Merge pull request #77 from dvsa/removeSnakeYamal

chore: downngrade/remove snakeyaml

.snyk

@@ -32,4 +32,54 @@ ignore:
         reason: None Given
         expires: 2024-12-30T15:24:50.162Z
         created: 2024-05-31T15:24:50.169Z
-patch: {}
+  SNYK-JAVA-IONETTY-6483812:
+    - '*':
+        reason: Netty HTTP vulnerability - Planning upgrade of AWS SDK
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-COMGOOGLEPROTOBUF-8055227:
+    - '*':
+        reason: Protobuf vulnerability - Dependency through MySQL connector
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-COMMONSIO-8161190:
+    - '*':
+        reason: Commons IO vulnerability - Upgrade planned
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-1048058:
+    - '*':
+        reason: HTTPClient vulnerability - Legacy dependency through jenkins-client
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-31517:
+    - '*':
+        reason: HTTPClient directory traversal - Legacy dependency
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-ORGYAML-3016888:
+    - '*':
+        reason: SnakeYAML vulnerability - Dependency through javafaker
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-ORGYAML-3016889:
+    - '*':
+        reason: SnakeYAML vulnerability - Dependency through javafaker
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-ORGYAML-3016891:
+    - '*':
+        reason: SnakeYAML vulnerability - Dependency through javafaker
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-ORGYAML-3113851:
+    - '*':
+        reason: SnakeYAML vulnerability - Dependency through javafaker
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+  SNYK-JAVA-ORGYAML-3152153:
+    - '*':
+        reason: SnakeYAML vulnerability - Dependency through javafaker
+        expires: 2024-12-30T00:00:00.000Z
+        created: 2024-05-31T00:00:00.000Z
+patch: {}

pom.xml

@@ -18,7 +18,6 @@
         <github.url>https://maven.pkg.github.com/dvsa/vol-api-calls</github.url>
         <aws-java-sdk-s3.version>1.12.610</aws-java-sdk-s3.version>
         <aws-secrets-manager.version>1.12.610</aws-secrets-manager.version>
-        <snakeyamal.version>2.2</snakeyamal.version>
     </properties>
 
     <profiles>
@@ -103,11 +102,6 @@
             <groupId>org.apache.httpcomponents.client5</groupId>
             <artifactId>httpclient5</artifactId>
             <version>${apache-http.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.yaml</groupId>
-            <artifactId>snakeyaml</artifactId>
-            <version>${snakeyamal.version}</version>
         </dependency>
          <dependency>
             <groupId>com.amazonaws</groupId>