Fixed Snyk issues

.github/workflows/codeql-analysis.yml

@@ -14,7 +14,7 @@ name: "CodeQL"
 on:
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: '*'
+    branches: [ master ]
 
 jobs:
   analyze:
@@ -48,21 +48,34 @@ jobs:
         # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
         # queries: security-extended,security-and-quality
 
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-#    - name: Autobuild
-#      uses: github/codeql-action/autobuild@v2
+
+          # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+          # If this step fails, then you should remove it and run the build manually (see below)
+    # - name: Autobuild
+    #   uses: github/codeql-action/autobuild@v2
+
+    # Conditional build steps based on the language
+    # Custom build steps
+    - name: Set up JDK 8
+      if: matrix.language == 'java'
+      uses: actions/setup-java@v3
+      with:
+        java-version: '8'
+        distribution: 'temurin'  # You can use 'zulu' or other distributions if preferred
 
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+    - name: Build with Maven
+      if: matrix.language == 'java'
+      run: mvn -B package --file pom.xml
 
-    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
-    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+          # ℹ️ Command-line programs to run using the OS shell.
+          # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
-    # - run: |
-    #   echo "Run, Build Application using script"
-    #   ./location_of_script_within_repo/buildscript.sh
+          #   If the Autobuild fails above, remove it and uncomment the following three lines. 
+          #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
 
+          # - run: |
+          #   echo "Run, Build Application using script"
+          #   ./location_of_script_within_repo/buildscript.sh
+
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v2

.github/workflows/maven.yml

@@ -16,9 +16,10 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
-    - name: Set up JDK 1.8
-      uses: actions/setup-java@v1
+    - name: Set up JDK 8
+      uses: actions/setup-java@v3
       with:
-        java-version: 1.8
+        java-version: '8'
+        distribution: 'temurin'  # You can use 'zulu' or other distributions if preferred
     - name: Build with Maven
-      run: mvn -B package --file pom.xml
+      run: mvn -B package --file pom.xml

.github/workflows/sca-scan.yml

@@ -8,8 +8,8 @@ jobs:
     steps:
       - uses: actions/checkout@master
       - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/node@master
+        uses: snyk/actions/maven@master
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
-          args: --all-projects --fail-on=all
+          args: --fail-on=all

.gitignore

@@ -131,3 +131,6 @@ Temporary Items
 .project
 */target/**
 /.env
+
+.vscode/
+target/*

pom.xml

@@ -11,21 +11,30 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.1.4</version>
+        <!-- <version>3.1.11</version> -->
+        <version>2.7.13</version>
     </parent>
 
     <properties>
-        <java.version>1.8</java.version>
-        <spring-boot.version>3.1.4</spring-boot.version>
+        <!-- <java.version>8</java.version>
+        <spring-boot.version>3.2.0</spring-boot.version>
         <json-smart.version>5.2.2</json-smart.version>
-        <contentstack.version>1.12.2</contentstack.version>
+        <contentstack.version>1.13.0</contentstack.version> -->
+        <java.version>1.8</java.version> <!-- Updated to match JDK 8 syntax -->
+        <spring-boot.version>2.7.13</spring-boot.version> <!-- Matching Spring Boot version -->
+        <json-smart.version>5.2.2</json-smart.version>
+        <contentstack.version>1.13.0</contentstack.version>
+        <maven.compiler.source>1.8</maven.compiler.source> <!-- Source version -->
+        <maven.compiler.target>1.8</maven.compiler.target> <!-- Target version -->
+        <maven.compiler.verbose>true</maven.compiler.verbose> 
     </properties>
 
     <dependencies>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
-            <version>${spring-boot.version}</version>
+            <!-- <version>${spring-boot.version}</version> -->
+            <version>3.2.7</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -35,17 +44,19 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-thymeleaf</artifactId>
-            <version>${spring-boot.version}</version>
+            <!-- <version>${spring-boot.version}</version> -->
+            <version>3.0.10</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter</artifactId>
-            <version>${spring-boot.version}</version>
+            <!-- <version>${spring-boot.version}</version> -->
+            <version>3.2.1</version>
         </dependency>
         <dependency>
             <groupId>com.contentstack.sdk</groupId>
             <artifactId>java</artifactId>
-            <version>1.12.2</version>
+            <version>1.13.0</version>
         </dependency>
         <dependency>
             <groupId>io.github.cdimascio</groupId>
@@ -60,7 +71,18 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
-                <version>3.1.4</version>
+                <version>2.7.13</version>
+            </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.11.0</version>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                    <verbose>true</verbose>
+                </configuration>
             </plugin>
         </plugins>
     </build>