Patch to fix snakeyaml vulnerability (#7)

* Patch to fix snakeyaml vulnerability

easy-random-bean-validation/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <artifactId>easy-random</artifactId>
         <groupId>io.github.dvgaba</groupId>
-        <version>6.0.1</version>
+        <version>6.0.2-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

easy-random-core/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <artifactId>easy-random</artifactId>
         <groupId>io.github.dvgaba</groupId>
-        <version>6.0.1</version>
+        <version>6.0.2-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

easy-random-randomizers/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <artifactId>easy-random</artifactId>
         <groupId>io.github.dvgaba</groupId>
-        <version>6.0.1</version>
+        <version>6.0.2-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
@@ -56,6 +56,26 @@
         <dependency>
             <groupId>com.github.javafaker</groupId>
             <artifactId>javafaker</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.yaml</groupId>
+                     <artifactId>snakeyaml</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.yaml</groupId>
+            <artifactId>snakeyaml</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.apache.velocity</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.velocity</groupId>
+            <artifactId>velocity-engine-core</artifactId>
         </dependency>
         <dependency>
             <groupId>org.junit.jupiter</groupId>

pom.xml

@@ -10,7 +10,7 @@
 
     <groupId>io.github.dvgaba</groupId>
     <artifactId>easy-random</artifactId>
-    <version>6.0.1</version>
+    <version>6.0.2-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <name>Easy Random</name>
@@ -29,6 +29,8 @@
         <hibernate-validator.version>6.1.6.Final</hibernate-validator.version>
         <javax.el.version>3.0.0</javax.el.version>
         <mockito.version>4.6.1</mockito.version>
+        <snakeyaml.version>1.30</snakeyaml.version>
+        <velocity-engine-core.version>2.3</velocity-engine-core.version>
         <maven-surefire-plugin.version>2.22.2</maven-surefire-plugin.version>
         <maven-compiler-plugin.version>3.10.1</maven-compiler-plugin.version>
         <maven-release-plugin.version>2.5.3</maven-release-plugin.version>
@@ -155,6 +157,17 @@
                 <artifactId>mockito-junit-jupiter</artifactId>
                 <version>${mockito.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.yaml</groupId>
+                <artifactId>snakeyaml</artifactId>
+                <version>${snakeyaml.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.velocity</groupId>
+                <artifactId>velocity-engine-core</artifactId>
+                <version>${velocity-engine-core.version}</version>
+            </dependency>
+
         </dependencies>
     </dependencyManagement>