From f6f25f849df1c227190388a35d4ec5aeb9c9af35 Mon Sep 17 00:00:00 2001
From: Tom Akehurst <tom@wiremock.org>
Date: Wed, 9 Oct 2024 17:30:12 +0100
Subject: [PATCH] Upgraded vulnerable dependency

---
 build.gradle | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index a1bf811..edf3d88 100644
--- a/build.gradle
+++ b/build.gradle
@@ -28,9 +28,15 @@ allprojects {
 	dependencies {
 		testImplementation "org.springframework.boot:spring-boot-starter-test:3.3.4"
 		testImplementation 'org.assertj:assertj-core:3.26.3'
-		testImplementation platform('org.junit:junit-bom:5.10.2')
+		testImplementation platform('org.junit:junit-bom:5.11.2')
 		testImplementation 'org.junit.jupiter:junit-jupiter'
 		testImplementation 'org.junit.platform:junit-platform-launcher'
+
+		constraints {
+			implementation('org.apache.commons:commons-compress:1.26.0') {
+				because 'version 1.24.0 has a vulnerability'
+			}
+		}
 	}
 }