From d4fee80423148b137bf96260f31733c6bd1c80ea Mon Sep 17 00:00:00 2001
From: Luis Toledo <luis@variacode.com>
Date: Thu, 1 Jun 2023 18:55:01 -0400
Subject: [PATCH] upgrade azure dependencies

---
 build.gradle | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/build.gradle b/build.gradle
index d6a58b7..49c3260 100644
--- a/build.gradle
+++ b/build.gradle
@@ -39,33 +39,33 @@ configurations {
 }
 
 dependencies {
-    implementation 'org.codehaus.groovy:groovy-all:2.3.11'
-    testImplementation group: 'junit', name: 'junit', version: '4.12'
-    implementation group: 'org.rundeck', name: 'rundeck-core', version: '3.3.+'
-    pluginLibs (group: 'com.microsoft.azure', name: 'azure', version: '1.3.0'){
+    implementation 'org.codehaus.groovy:groovy-all:3.0.9'
+    implementation group: 'org.rundeck', name: 'rundeck-core', version: '4.3.+'
+
+    pluginLibs (group: 'com.microsoft.azure', name: 'azure', version: '1.41.4'){
         exclude group: "com.fasterxml.jackson.core"
     }
-    pluginLibs (group: 'com.microsoft.azure', name: 'azure-storage', version: '6.1.0') {
+    pluginLibs (group: 'com.microsoft.azure', name: 'azure-storage', version: '8.6.6') {
         exclude group: "com.fasterxml.jackson.core"
     }
-    pluginLibs group: 'commons-net', name: 'commons-net', version: '3.5'
-    pluginLibs group: 'commons-io', name: 'commons-io', version: '2.5'
+    pluginLibs group: 'commons-net', name: 'commons-net', version: '3.9.0'
+    pluginLibs group: 'commons-io', name: 'commons-io', version: '2.12.0'
 
     // https://mvnrepository.com/artifact/com.microsoft.azure/azure-keyvault-core
     pluginLibs group: 'com.microsoft.azure', name: 'azure-keyvault-core', version: '1.0.0'
 
-
-    testImplementation "org.codehaus.groovy:groovy-all:2.3.7"
-    testImplementation "org.spockframework:spock-core:0.7-groovy-2.0"
+    testImplementation group: 'junit', name: 'junit', version: '4.13.2'
+    testImplementation "org.codehaus.groovy:groovy-all:3.0.9"
+    testImplementation "org.spockframework:spock-core:2.0-groovy-3.0"
     testImplementation "cglib:cglib-nodep:2.2.2"
     testImplementation 'org.objenesis:objenesis:1.4'
 
     constraints {
-        pluginLibs("com.squareup.retrofit2:adapter-rxjava:2.6.1")  {
+        pluginLibs("com.squareup.retrofit2:adapter-rxjava:2.9.0")  {
             because "retrofit version by azure affected by CVE-2018-1000844"
         }
-        pluginLibs("net.minidev:json-smart:2.4.8")  {
-            because "version 2.4.2 affected by CVE-2021-31684"
+        pluginLibs("net.minidev:json-smart:2.4.11")  {
+            because "affected by CVE-2021-31684 CVE-2023-1370 CVE-2021-3168"
         }
     }