From 9c11614326f0bf2963a3fdba16309481b2b04489 Mon Sep 17 00:00:00 2001
From: Matas <lauzmata@amazon.com>
Date: Tue, 25 Jun 2024 12:40:56 -0500
Subject: [PATCH] fix: address various Dependabot warnings (#1107)

---
 gradle/libs.versions.toml                                   | 2 +-
 .../http-client-engines/test-suite/build.gradle.kts         | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 7db994687..65392b6ea 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -25,7 +25,7 @@ kotlin-compile-testing-version = "1.5.0"
 kotlinx-benchmark-version = "0.4.9"
 kotlinx-serialization-version = "1.6.0"
 docker-java-version = "3.3.6"
-ktor-version = "2.3.6"
+ktor-version = "2.3.12"
 kaml-version = "0.55.0"
 jsoup-version = "1.16.2"
 
diff --git a/runtime/protocol/http-client-engines/test-suite/build.gradle.kts b/runtime/protocol/http-client-engines/test-suite/build.gradle.kts
index 06d011297..130e45d3d 100644
--- a/runtime/protocol/http-client-engines/test-suite/build.gradle.kts
+++ b/runtime/protocol/http-client-engines/test-suite/build.gradle.kts
@@ -43,6 +43,12 @@ kotlin {
         jvmTest {
             dependencies {
                 implementation(libs.docker.core)
+                // FIXME docker-java has a ton of dependencies with vulnerabilities, and they don't seem motivated to fix them.
+                // So we must override their dependencies with the latest patched versions. https://github.com/docker-java/docker-java/issues/1974
+                implementation("com.fasterxml.jackson.core:jackson-databind:2.12.7.1") // https://github.com/docker-java/docker-java/issues/2177
+                implementation("org.apache.commons:commons-compress:1.26.0") // https://github.com/docker-java/docker-java/pull/2256
+                implementation("org.bouncycastle:bcpkix-jdk18on:1.78") // https://github.com/docker-java/docker-java/pull/2326
+
                 implementation(libs.docker.transport.zerodep)
             }
         }