From b916868f3e9b3fc888de9f65c5ccbd17223b4478 Mon Sep 17 00:00:00 2001
From: Rohit Ashiwal <rashiwal@amazon.com>
Date: Tue, 5 Mar 2024 21:50:08 +0530
Subject: [PATCH] force resolve logback deps to mitigate CVE-2023-6378 (#1125)

---
 build.gradle | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/build.gradle b/build.gradle
index d54dbdc22..4bcabfad8 100644
--- a/build.gradle
+++ b/build.gradle
@@ -175,6 +175,10 @@ dependencies {
             attribute(Bundling.BUNDLING_ATTRIBUTE, objects.named(Bundling, Bundling.EXTERNAL))
         }
     }
+    configurations.ktlint {
+        resolutionStrategy.force "ch.qos.logback:logback-core:1.2.13"
+        resolutionStrategy.force "ch.qos.logback:logback-classic:1.2.13"
+    }
 }
 
 repositories {