From f918c8f9ee2f7aa0c25ed1029c070d2385a05fe4 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 29 Sep 2022 23:24:40 +0000
Subject: [PATCH] fix: dsl-backwards/pom.xml & cloudify/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMMONSBEANUTILS-30077
- https://snyk.io/vuln/SNYK-JAVA-COMMONSIO-1277109
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSGROOVY-1048694
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSGROOVY-31078
---
 cloudify/pom.xml      | 2 +-
 dsl-backwards/pom.xml | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/cloudify/pom.xml b/cloudify/pom.xml
index a34a39c707..f2ef368358 100644
--- a/cloudify/pom.xml
+++ b/cloudify/pom.xml
@@ -31,7 +31,7 @@
 		<cloudifyVersion>${project.version}</cloudifyVersion>
 		<sigarVersion>1.6.5</sigarVersion>
 		<sigarDistributionVersion>1.6.5.132</sigarDistributionVersion>
-		<groovyVersion>1.8.6</groovyVersion>
+		<groovyVersion>2.4.21</groovyVersion>
 		<asmVersion>3.2</asmVersion>
 	</properties>
 
diff --git a/dsl-backwards/pom.xml b/dsl-backwards/pom.xml
index 4041cd9792..522c6d41fe 100644
--- a/dsl-backwards/pom.xml
+++ b/dsl-backwards/pom.xml
@@ -30,7 +30,7 @@
         <dependency>
             <groupId>commons-beanutils</groupId>
             <artifactId>commons-beanutils</artifactId>
-            <version>1.8.3</version>
+            <version>1.9.2</version>
             <exclusions>
                 <!-- Exclude commons logging - because the scope of beanutils is compile,
                     the assembly plugin adds commons logging to the dsl jar file -->
@@ -59,7 +59,7 @@
         <dependency>
             <groupId>commons-validator</groupId>
             <artifactId>commons-validator</artifactId>
-            <version>1.4.0</version>
+            <version>1.5.0</version>
             <scope>compile</scope>
         </dependency>
         <dependency>
@@ -82,7 +82,7 @@
         <dependency>
             <groupId>commons-io</groupId>
             <artifactId>commons-io</artifactId>
-            <version>2.0.1</version>
+            <version>2.7</version>
         </dependency>
         <dependency>
             <groupId>org.apache.ivy</groupId>