Dependency Updates
- Upgrade to Jackson 2.9.10.6 (#1708)
- This addresses CVE-2020-24750 and CVE-2020-24616
- Bump amqp-client from 5.5.3 to 5.10.0 (#1691)
- Bump jetty9.version from 9.4.32.v20200930 to 9.4.34.v20201102 (#1689, #1699)
- This is addresses GHSA-g3wg-6mcf-8jj6 (CVE-2020-27216)
- Bump log4j2.version from 2.13.3 to 2.14.0 (#1707)
- Bump assertj-core from 3.17.2 to 3.18.1 (#1690, #1709)
- Bump mockito-core from 3.5.15 to 3.6.0 (#1692)
- Bump actions/cache from v2.1.2 to v2.1.3 (#1703)
- Bump actions/stale from v3.0.12 to v3.0.13 (#1698)
Assorted
- Add explicit version for sphinx-maven-plugin to fix build warning
- Run SonarCloud analysis only in
dropwizard/metricsand whenSONAR_TOKENis available (#1697)