From 7c61fd954cb485d11be10edcb2ccbee77a89454e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Sep 2023 11:25:59 -0500
Subject: [PATCH 1/4] dependabot: bump com.diffplug.spotless from 6.20.0 to
 6.21.0 (#3295)

Bumps com.diffplug.spotless from 6.20.0 to 6.21.0.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 76124bcf02..4e724b2ff4 100644
--- a/build.gradle
+++ b/build.gradle
@@ -61,7 +61,7 @@ plugins {
     id 'idea'
     id 'jacoco'
     id 'maven-publish'
-    id 'com.diffplug.spotless' version '6.20.0'
+    id 'com.diffplug.spotless' version '6.21.0'
     id 'checkstyle'
     id 'com.netflix.nebula.ospackage' version "11.4.0"
     id "org.gradle.test-retry" version "1.5.4"

From 6c694300610d50babfdec0d9b0726984d8af8c1c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Sep 2023 18:30:18 +0200
Subject: [PATCH 2/4] dependabot: bump org.apache.httpcomponents:fluent-hc from
 4.5.13 to 4.5.14 (#3292)

Bumps org.apache.httpcomponents:fluent-hc from 4.5.13 to 4.5.14.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.httpcomponents:fluent-hc&package-manager=gradle&previous-version=4.5.13&new-version=4.5.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 4e724b2ff4..7352b9ed25 100644
--- a/build.gradle
+++ b/build.gradle
@@ -586,7 +586,7 @@ dependencies {
     testImplementation 'com.github.stephenc.jcip:jcip-annotations:1.0-1'
     testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.14'
     testImplementation 'javax.servlet:servlet-api:2.5'
-    testImplementation 'org.apache.httpcomponents:fluent-hc:4.5.13'
+    testImplementation 'org.apache.httpcomponents:fluent-hc:4.5.14'
     testImplementation "org.apache.httpcomponents.client5:httpclient5-fluent:${versions.httpclient5}"
     testImplementation "org.apache.kafka:kafka_2.13:${kafka_version}"
     testImplementation "org.apache.kafka:kafka-group-coordinator:${kafka_version}"

From 3af850e38d2b272421a6f523376613c2607058bd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 5 Sep 2023 09:10:53 -0400
Subject: [PATCH 3/4] dependabot: bump com.github.wnameless.json:json-base from
 2.4.1 to 2.4.2 (#3293)

Bumps
[com.github.wnameless.json:json-base](https://github.com/wnameless/json-base)
from 2.4.1 to 2.4.2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/wnameless/json-base/commit/c95690e20eeacff7be276a56f9c73b28274c3666"><code>c95690e</code></a>
[maven-release-plugin] prepare release json-base-2.4.2</li>
<li><a
href="https://github.com/wnameless/json-base/commit/55b592ec9db943804415de12f0447eaecda9f52a"><code>55b592e</code></a>
Merge branch 'develop'</li>
<li><a
href="https://github.com/wnameless/json-base/commit/2472d8cb04c91d76e30fff3826f93afd413da2ac"><code>2472d8c</code></a>
Add license detail</li>
<li><a
href="https://github.com/wnameless/json-base/commit/125f770d1f2abdbcbae99da9ef172a0088d6953f"><code>125f770</code></a>
Upgrade POM</li>
<li><a
href="https://github.com/wnameless/json-base/commit/dea903fda4c0e8c80d9a24d20d4b56017406ba0a"><code>dea903f</code></a>
Update release-notes</li>
<li><a
href="https://github.com/wnameless/json-base/commit/a87237a0f358b2775984bd1aaecc50b2388ab8fe"><code>a87237a</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li>See full diff in <a
href="https://github.com/wnameless/json-base/compare/json-base-2.4.1...json-base-2.4.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.github.wnameless.json:json-base&package-manager=gradle&previous-version=2.4.1&new-version=2.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 7352b9ed25..66ccbf63aa 100644
--- a/build.gradle
+++ b/build.gradle
@@ -494,7 +494,7 @@ dependencies {
     implementation "io.jsonwebtoken:jjwt-impl:${jjwt_version}"
     implementation "io.jsonwebtoken:jjwt-jackson:${jjwt_version}"
     // JSON flattener
-    implementation ("com.github.wnameless.json:json-base:2.4.1") {
+    implementation ("com.github.wnameless.json:json-base:2.4.2") {
         exclude group: "org.glassfish", module: "jakarta.json"
         exclude group: "com.google.code.gson", module: "gson"
         exclude group: "org.json", module: "json"

From fd3a143be713a31c278386a21bd2236542101b7d Mon Sep 17 00:00:00 2001
From: Craig Perkins <cwperx@amazon.com>
Date: Tue, 5 Sep 2023 11:14:31 -0400
Subject: [PATCH 4/4] Use version of org.apache.commons:commons-lang3 defined
 in core (#3306)

Use version of org.apache.commons:commons-lang3 defined in core

Signed-off-by: Craig Perkins <cwperx@amazon.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 66ccbf63aa..f7cf539c77 100644
--- a/build.gradle
+++ b/build.gradle
@@ -572,7 +572,7 @@ dependencies {
 
 
     testImplementation "org.opensaml:opensaml-messaging-impl:${open_saml_version}"
-    implementation 'org.apache.commons:commons-lang3:3.13.0'
+    implementation "org.apache.commons:commons-lang3:${versions.commonslang}"
     testImplementation "org.opensearch:common-utils:${common_utils_version}"
     testImplementation "org.opensearch.plugin:reindex-client:${opensearch_version}"
     testImplementation "org.opensearch:opensearch-ssl-config:${opensearch_version}"