavenBom 'io.github.resilience4j:resilience4j-bom:2.2.0'
@@ -238,7 +238,8 @@ dependencyManagement {
}
//v42.7.5: performance issue:
https://github.com/pgjdbc/pgjdbc/issues/3511#issuecomment-2637277977
- dependency 'org.postgresql:postgresql:42.7.4'
+ //v42.7.4: CVE-2025-49146:
https://nvd.nist.gov/vuln/detail/CVE-2025-49146
+ dependency 'org.postgresql:postgresql:42.7.3'
dependency 'com.mysql:mysql-connector-j:9.2.0'
@@ -273,5 +274,6 @@ dependencyManagement {
dependency 'com.ibm.icu:icu4j:76.1'
dependency 'org.yakworks:spring-icu4j:0.4.2'
dependency 'org.apache.commons:commons-lang3:3.18.0'
+ dependency 'com.nimbusds:nimbus-jose-jwt:10.0.2'
}
}
