From 11a04efec686959ddbff4b277c6a2df61e6cc8a6 Mon Sep 17 00:00:00 2001
From: Sandesh Kumar <kusandes@amazon.com>
Date: Wed, 30 Aug 2023 19:05:38 -0700
Subject: [PATCH 1/2] CVE-2023-2976 Fix google-java-format-1.17.0.jar: 1
 vulnerabilities

Signed-off-by: Sandesh Kumar <kusandes@amazon.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index f30577292..7ee86f1aa 100644
--- a/build.gradle
+++ b/build.gradle
@@ -159,7 +159,7 @@ dependencies {
     zipArchive group: 'org.opensearch.plugin', name:'notifications', version: "${opensearch_build}"
 
     //spotless
-    implementation('com.google.googlejavaformat:google-java-format:1.17.0') {
+    implementation('com.google.googlejavaformat:google-java-format:32.0.1') {
         exclude group: 'com.google.guava'
     }
 }

From ef4f31c3987399e39d5f94af6d252eb063794319 Mon Sep 17 00:00:00 2001
From: Sandesh Kumar <kusandes@amazon.com>
Date: Wed, 30 Aug 2023 20:04:42 -0700
Subject: [PATCH 2/2] fix

Signed-off-by: Sandesh Kumar <kusandes@amazon.com>
---
 build.gradle | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 7ee86f1aa..9f64f9a5b 100644
--- a/build.gradle
+++ b/build.gradle
@@ -159,9 +159,10 @@ dependencies {
     zipArchive group: 'org.opensearch.plugin', name:'notifications', version: "${opensearch_build}"
 
     //spotless
-    implementation('com.google.googlejavaformat:google-java-format:32.0.1') {
+    implementation('com.google.googlejavaformat:google-java-format:1.17.0') {
         exclude group: 'com.google.guava'
     }
+    implementation 'com.google.guava:guava:32.0.1-jre'
 }
 
 // RPM & Debian build