From 6fd46b5e44953d419c5ee74be4d0db8b389c7709 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 19 Dec 2024 18:30:47 +0000
Subject: [PATCH] fix: java/serving/pom.xml & java/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898
- https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
- https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044
- https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
- https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047
---
 java/pom.xml         | 12 ++++++------
 java/serving/pom.xml |  6 +++---
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/java/pom.xml b/java/pom.xml
index 6b18588923..dbb24aa34f 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -41,9 +41,9 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 
-        <grpc.version>1.30.2</grpc.version>
+        <grpc.version>1.53.0</grpc.version>
         <protoc.version>3.12.2</protoc.version>
-        <protobuf.version>3.16.1</protobuf.version>
+        <protobuf.version>3.25.5</protobuf.version>
         <com.google.cloud.version>1.111.1</com.google.cloud.version>
         <io.prometheus.version>0.8.0</io.prometheus.version>
         <byte-buddy.version>1.9.10</byte-buddy.version>
@@ -61,7 +61,7 @@
         <swagger.core.version>1.5.24</swagger.core.version>
         <okhttp.version>3.14.7</okhttp.version>
         <commons.lang3.version>3.10</commons.lang3.version>
-        <jackson.version>2.14.0</jackson.version>
+        <jackson.version>2.15.0</jackson.version>
         <javax.xml.bind.version>2.3.1</javax.xml.bind.version>
         <javax.annotation.version>1.3.2</javax.annotation.version>
         <javax.validation.version>2.0.1.Final</javax.validation.version>
@@ -300,7 +300,7 @@
                         <excludes>
                             <exclude>src/main/java/**/BatchLoadsWithResult.java</exclude>
                         </excludes>
-                        <removeUnusedImports />
+                        <removeUnusedImports/>
                     </java>
                     <scala>
                         <licenseHeader>
@@ -365,7 +365,7 @@
                                 <requireJavaVersion>
                                     <version>[11.0,)</version>
                                 </requireJavaVersion>
-                                <reactorModuleConvergence />
+                                <reactorModuleConvergence/>
                             </rules>
                         </configuration>
                     </execution>
@@ -376,7 +376,7 @@
                         </goals>
                         <configuration>
                             <rules>
-                                <banDuplicatePomDependencyVersions />
+                                <banDuplicatePomDependencyVersions/>
                             </rules>
                         </configuration>
                     </execution>
diff --git a/java/serving/pom.xml b/java/serving/pom.xml
index ca7f8a73b5..e10b58b8d9 100644
--- a/java/serving/pom.xml
+++ b/java/serving/pom.xml
@@ -126,7 +126,7 @@
     <dependency>
       <groupId>com.azure</groupId>
       <artifactId>azure-storage-blob</artifactId>
-      <version>12.25.2</version>
+      <version>12.26.1</version>
     </dependency>
     <dependency>
       <groupId>com.azure</groupId>
@@ -192,7 +192,7 @@
     <dependency>
       <groupId>io.jaegertracing</groupId>
       <artifactId>jaeger-client</artifactId>
-      <version>1.3.2</version>
+      <version>1.8.1</version>
     </dependency>
     <dependency>
       <groupId>io.opentracing</groupId>
@@ -240,7 +240,7 @@
     <dependency>
       <groupId>com.google.cloud</groupId>
       <artifactId>google-cloud-storage</artifactId>
-      <version>1.118.0</version>
+      <version>2.43.1</version>
     </dependency>
 
     <dependency>