From 8c3e5e2df64829f728ebc14141b22a5a0a1517ba Mon Sep 17 00:00:00 2001
From: Aliaksandr Stsiapanay <aliaksandr_stsiapanay@epam.com>
Date: Thu, 14 Nov 2024 14:27:31 +0300
Subject: [PATCH] fix: Fix security vulnerability (#27)

Co-authored-by: Andrei Tataranovich <andrei_tataranovich@epam.com>
---
 .github/workflows/pr.yml |  2 +-
 build.gradle             |  2 +-
 trivy.yaml               | 13 +++++++++++++
 3 files changed, 15 insertions(+), 2 deletions(-)
 create mode 100644 trivy.yaml

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 8fe83ef..5e2ecb3 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -6,5 +6,5 @@ on:
 
 jobs:
   run_tests:
-    uses: epam/ai-dial-ci/.github/workflows/java_pr.yml@1.6.1
+    uses: epam/ai-dial-ci/.github/workflows/java_pr.yml@1.9.4
     secrets: inherit
diff --git a/build.gradle b/build.gradle
index 857b541..2627be1 100644
--- a/build.gradle
+++ b/build.gradle
@@ -50,7 +50,7 @@ dependencies {
         }
     }
 
-    implementation("org.springframework.boot:spring-boot-starter-web:3.2.3")
+    implementation("org.springframework.boot:spring-boot-starter-web:3.3.5")
 
     implementation("com.auth0:java-jwt:4.4.0")
     implementation("com.auth0:jwks-rsa:0.22.1")
diff --git a/trivy.yaml b/trivy.yaml
new file mode 100644
index 0000000..f595cea
--- /dev/null
+++ b/trivy.yaml
@@ -0,0 +1,13 @@
+# Trivy configuration file
+# https://aquasecurity.github.io/trivy/latest/docs/references/configuration/config-file/
+# Can be deleted after public ecr mirror will be added by default
+db:
+  no-progress: true
+  repository:
+    - ghcr.io/aquasecurity/trivy-db:2
+    - public.ecr.aws/aquasecurity/trivy-db:2
+  java-repository:
+    - ghcr.io/aquasecurity/trivy-java-db:1
+    - public.ecr.aws/aquasecurity/trivy-java-db:1
+misconfiguration:
+  checks-bundle-repository: public.ecr.aws/aquasecurity/trivy-checks