RIA-7774 Solve suppressions

.github/renovate.json

@@ -1,11 +1,31 @@
 {
-  "enabledManagers": ["helm-requirements","gradle-wrapper"],
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": ["local>hmcts/.github:renovate-config"],
   "labels": ["dependencies"],
-  "helm-requirements":
-  {
-    "fileMatch": ["\\Chart.yaml$"],
-    "aliases": {
-      "hmctspublic": "https://hmctspublic.azurecr.io/helm/v1/repo/"
+  "packageRules": [
+    {
+      "matchPackagePatterns": [
+        "*"
+      ],
+      "matchUpdateTypes": [
+        "minor",
+        "patch"
+      ],
+      "groupName": "all non-major dependencies",
+      "groupSlug": "all-minor-patch",
+      "automerge": true
+    },
+    {
+      "matchPackageNames": ["com.github.hmcts:ccd-case-document-am-client"],
+      "enabled": false
+    },
+    {
+      "matchUpdateTypes": ["major"],
+      "enabled": false
     }
-  }
+  ],
+  "timezone": "Europe/London",
+  "schedule": [
+    "before 3am every weekday"
+  ]
 }

Dockerfile

@@ -1,8 +1,8 @@
-ARG APP_INSIGHTS_AGENT_VERSION=2.5.1
+ARG APP_INSIGHTS_AGENT_VERSION=3.4.13
 
 # Application image
 
-FROM hmctspublic.azurecr.io/base/java:openjdk-11-distroless-1.2
+FROM hmctspublic.azurecr.io/base/java:17-distroless
 
 COPY lib/AI-Agent.xml /opt/app/
 COPY build/libs/ia-wa-post-deployment-ft-tests.jar /opt/app/

build.gradle

@@ -6,12 +6,12 @@ plugins {
     id 'checkstyle'
     id 'pmd'
     id 'jacoco'
-    id 'io.spring.dependency-management' version '1.0.11.RELEASE'
-    id 'org.springframework.boot' version '2.4.12'
-    id 'org.owasp.dependencycheck' version '8.0.2'
-    id 'com.github.ben-manes.versions' version '0.39.0'
+    id 'io.spring.dependency-management' version '1.1.0'
+    id 'org.springframework.boot' version '2.7.14'
+    id 'org.owasp.dependencycheck' version '8.2.1'
+    id 'com.github.ben-manes.versions' version '0.42.0'
     id 'org.sonarqube' version '3.2.0'
-    id 'io.freefair.lombok' version '5.3.0'
+    id 'io.freefair.lombok' version '6.2.0'
 }
 
 group = 'uk.gov.hmcts.reform'
@@ -23,9 +23,10 @@ lombok {
   config['lombok.anyConstructor.addConstructorProperties'] = 'true'
 }
 
-allprojects {
-    sourceCompatibility = '11'
-    targetCompatibility = '11'
+java {
+  toolchain {
+    languageVersion = JavaLanguageVersion.of(17)
+  }
 }
 
 sourceSets {
@@ -112,12 +113,12 @@ task smoke(type: Test) {
 
 checkstyle {
     maxWarnings = 0
-    toolVersion = '8.29'
-    getConfigDirectory().set(new File(rootDir, 'config/checkstyle'))
+    toolVersion = '10.12.0'
+    configFile(new File(rootDir, 'config/checkstyle/checkstyle.xml'))
 }
 
 pmd {
-    toolVersion = "6.18.0"
+    toolVersion = "6.41.0"
     sourceSets = [sourceSets.main, sourceSets.test, sourceSets.integrationTest, sourceSets.smokeTest]
     reportsDir = file("$project.buildDir/reports/pmd")
     // https://github.com/pmd/pmd/issues/876
@@ -130,7 +131,7 @@ jacocoTestReport {
     reports {
         xml.required = true
         csv.required = false
-        xml.destination file("${buildDir}/reports/jacoco/test/jacocoTestReport.xml")
+        xml.getOutputLocation().set(file("${project.buildDir}/reports/jacoco/test/jacocoTestReport.xml"))
     }
 }
 
@@ -173,7 +174,7 @@ dependencyManagement {
     dependencies {
         dependency group: 'org.bouncycastle', name: 'bcpkix-jdk15on', version: '1.68'
         // CVE-2018-10237 - Unbounded memory allocation
-        dependencySet(group: 'com.google.guava', version: '30.1.1-jre') {
+        dependencySet(group: 'com.google.guava', version: '32.1.2-jre') {
             entry 'guava'
         }
         dependency group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.13'
@@ -183,9 +184,9 @@ dependencyManagement {
       dependency group: 'org.glassfish', name: 'jakarta.el', version: '4.0.1'
 
       // CVE-2020-36518
-      dependency group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.13.2'
-      dependency group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.13.2'
-      dependency group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: '2.13.2'
+      dependency group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.15.3'
+      dependency group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.15.3'
+      dependency group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: '2.15.3'
 
       //CVE-2021-42550
       dependencySet(group: 'ch.qos.logback', version: '1.2.10') {
@@ -202,12 +203,10 @@ repositories {
 }
 
 def versions = [
-        junit           : '5.7.1',
+        junit           : '5.8.2',
         junitPlatform   : '1.7.1',
         reformLogging   : '5.1.9',
-        springfoxSwagger: '3.0.0',
-        serenity        : '2.2.12',
-        tomcat          : '9.0.58'
+        serenity        : '3.2.3'
 ]
 
 ext.libraries = [
@@ -226,17 +225,12 @@ dependencies {
     implementation group: 'org.springframework.boot', name: 'spring-boot-starter-aop'
     implementation group: 'org.springframework.boot', name: 'spring-boot-starter-json'
 
-    implementation group: 'io.springfox', name: 'springfox-swagger2', version: versions.springfoxSwagger
-
     implementation group: 'com.github.hmcts.java-logging', name: 'logging', version: versions.reformLogging
     implementation group: 'com.github.hmcts.java-logging', name: 'logging-appinsights', version: versions.reformLogging
 
     implementation group: 'org.apache.logging.log4j', name: 'log4j-api', version: '2.17.1'
     implementation group: 'org.apache.logging.log4j', name: 'log4j-to-slf4j', version: '2.17.1'
 
-    implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: versions.tomcat
-    implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: versions.tomcat
-
     implementation group: 'com.sun.xml.bind', name: 'jaxb-osgi', version: '4.0.0'
 
     testImplementation libraries.junit5
@@ -245,10 +239,10 @@ dependencies {
         exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
     }
 
-    implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '3.0.3'
+    implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign'
 
     implementation group: 'com.github.hmcts', name: 'service-auth-provider-java-client', version: '3.1.4'
-    implementation group: 'com.github.hmcts', name: 'core-case-data-store-client', version: '4.7.6'
+    implementation group: 'com.github.hmcts', name: 'core-case-data-store-client', version: '4.9.2'
 
     implementation group: 'com.azure', name: 'azure-messaging-servicebus', version: '7.5.0'