From 44780bcd43ab255e44795313725505081c15e161 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 1 Apr 2024 15:52:52 +0000
Subject: [PATCH 1/2] Bump the dependabot-dependency-updates group with 4
 updates

Bumps the dependabot-dependency-updates group with 4 updates: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson), [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck), [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) and [org.cyclonedx:cyclonedx-maven-plugin](https://github.com/CycloneDX/cyclonedx-maven-plugin).


Updates `com.fasterxml.jackson.core:jackson-databind` from 2.16.1 to 2.17.0
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `org.owasp:dependency-check-maven` from 9.0.9 to 9.1.0
- [Release notes](https://github.com/jeremylong/DependencyCheck/releases)
- [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jeremylong/DependencyCheck/compare/v9.0.9...v9.1.0)

Updates `org.apache.maven.plugins:maven-gpg-plugin` from 3.1.0 to 3.2.2
- [Release notes](https://github.com/apache/maven-gpg-plugin/releases)
- [Commits](https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.1.0...maven-gpg-plugin-3.2.2)

Updates `org.cyclonedx:cyclonedx-maven-plugin` from 2.7.11 to 2.8.0
- [Release notes](https://github.com/CycloneDX/cyclonedx-maven-plugin/releases)
- [Commits](https://github.com/CycloneDX/cyclonedx-maven-plugin/compare/cyclonedx-maven-plugin-2.7.11...cyclonedx-maven-plugin-2.8.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot-dependency-updates
- dependency-name: org.owasp:dependency-check-maven
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot-dependency-updates
- dependency-name: org.apache.maven.plugins:maven-gpg-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot-dependency-updates
- dependency-name: org.cyclonedx:cyclonedx-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot-dependency-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pom.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/pom.xml b/pom.xml
index cafe740a..144d0d0e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -130,7 +130,7 @@
 			<plugin>
 				<groupId>org.owasp</groupId>
 				<artifactId>dependency-check-maven</artifactId>
-				<version>9.0.9</version>
+				<version>9.1.0</version>
 				<executions>
 					<execution>
 						<goals>
@@ -177,7 +177,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-gpg-plugin</artifactId>
-				<version>3.1.0</version>
+				<version>3.2.2</version>
 				<executions>
 					<execution>
 						<id>sign-artifacts</id>
@@ -204,7 +204,7 @@
 			<plugin>
 				<groupId>org.cyclonedx</groupId>
 				<artifactId>cyclonedx-maven-plugin</artifactId>
-				<version>2.7.11</version>
+				<version>2.8.0</version>
 				<executions>
 					<execution>
 						<phase>package</phase>
@@ -240,7 +240,7 @@
 		<dependency>
 			<groupId>com.fasterxml.jackson.core</groupId>
 			<artifactId>jackson-databind</artifactId>
-			<version>2.16.1</version>
+			<version>2.17.0</version>
 		</dependency>
 		<dependency>
 			<groupId>org.jacoco</groupId>

From 7b1d78ce95b78868c9ff930c8b092ebca23c7bc9 Mon Sep 17 00:00:00 2001
From: Alex Railean <alexander.railean@siemens.com>
Date: Wed, 17 Apr 2024 15:55:50 +0200
Subject: [PATCH 2/2] Update pom.xml

Use newer BouncyCastle
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 144d0d0e..2f0dcf9c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -230,7 +230,7 @@
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcpkix-jdk18on</artifactId>
-			<version>1.77</version>
+			<version>1.78</version>
 		</dependency>
 		<dependency>
 			<groupId>org.slf4j</groupId>