Update All patch-minor dependencies

build.gradle

@@ -2,11 +2,11 @@ plugins {
   id 'application'
   id 'idea'
   id 'jacoco'
-  id 'io.spring.dependency-management' version '1.1.4'
-  id 'org.springframework.boot' version '3.1.12'
-  id 'com.github.ben-manes.versions' version '0.38.0'
+  id 'io.spring.dependency-management' version '1.1.6'
+  id 'org.springframework.boot' version '3.4.0'
+  id 'com.github.ben-manes.versions' version '0.51.0'
   id 'org.sonarqube' version '5.1.0.4882'
-  id 'uk.gov.hmcts.java' version '0.12.55'
+  id 'uk.gov.hmcts.java' version '0.12.63'
   id 'com.github.spacialcircumstances.gradle-cucumber-reporting' version '0.1.25'
 }
 
@@ -219,14 +219,14 @@ sonarqube {
 }
 
 def versions = [
-  junit           : '5.9.3',
-  junitPlatform   : '1.9.3',
-  lombok          : '1.18.30',
+  junit           : '5.11.3',
+  junitPlatform   : '1.11.3',
+  lombok          : '1.18.36',
   mapstruct       : '1.4.2.Final',
-  reformLogging   : '6.1.4',
+  reformLogging   : '6.1.7',
   springBoot      : springBoot.class.package.implementationVersion,
-  testcontainers  : '1.16.3',
-  jetty           : '11.0.18'
+  testcontainers  : '1.20.4',
+  jetty           : '11.0.24'
 
 ]
 
@@ -260,10 +260,10 @@ dependencyManagement {
   dependencies {
 
     // CVE-2018-10237 - Unbounded memory allocation
-    dependencySet(group: 'com.google.guava', version: '33.0.0-jre') {
+    dependencySet(group: 'com.google.guava', version: '33.3.1-jre') {
       entry 'guava'
     }
-    dependencySet(group: 'org.apache.tomcat.embed', version: '10.1.16') {
+    dependencySet(group: 'org.apache.tomcat.embed', version: '10.1.34') {
       entry 'tomcat-embed-core'
       entry 'tomcat-embed-el'
       entry 'tomcat-embed-websocket'
@@ -297,7 +297,7 @@ ext.libraries = [
 
 dependencies {
   runtimeOnly 'org.springframework.boot:spring-boot-properties-migrator'
-  implementation group: 'org.yaml', name: 'snakeyaml', version: '2.2'
+  implementation group: 'org.yaml', name: 'snakeyaml', version: '2.3'
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-web'
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-actuator'
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-aop'
@@ -307,37 +307,37 @@ dependencies {
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-validation'
   implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign'
   implementation group: 'org.springframework.cloud', name: 'spring-cloud-openfeign-core'
-  implementation group: 'io.github.openfeign', name: 'feign-okhttp', version: '13.2.1'
-  implementation group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib', version: '1.7.22'
-  implementation group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib-common', version: '1.7.22'
-  implementation group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib-jdk7', version: '1.7.22'
-  implementation group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib-jdk8', version: '1.7.22'
-  implementation group: 'org.springdoc', name: 'springdoc-openapi-starter-webmvc-ui', version: '2.3.0'
+  implementation group: 'io.github.openfeign', name: 'feign-okhttp', version: '13.5'
+  implementation group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib', version: '1.9.25'
+  implementation group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib-common', version: '1.9.25'
+  implementation group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib-jdk7', version: '1.9.25'
+  implementation group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib-jdk8', version: '1.9.25'
+  implementation group: 'org.springdoc', name: 'springdoc-openapi-starter-webmvc-ui', version: '2.7.0'
 
   implementation group: 'com.github.hmcts.java-logging', name: 'logging', version: versions.reformLogging
   implementation group: 'net.logstash.logback', name: 'logstash-logback-encoder', version: '7.4'
-  implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.12'
-  implementation group: 'ch.qos.logback', name: 'logback-core', version: '1.4.12'
-  implementation group: 'org.slf4j', name: 'slf4j-api', version: '2.0.9'
-  implementation group: 'org.slf4j', name: 'jul-to-slf4j', version: '2.0.9'
+  implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.5.12'
+  implementation group: 'ch.qos.logback', name: 'logback-core', version: '1.5.12'
+  implementation group: 'org.slf4j', name: 'slf4j-api', version: '2.0.16'
+  implementation group: 'org.slf4j', name: 'jul-to-slf4j', version: '2.0.16'
   implementation group: 'com.github.hmcts.java-logging', name: 'logging-appinsights', version: versions.reformLogging
 
   implementation group: 'javax.inject', name: 'javax.inject', version: '1'
-  implementation group: 'com.azure', name: 'azure-messaging-servicebus', version: '7.17.4'
-  implementation group: 'com.azure', name: 'azure-core', version: '1.52.0'
-  implementation group: 'com.azure', name: 'azure-core-amqp', version: '2.9.9'
+  implementation group: 'com.azure', name: 'azure-messaging-servicebus', version: '7.17.7'
+  implementation group: 'com.azure', name: 'azure-core', version: '1.54.1'
+  implementation group: 'com.azure', name: 'azure-core-amqp', version: '2.9.12'
 
