From b29e1d46f7e953e1136cbcc963cf4664d2163251 Mon Sep 17 00:00:00 2001
From: Eduardo Sanchez-Ros <esanchezros@yahoo.es>
Date: Sun, 27 Aug 2023 13:37:21 +0200
Subject: [PATCH] Upgrade spring boot dependencies and fix snakeyaml
 vulnerability

---
 README.adoc | 8 ++++----
 pom.xml     | 8 +++++++-
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/README.adoc b/README.adoc
index 7cb237d..1a70755 100644
--- a/README.adoc
+++ b/README.adoc
@@ -1,6 +1,6 @@
 image:https://dl.circleci.com/status-badge/img/gh/esanchezros/quickfixj-spring-boot-starter/tree/main.svg?style=shield["CircleCI", link="https://dl.circleci.com/status-badge/redirect/gh/esanchezros/quickfixj-spring-boot-starter/tree/main"]
 image:https://codecov.io/gh/esanchezros/quickfixj-spring-boot-starter/branch/main/graph/badge.svg?token=DhK6IBGZMS["codecov",link="https://codecov.io/gh/esanchezros/quickfixj-spring-boot-starter"]
-image:https://img.shields.io/badge/maven%20central-v2.15.4-blue.svg["Maven Central",link="https://search.maven.org/#search%7Cga%7C1%7Ca%3A%22quickfixj-spring-boot-starter%22"]
+image:https://img.shields.io/badge/maven%20central-v2.16.1-blue.svg["Maven Central",link="https://search.maven.org/#search%7Cga%7C1%7Ca%3A%22quickfixj-spring-boot-starter%22"]
 image:https://img.shields.io/hexpm/l/plug.svg["Apache 2",link="http://www.apache.org/licenses/LICENSE-2.0"]
 image:https://img.shields.io/badge/quickfixj-2.3.1-blue.svg["QuickFIX/J 2.3.1", link="https://github.com/quickfix-j/quickfixj"]
 image:https://app.codacy.com/project/badge/Grade/1c6bf92b53324a45ba587e061dc6547d["Codacy code quality", link="https://www.codacy.com/gh/esanchezros/quickfixj-spring-boot-starter/dashboard?utm_source=github.com&utm_medium=referral&utm_content=esanchezros/quickfixj-spring-boot-starter&utm_campaign=Badge_Grade"]
@@ -19,7 +19,7 @@ To use the QuickFIX/J Server or QuickFIX/J Client you need to add the QuickFIX/J
 <dependency>
     <groupId>io.allune</groupId>
     <artifactId>quickfixj-spring-boot-starter</artifactId>
-    <version>2.15.4</version>
+    <version>2.16.1</version>
 </dependency>
 ----
 
@@ -327,7 +327,7 @@ To enable the actuator endpoints you will also have to add the QuickFIX/J Spring
 <dependency>
     <groupId>io.allune</groupId>
     <artifactId>quickfixj-spring-boot-actuator</artifactId>
-    <version>2.15.4</version>
+    <version>2.16.1</version>
 </dependency>
 ----
 
@@ -724,7 +724,7 @@ To enable the actuator endpoints you will also have to add the QuickFIX/J Spring
 <dependency>
     <groupId>io.allune</groupId>
     <artifactId>quickfixj-spring-boot-actuator</artifactId>
-    <version>2.15.4</version>
+    <version>2.16.1</version>
 </dependency>
 ----
 
diff --git a/pom.xml b/pom.xml
index 02f9870..1ac54dc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -75,11 +75,17 @@
 				<!-- Import dependency management from Spring Boot -->
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-dependencies</artifactId>
-				<version>2.7.12</version>
+				<version>2.7.15</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
 
+			<dependency>
+				<groupId>org.yaml</groupId>
+				<artifactId>snakeyaml</artifactId>
+				<version>2.1</version>
+			</dependency>
+
 			<dependency>
 				<groupId>io.allune</groupId>
 				<artifactId>quickfixj-spring-boot-dependencies</artifactId>