From 05609efd8789328378caad23d69d611903f08bc9 Mon Sep 17 00:00:00 2001
From: Mohammad Iqbal <mohammad.iqbal27@nhs.net>
Date: Fri, 5 Jan 2024 14:48:41 +0000
Subject: [PATCH] [PRMT-4325] - Declared strict versions for snakeyaml and
 guava

---
 build.gradle | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/build.gradle b/build.gradle
index 3a7189b..d7d65c7 100644
--- a/build.gradle
+++ b/build.gradle
@@ -28,15 +28,13 @@ jar {
 }
 
 dependencies {
+    implementation('com.google.guava:guava') { version { strictly '32.1.3-jre' } }
+
+    implementation('org.yaml:snakeyaml') { version { strictly '2.2' } }
+
     implementation 'org.springframework.boot:spring-boot-starter'
-    constraints {
-        implementation('org.yaml:snakeyaml:2.2') {
-            because 'snakeyaml < 2.0 is vulnerable'
-        }
-    }
     implementation 'org.springframework.boot:spring-boot-starter-web'
 
-
     implementation('io.netty:netty-buffer') { version { strictly '4.1.104.Final' } }
     implementation('io.netty:netty-codec') { version { strictly '4.1.104.Final' } }
     implementation('io.netty:netty-codec-http') { version { strictly '4.1.104.Final' } }