[2.19] Moved the commons-beanutils pinning to the core gradle file (#1893)

* moved the pinning to the core gradle file where the commons-validator dependency is present

Signed-off-by: Amardeepsingh Siglani <[email protected]>

* update commons-beanutils version to fix whitesource issues

Signed-off-by: Subhobrata Dey <[email protected]>

fix whitesource issue of commons-beanutils

Signed-off-by: Subhobrata Dey <[email protected]>

---------

Signed-off-by: Amardeepsingh Siglani <[email protected]>
Signed-off-by: Subhobrata Dey <[email protected]>
Co-authored-by: Subhobrata Dey <[email protected]>

Author: amsiglan

alerting/build.gradle

@@ -80,8 +80,6 @@ configurations.all {
         force "org.apache.httpcomponents:httpcore:${versions.httpcore}"
         // force the version until OpenSearch upgrade to an invulnerable one, https://www.whitesourcesoftware.com/vulnerability-database/WS-2.19.1379
         force "commons-codec:commons-codec:1.13"
-        // force commons-beanutils to a non-vulnerable version
-        force "commons-beanutils:commons-beanutils:1.11.0"
 
         // This is required because kotlin-coroutines-core 1.1.1 still requires kotlin stdlib 1.3.20 and we're using a higher kotlin version
         force "org.jetbrains.kotlin:kotlin-stdlib:${kotlin_version}"

core/build.gradle

@@ -15,7 +15,7 @@ dependencies {
     implementation "com.cronutils:cron-utils:9.1.7"
     api "org.opensearch.client:opensearch-rest-client:${opensearch_version}"
     api "org.opensearch:common-utils:${common_utils_version}@jar"
-    implementation 'commons-validator:commons-validator:1.7'
+    implementation 'commons-validator:commons-validator:1.10.0'
 
     testImplementation "org.opensearch.test:framework:${opensearch_version}"
     testImplementation "org.jetbrains.kotlin:kotlin-test:${kotlin_version}"