From 7c4e4073fb66ddac06182ab32f04fb5e9e61b68a Mon Sep 17 00:00:00 2001
From: Andrea Morabito <78792023+and-mora@users.noreply.github.com>
Date: Wed, 9 Nov 2022 12:40:51 +0100
Subject: [PATCH] fix: [RTD-876] fix cve jackson with bump version from 2.13.4
 to 2.14.0 (#294)

---
 pom.xml | 25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/pom.xml b/pom.xml
index 0d28d6cb..4587589c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,6 +17,12 @@
     <properties>
         <java.version>1.8</java.version>
         <spring-boot.version>2.7.4</spring-boot.version>
+        <postgresql.version>42.5.0</postgresql.version>
+        <springframework-cloud.version>3.1.4</springframework-cloud.version>
+        <snakeyaml.version>1.33</snakeyaml.version>
+        <common-io.version>2.11.0</common-io.version>
+        <bouncycastle.version>1.70</bouncycastle.version>
+        <jackson-core.version>2.14.0</jackson-core.version>
         <maven-jar-plugin.version>3.1.2</maven-jar-plugin.version>
         <maven-deploy-plugin.version>3.0.0-M1</maven-deploy-plugin.version>
         <maven-compiler-plugin.version>3.8.0</maven-compiler-plugin.version>
@@ -35,34 +41,41 @@
             <dependency>
                 <groupId>org.postgresql</groupId>
                 <artifactId>postgresql</artifactId>
-                <version>42.5.0</version>
+                <version>${postgresql.version}</version>
                 <scope>runtime</scope>
             </dependency>
             <dependency>
                 <groupId>org.springframework.cloud</groupId>
                 <artifactId>spring-cloud-contract-wiremock</artifactId>
-                <version>3.1.4</version>
+                <version>${springframework-cloud.version}</version>
                 <scope>test</scope>
             </dependency>
             <dependency>
                 <groupId>org.springframework.cloud</groupId>
                 <artifactId>spring-cloud-starter-openfeign</artifactId>
-                <version>3.1.4</version>
+                <version>${springframework-cloud.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.yaml</groupId>
                 <artifactId>snakeyaml</artifactId>
-                <version>1.33</version>
+                <version>${snakeyaml.version}</version>
             </dependency>
             <dependency>
                 <groupId>commons-io</groupId>
                 <artifactId>commons-io</artifactId>
-                <version>2.11.0</version>
+                <version>${common-io.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.bouncycastle</groupId>
                 <artifactId>bcpg-jdk15on</artifactId>
-                <version>1.70</version>
+                <version>${bouncycastle.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.fasterxml.jackson.core</groupId>
+                <artifactId>jackson-databind</artifactId>
+                <version>${jackson-core.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
             </dependency>
             <dependency>
                 <groupId>it.gov.pagopa.rtd.ms.transaction_filter.integration</groupId>