From d07fc69e318b09d3db265376ebfa691fefe05725 Mon Sep 17 00:00:00 2001
From: jianming tu <tu_jm@yahoo.com>
Date: Thu, 23 May 2024 11:25:44 -0700
Subject: [PATCH 1/3] fix backend vulnerabilities

---
 src/backend/ai-reviewer-api/pom.xml                | 2 +-
 src/backend/ai-reviewer-mock-api/pom.xml           | 2 +-
 src/backend/libs/ai-bom/pom.xml                    | 2 +-
 src/backend/libs/ai-diligen-client-starter/pom.xml | 4 ++--
 src/backend/libs/ai-diligen-client/pom.xml         | 4 ++--
 src/backend/libs/ai-mail-it/pom.xml                | 2 +-
 6 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/backend/ai-reviewer-api/pom.xml b/src/backend/ai-reviewer-api/pom.xml
index 8674575f..6cc19015 100644
--- a/src/backend/ai-reviewer-api/pom.xml
+++ b/src/backend/ai-reviewer-api/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<artifactId>spring-boot-starter-parent</artifactId>
 		<groupId>org.springframework.boot</groupId>
-		<version>3.1.3</version>
+		<version>3.2.5</version>
 		<relativePath/>
 	</parent>
 	<groupId>ca.bc.gov.open.jag</groupId>
diff --git a/src/backend/ai-reviewer-mock-api/pom.xml b/src/backend/ai-reviewer-mock-api/pom.xml
index 59e32c90..d8cdf736 100644
--- a/src/backend/ai-reviewer-mock-api/pom.xml
+++ b/src/backend/ai-reviewer-mock-api/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>3.1.3</version>
+		<version>3.2.5</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 	<groupId>ca.bc.gov.open.jag</groupId>
diff --git a/src/backend/libs/ai-bom/pom.xml b/src/backend/libs/ai-bom/pom.xml
index b192eaf5..8d37533e 100644
--- a/src/backend/libs/ai-bom/pom.xml
+++ b/src/backend/libs/ai-bom/pom.xml
@@ -35,7 +35,7 @@
         <org.openapitools.version>0.2.1</org.openapitools.version>
         <org.springdoc.version>1.7.0</org.springdoc.version>
         <org.threeten.version>1.5.1</org.threeten.version>
-        <org.json.version>20230227</org.json.version>
+        <org.json.version>[20231013,)</org.json.version>
         
         <com.google.code.gson.version>2.8.9</com.google.code.gson.version>
         <log4j2.version>2.17.1</log4j2.version>
diff --git a/src/backend/libs/ai-diligen-client-starter/pom.xml b/src/backend/libs/ai-diligen-client-starter/pom.xml
index 49ac443a..b12f0a36 100644
--- a/src/backend/libs/ai-diligen-client-starter/pom.xml
+++ b/src/backend/libs/ai-diligen-client-starter/pom.xml
@@ -56,7 +56,7 @@
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
-                <version>3.1.3</version>
+                <version>3.1.6</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -84,7 +84,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
-                <version>3.1.2</version>
+                <version>3.2.2</version>
             </plugin>
 
             <plugin>
diff --git a/src/backend/libs/ai-diligen-client/pom.xml b/src/backend/libs/ai-diligen-client/pom.xml
index c534f4ce..2ee206ad 100644
--- a/src/backend/libs/ai-diligen-client/pom.xml
+++ b/src/backend/libs/ai-diligen-client/pom.xml
@@ -159,7 +159,7 @@
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
-                <version>3.1.3</version>
+                <version>3.1.6</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -179,7 +179,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
-                <version>3.1.2</version>
+                <version>3.2.2</version>
             </plugin>
 
             <plugin>
diff --git a/src/backend/libs/ai-mail-it/pom.xml b/src/backend/libs/ai-mail-it/pom.xml
index f12ae5d0..850786de 100644
--- a/src/backend/libs/ai-mail-it/pom.xml
+++ b/src/backend/libs/ai-mail-it/pom.xml
@@ -114,7 +114,7 @@
 			<dependency>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-dependencies</artifactId>
-				<version>3.1.3</version>
+				<version>3.1.6</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>

From 5e5a6f78918e62f2576558ef65f6854b3926172f Mon Sep 17 00:00:00 2001
From: jianming tu <tu_jm@yahoo.com>
Date: Thu, 23 May 2024 11:29:05 -0700
Subject: [PATCH 2/3] fix frontend docker base image

---
 src/frontend/ai-reviewer-admin/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/frontend/ai-reviewer-admin/Dockerfile b/src/frontend/ai-reviewer-admin/Dockerfile
index 50cb8c96..33a0e815 100644
--- a/src/frontend/ai-reviewer-admin/Dockerfile
+++ b/src/frontend/ai-reviewer-admin/Dockerfile
@@ -1,5 +1,5 @@
 # pull official base image
-FROM node:16-alpine as build
+FROM node:18-alpine as build
 
 ARG SERVICE_NAME
 
@@ -16,7 +16,7 @@ RUN yarn build --production=true
 #############################################################################################
 ###                                 PRODUCTION IMAGE                                      ###
 #############################################################################################
-FROM nginx:1.23.3-alpine
+FROM nginx:1.26.0-alpine
 
 RUN rm -rf /usr/share/nginx/html/
 COPY --from=build /app/build /usr/share/nginx/html

From 39d7ed32abbd6071bfab3854019546b4bedd9d38 Mon Sep 17 00:00:00 2001
From: jianming tu <tu_jm@yahoo.com>
Date: Thu, 23 May 2024 11:30:36 -0700
Subject: [PATCH 3/3] fix dependbots

---
 src/frontend/ai-reviewer-admin/package.json | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/frontend/ai-reviewer-admin/package.json b/src/frontend/ai-reviewer-admin/package.json
index f5512ad9..3cf5d47e 100644
--- a/src/frontend/ai-reviewer-admin/package.json
+++ b/src/frontend/ai-reviewer-admin/package.json
@@ -63,6 +63,8 @@
     ]
   },
   "resolutions": {
-    "nth-check": "^2.0.1" 
+    "nth-check": "^2.0.1",
+    "webpack-dev-middleware": "^5.3.4",
+    "@babel/traverse": "7.23.2"
  }    
 }