From 868f6155e84d5ac9a0a4b198c1175ba218611cf5 Mon Sep 17 00:00:00 2001
From: Rohit Ashiwal <rashiwal@amazon.com>
Date: Tue, 5 Mar 2024 21:12:48 +0530
Subject: [PATCH] force resolve logback deps to mitigate CVE-2023-6378

Signed-off-by: Rohit Ashiwal <rashiwal@amazon.com>
---
 build.gradle | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/build.gradle b/build.gradle
index d54dbdc22..4bcabfad8 100644
--- a/build.gradle
+++ b/build.gradle
@@ -175,6 +175,10 @@ dependencies {
             attribute(Bundling.BUNDLING_ATTRIBUTE, objects.named(Bundling, Bundling.EXTERNAL))
         }
     }
+    configurations.ktlint {
+        resolutionStrategy.force "ch.qos.logback:logback-core:1.2.13"
+        resolutionStrategy.force "ch.qos.logback:logback-classic:1.2.13"
+    }
 }
 
 repositories {