-  implementation group: 'net.minidev', name: 'json-smart', version: '2.4.9'
+  implementation group: 'net.minidev', name: 'json-smart', version: '2.5.1'
 
   // CVE Fixes
   implementation group: 'org.glassfish', name: 'jakarta.el', version: '4.0.2' // CVE-2021-28170
-  implementation group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.13' // CVE-2020-13956
-  implementation group: 'com.squareup.okio', name: 'okio', version: '3.4.0' // CVE-2023-3635
-  implementation group: 'org.eclipse.jgit', name: 'org.eclipse.jgit', version: '6.6.1.202309021850-r' // CVE-2023-4759
-  implementation group: 'net.minidev', name: 'json-smart', version: '2.4.11' // CVE-2023-1370
+  implementation group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.14' // CVE-2020-13956
+  implementation group: 'com.squareup.okio', name: 'okio', version: '3.9.1' // CVE-2023-3635
+  implementation group: 'org.eclipse.jgit', name: 'org.eclipse.jgit', version: '6.10.0.202406032230-r' // CVE-2023-4759
+  implementation group: 'net.minidev', name: 'json-smart', version: '2.5.1' // CVE-2023-1370
 
   implementation group: 'commons-fileupload', name: 'commons-fileupload', version: '1.5'
-  implementation group: 'commons-io', name: 'commons-io', version: '2.8.0'
+  implementation group: 'commons-io', name: 'commons-io', version: '2.18.0'
 
   implementation group: 'org.projectlombok', name: 'lombok', version: versions.lombok
   annotationProcessor group: 'org.projectlombok', name: 'lombok', version: versions.lombok
@@ -362,19 +362,19 @@ dependencies {
   implementation group: 'org.eclipse.jetty', name: 'jetty-alpn-conscrypt-client', version: versions.jetty
 
   // Explicitly set versions of io.netty components to resolve CVE-2021-37136 and CVE-2021-37137
-  implementation group: 'io.projectreactor.netty', name: 'reactor-netty-core', version: '1.1.15'
-  implementation group: 'io.projectreactor.netty', name: 'reactor-netty-http', version: '1.1.15'
+  implementation group: 'io.projectreactor.netty', name: 'reactor-netty-core', version: '1.2.0'
+  implementation group: 'io.projectreactor.netty', name: 'reactor-netty-http', version: '1.2.0'
 
-  runtimeOnly group: 'org.postgresql', name: 'postgresql', version: '42.5.5'
+  runtimeOnly group: 'org.postgresql', name: 'postgresql', version: '42.7.4'
 
   testImplementation libraries.junit5
-  testImplementation 'org.apiguardian:apiguardian-api:1.0.0' // Temporary fix see https://github.com/junit-team/junit5/issues/1065
+  testImplementation 'org.apiguardian:apiguardian-api:1.1.2' // Temporary fix see https://github.com/junit-team/junit5/issues/1065
   testImplementation group: 'org.springframework.boot', name: 'spring-boot-starter-test', {
     exclude group: 'junit', module: 'junit'
     exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
   }
 
-  testImplementation group: 'org.mockito', name: 'mockito-inline', version: '4.8.1'
+  testImplementation group: 'org.mockito', name: 'mockito-inline', version: '4.11.0'
   testImplementation group: 'org.powermock', name: 'powermock-api-mockito2', version: '2.0.9'
   testImplementation group: 'org.powermock', name: 'powermock-module-junit4', version: '2.0.9'
   testImplementation group: 'org.testcontainers', name: 'postgresql', version: versions.testcontainers
@@ -393,7 +393,7 @@ dependencies {
   functionalTestImplementation group: 'com.github.hmcts', name: 'befta-fw', version: '9.2.0'
   functionalTestImplementation libraries.junit5
 
-  testImplementation 'com.github.hmcts:fortify-client:1.3.0:all', {
+  testImplementation 'com.github.hmcts:fortify-client:1.4.5:all', {
     exclude group: 'org.slf4j', module: 'slf4j-api'
   }
 }

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-all.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

infrastructure/.terraform-version

@@ -1 +1 @@
-1.3.9
+1.10.1

queue-writer-util/build.gradle

@@ -21,7 +21,7 @@ application {
 }
 
 dependencies {
-  implementation "com.azure:azure-messaging-servicebus:7.0.1"
-  implementation "org.slf4j:slf4j-api:1.7.5"
-  implementation "org.slf4j:slf4j-simple:1.7.5"
+  implementation "com.azure:azure-messaging-servicebus:7.17.7"
+  implementation "org.slf4j:slf4j-api:1.7.36"
+  implementation "org.slf4j:slf4j-simple:1.7.36"
 }

queue-writer-util/gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.7.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.9.4-all.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists