Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 (#65)

* Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 Bumps org.apache.commons:commons-compress from 1.21 to 1.26.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * update add commons-codec Signed-off-by: see-quick <maros.orsak159@gmail.com> * apply comment from JS Signed-off-by: see-quick <maros.orsak159@gmail.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: see-quick <maros.orsak159@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: see-quick <maros.orsak159@gmail.com>
strimzi · Feb 21, 2024 · ff2e5c4 · ff2e5c4
1 parent ee2db2c
commit ff2e5c4
Showing 1 changed file with 13 additions and 3 deletions.
diff --git a/pom.xml b/pom.xml
@@ -89,7 +89,7 @@
         <maven.compiler.source>11</maven.compiler.source>
 
         <!-- DEPENDENCY CODE VERSIONS       -->
-        <test-containers.version>1.19.3</test-containers.version>
+        <test-containers.version>1.19.5</test-containers.version>
         <spotbugs.version>4.7.2</spotbugs.version>
         <log4j.version>2.17.1</log4j.version>
         <docker-java.version>3.3.3</docker-java.version>
@@ -114,7 +114,8 @@
         <sonatype.nexus.staging>1.6.13</sonatype.nexus.staging>
 
         <!-- FIX VULNERABILITY VERSIONS  -->
-        <commons-compress.version>1.21</commons-compress.version>
+        <commons-compress.version>1.26.0</commons-compress.version>
+        <commons-codec.version>1.16.1</commons-codec.version>
         <junit4.version>4.13.2</junit4.version>
     </properties>
 
@@ -205,13 +206,22 @@
             <scope>test</scope>
         </dependency>
 
-
         <!-- overriding version of commons-compress for Test container - Vulnerability -->
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-compress</artifactId>
             <version>${commons-compress.version}</version>
         </dependency>
+        <!-- address compatibility issues that arise
+        from upgrading `commons-compress`. Version 1.26.0 of `commons-compress` relies on functionalities provided
+        by `commons-codec` 1.16.1, leading to a requirement for this specific version of `commons-codec` to avoid
+        classpath conflicts and ensure runtime compatibility.
+        -->
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>${commons-codec.version}</version>
+        </dependency>
         <!-- overriding version of commons-compress for Test container - Vulnerability -->
         <dependency>
             <groupId>junit</groupId>