From bf81c2b2a2fef112772e0cf03ec7d8a96f6ce942 Mon Sep 17 00:00:00 2001
From: Mathias Brunkow Moser <matbmoser@gmail.com>
Date: Tue, 28 Feb 2023 10:24:54 +0100
Subject: [PATCH 1/2] Updated snakeyaml to version v2.0

---
 DEPENDENCIES_BACKEND                 | 2 +-
 consumer-backend/productpass/pom.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/DEPENDENCIES_BACKEND b/DEPENDENCIES_BACKEND
index a34eb4bfa..65f2fbbb4 100644
--- a/DEPENDENCIES_BACKEND
+++ b/DEPENDENCIES_BACKEND
@@ -128,4 +128,4 @@ maven/mavencentral/org.springframework/spring-webflux/6.0.4, Apache-2.0, approve
 maven/mavencentral/org.springframework/spring-webmvc/6.0.4, Apache-2.0, approved, #5944
 maven/mavencentral/org.webjars/swagger-ui/4.15.5, Apache-2.0 AND MIT, approved, #5921
 maven/mavencentral/org.webjars/webjars-locator-core/0.52, MIT, approved, clearlydefined
-maven/mavencentral/org.yaml/snakeyaml/1.33, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.yaml/snakeyaml/2.0, , restricted, clearlydefined
diff --git a/consumer-backend/productpass/pom.xml b/consumer-backend/productpass/pom.xml
index 884f87276..4367a2172 100644
--- a/consumer-backend/productpass/pom.xml
+++ b/consumer-backend/productpass/pom.xml
@@ -66,7 +66,7 @@
         <dependency>
             <groupId>org.yaml</groupId>
             <artifactId>snakeyaml</artifactId>
-            <version>1.33</version>
+            <version>2.0</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>

From 2daf96457feaf01c56f926c30bbd43f6ede1b416 Mon Sep 17 00:00:00 2001
From: Mathias Brunkow Moser <matbmoser@gmail.com>
Date: Tue, 28 Feb 2023 10:31:24 +0100
Subject: [PATCH 2/2] Upgraded version in helm charts

---
 CHANGELOG.md                       | 7 +++++++
 charts/consumer-backend/Chart.yaml | 4 ++--
 charts/consumer-ui/Chart.yaml      | 4 ++--
 docs/RELEASE_USER.md               | 6 ++++++
 package-lock.json                  | 4 ++--
 package.json                       | 2 +-
 6 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 325a091e5..8aad33684 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,6 +20,13 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/e
 
 ## [released]
 
+## [0.4.5] - 2023-02-28
+
+# Security Issues
+- Insecure SnakeYaml library version 1.33 updated to Secure version 2.0
+
+## [released]
+
 ## [0.4.4] - 2023-02-27 
 
 ## Updated
diff --git a/charts/consumer-backend/Chart.yaml b/charts/consumer-backend/Chart.yaml
index e83a47776..1cbc6b017 100644
--- a/charts/consumer-backend/Chart.yaml
+++ b/charts/consumer-backend/Chart.yaml
@@ -29,10 +29,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.3
+version: 0.2.4
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.4.4"
+appVersion: "0.4.5"
diff --git a/charts/consumer-ui/Chart.yaml b/charts/consumer-ui/Chart.yaml
index 5049d4157..2b1c4590b 100644
--- a/charts/consumer-ui/Chart.yaml
+++ b/charts/consumer-ui/Chart.yaml
@@ -29,10 +29,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.3
+version: 0.2.4
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.4.4"
+appVersion: "0.4.5"
diff --git a/docs/RELEASE_USER.md b/docs/RELEASE_USER.md
index f6ec097b0..b0f56c194 100644
--- a/docs/RELEASE_USER.md
+++ b/docs/RELEASE_USER.md
@@ -16,6 +16,12 @@
 
 # Release Notes Digital Product Pass Application
 
+**February 28 (initial release, version 0.4.5)**  
+*28.02.2023*
+
+## Security Issues
+Updated security issues related with a library.
+
 **February 27 (initial release, version 0.4.4)**  
 *27.02.2023*
 
diff --git a/package-lock.json b/package-lock.json
index f3f96fbb1..589ef5801 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "productpass-consumer-ui",
-  "version": "0.4.4",
+  "version": "0.4.5",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "productpass-consumer-ui",
-      "version": "0.4.2",
+      "version": "0.4.5",
       "dependencies": {
         "@mdi/font": "5.9.55",
         "@popperjs/core": "^2.11.2",
diff --git a/package.json b/package.json
index 8f7386d0b..ac32ed943 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "productpass-consumer-ui",
-  "version": "0.4.4",
+  "version": "0.4.5",
   "private": true,
   "scripts": {
     "serve": "vite --host localhost",