Update dependencies to fix vulnerabilities

[mfedorov]

Dependencies below address most vulnerabilities and keep code intact.

<dependencies>
        <dependency>
            <groupId>com.fasterxml.jackson.core</groupId>
            <artifactId>jackson-databind</artifactId>
            <version>2.14.0-rc1</version>
        </dependency>
        <dependency>
            <groupId>commons-lang</groupId>
            <artifactId>commons-lang</artifactId>
            <version>2.6</version>
        </dependency>
        <dependency>
            <groupId>commons-beanutils</groupId>
            <artifactId>commons-beanutils</artifactId>
            <version>1.9.4</version>
        </dependency>
        <dependency>
            <groupId>joda-time</groupId>
            <artifactId>joda-time</artifactId>
            <version>2.10.5</version>
        </dependency>
        <dependency>
            <groupId>org.mule.connectors</groupId>
            <artifactId>mule-jms-connector</artifactId>
            <version>1.8.4</version>
            <classifier>mule-plugin</classifier>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>com.mulesoft.connectors</groupId>
            <artifactId>mule-amqp-connector</artifactId>
            <version>1.7.4</version>
            <classifier>mule-plugin</classifier>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>com.mulesoft.muleesb.modules</groupId>
            <artifactId>anypoint-mq-rest-client</artifactId>
            <version>3.1.16</version>
            <exclusions>
                <exclusion>
                    <groupId>com.google.code.gson</groupId>
                    <artifactId>gson</artifactId>
                </exclusion>
                <exclusion>
                    <artifactId>async-http-client</artifactId>
                    <groupId>com.ning</groupId>
                </exclusion>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-core</artifactId>
                </exclusion>
            </exclusions>
            <scope>compile</scope>
        </dependency>
        <dependency>
            <groupId>com.jayway.jsonpath</groupId>
            <artifactId>json-path</artifactId>
            <version>2.7.0</version>
            <exclusions>
                <exclusion>
                    <groupId>org.slf4j</groupId>
                    <artifactId>slf4j-api</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>com.lmax</groupId>
            <artifactId>disruptor</artifactId>
            <version>3.4.2</version>
        </dependency>
    </dependencies>

[lucksidedown]

Updating the dependencies would be great. GitLab dependency scanning lists multiple vulnerabilities associated with the dependencies in this project.

Any idea if this'll happen?

[ManikantaRajKumar]

@mfedorov are you able to fix this issue, we are also facing same issue with vulnerabilities. Please help me if you have already upgraded.
@sup-mule @lucksidedown

[mfedorov]

@mfedorov are you able to fix this issue, we are also facing same issue with vulnerabilities. Please help me if you have already upgraded. @sup-mule @lucksidedown

For 2.1.0 I am using the following dependencies. Going higher on these is creating code issue.

<dependencies>
        <dependency>
            <artifactId>snakeyaml</artifactId>
            <groupId>org.yaml</groupId>
            <version>2.0</version>
        </dependency>
        <dependency>
            <groupId>org.json</groupId>
            <artifactId>json</artifactId>
            <version>20230618</version>
        </dependency>
        <dependency>
            <groupId>com.fasterxml.jackson.core</groupId>
            <artifactId>jackson-databind</artifactId>
            <version>2.13.4.2</version>
        </dependency>
        <dependency>
            <groupId>commons-lang</groupId>
            <artifactId>commons-lang</artifactId>
            <version>2.6</version>
        </dependency>
        <dependency>
            <groupId>commons-beanutils</groupId>
            <artifactId>commons-beanutils</artifactId>
            <version>1.9.4</version>
        </dependency>
        <dependency>
            <groupId>joda-time</groupId>
            <artifactId>joda-time</artifactId>
            <version>2.10.5</version>
        </dependency>
        <dependency>
            <groupId>org.mule.connectors</groupId>
            <artifactId>mule-jms-connector</artifactId>
            <version>1.8.4</version>
            <classifier>mule-plugin</classifier>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>com.mulesoft.connectors</groupId>
            <artifactId>mule-amqp-connector</artifactId>
            <version>1.6.0</version>
            <classifier>mule-plugin</classifier>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>com.mulesoft.muleesb.modules</groupId>
            <artifactId>anypoint-mq-rest-client</artifactId>
            <version>3.1.0</version>
            <exclusions>
                <exclusion>
                    <artifactId>async-http-client</artifactId>
                    <groupId>com.ning</groupId>
                </exclusion>
                <exclusion>
                    <artifactId>spring-core</artifactId>
                    <groupId>org.springframework</groupId>
                </exclusion>
                <exclusion>
                    <groupId>com.google.code.gson</groupId>
                    <artifactId>gson</artifactId>
                </exclusion>
                <!--exclusion>
                    <artifactId>snakeyaml</artifactId>
                    <groupId>org.yaml</groupId>
                </exclusion-->
            </exclusions>
            <scope>compile</scope>
        </dependency>
        <dependency>
            <groupId>com.google.code.gson</groupId>
            <artifactId>gson</artifactId>
            <version>2.8.9</version>
        </dependency>
        <dependency>
            <groupId>com.jayway.jsonpath</groupId>
            <artifactId>json-path</artifactId>
            <version>2.7.0</version>
            <exclusions>
                <exclusion>
                    <groupId>org.slf4j</groupId>
                    <artifactId>slf4j-api</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>net.minidev</groupId>
                    <artifactId>json-smart</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>net.minidev</groupId>
            <artifactId>json-smart</artifactId>
            <version>2.4.10</version>
        </dependency>
        <dependency>
            <groupId>com.lmax</groupId>
            <artifactId>disruptor</artifactId>
            <version>3.4.2</version>
        </dependency>
    </dependencies>