This PR updates dependencies identified by Snyk as vulnerable.
common-compress - The SDK already using the fixed version, but due to Maven bug MNG-7982, the version is not propagated to the e2e test project. This PR declares common-compress as a direct dependency to work around the issue.
bouncycastle - the Snyk-identified vulnerability doesn't seem to resolved even in the latest BC version, so we just upgrade BC to the latest version, and we will see if the warning disappears.
This PR updates dependencies identified by Snyk as vulnerable.
common-compress
- The SDK already using the fixed version, but due to Maven bug MNG-7982, the version is not propagated to the e2e test project. This PR declarescommon-compress
as a direct dependency to work around the issue.bouncycastle
- the Snyk-identified vulnerability doesn't seem to resolved even in the latest BC version, so we just upgrade BC to the latest version, and we will see if the warning disappears.