Bump vulnerable dependencies

Bump azure identity to 1.14.2
snowplow · Nov 27, 2024 · 3183179 · 3183179
1 parent 138c669
commit 3183179
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/project/Dependencies.scala b/project/Dependencies.scala
@@ -25,13 +25,13 @@ object Dependencies {
     val fs2PubSub        = "0.22.0"
     val http4s           = "0.23.23"
     val jackson          = "2.12.7" // force this version to mitigate security vulnerabilities
-    val kafka            = "3.8.1"
+    val kafka            = "3.9.0"
     val log4cats         = "2.6.0"
     val log4j            = "2.17.2" // CVE-2021-44228
     val mskAuth          = "1.1.1"
     val nettyAll         = "4.1.95.Final" // to fix nsq dependency
     val nsqClient        = "1.3.0"
-    val pubsub           = "1.125.11" // force this version to mitigate security vulnerabilities
+    val pubsub           = "1.134.2" // force this version to mitigate security vulnerabilities
     val rabbitMQ         = "5.15.0"
     val slf4j            = "1.7.32"
     val specs2           = "4.11.0"
@@ -40,8 +40,8 @@ object Dependencies {
     val thrift           = "0.15.0" // force this version to mitigate security vulnerabilities
     val tracker          = "2.0.0"
     val dataDog4s        = "0.32.0"
-    val jnrPosix         = "3.1.8"  // force this version to mitigate security vulnerabilities
-    val azureIdentity    = "1.13.2"
+    val jnrPosix         = "3.1.20"  // force this version to mitigate security vulnerabilities
+    val azureIdentity    = "1.14.2"
   }
 
   object Libraries {