Upgrade JSON to 20231013 to fix CVE-2023-5072 (opensearch-project#912) (

opensearch-project#914) (cherry picked from commit b68990f) Signed-off-by: Derek Ho <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
peterzhuamazon · Oct 16, 2023 · bbef1eb · bbef1eb
1 parent 90c5d16
commit bbef1eb
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/build.gradle b/build.gradle
@@ -175,7 +175,7 @@ dependencies {
     implementation "org.jetbrains.kotlinx:kotlinx-coroutines-core:1.3.9"
     implementation "${group}:common-utils:${common_utils_version}"
     compileOnly "${group}:opensearch-job-scheduler-spi:${job_scheduler_version}"
-    implementation "org.json:json:20230227"
+    implementation "org.json:json:20231013"
     implementation group: 'com.github.wnameless.json', name: 'json-flattener', version: '0.15.1'
     // json-base, jackson-databind, jackson-annotations are transitive dependencies by json-flattener
     implementation group: 'com.github.wnameless.json', name: 'json-base', version: '2.2.1'