adding Rins security scan comments

CDCgov · Oct 18, 2023 · 7b45121 · 7b45121
1 parent b9fc39a
commit 7b45121
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/backend/build.gradle b/backend/build.gradle
@@ -49,10 +49,10 @@ dependencies {
      * Please do NOT scatter packages elsewhere around the file. Scattered packages make it easy for pins to become
      * stale.
      *
-     * DevSecOps verifies these packages at least once per month. LAST VERIFIED: 4 August 2023.
+     * DevSecOps verifies these packages at least once per month. LAST VERIFIED: 17 October 2023.
      */
-    implementation 'org.yaml:snakeyaml:1.33' //Verified 4 Aug 2023. Removal restores snakeyaml to 1.30, which is vulnerable to DoS.
-    implementation 'org.thymeleaf:thymeleaf:3.1.2.RELEASE' //Verified 4 Aug 2023. Resolves critical vulnerability caused by org.springframework.boot plugin @ 2.7.13.
+    implementation 'org.yaml:snakeyaml:1.33' //Verified 17 Oct 2023. Removal restores snakeyaml to 1.30, which is vulnerable to DoS.
+    implementation 'org.thymeleaf:thymeleaf:3.1.2.RELEASE' //Verified 17 Oct 2023. Resolves critical vulnerability caused by org.springframework.boot plugin @ 2.7.13.
 
     // data layer dependencies
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'