Updated dependencies and Mill

This fixes a security issue (medium severity) in logback-classic.

3 files changed, 8 insertions, 4 deletions

diff --git a/CHANGES.md b/CHANGES.md
index ce31585..0951508 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,5 +1,9 @@
 # What's new?
 
+## Release 1.3.4 - 2022-01-??
+
+ - Updated dependencies, this include a fix for CVE-2021-42550 in logback-classic.
+
 ## Release 1.3.2 - 2022-01-02
 
  - Fix: CGI directories are now resolved from more to less specific, independently of their order in the configuration file. This covers cases where for example 'dir' and 'dir/sub' are both CGI enabled.
diff --git a/build.sc b/build.sc
index 8f0b67d..83a7087 100644
--- a/build.sc
+++ b/build.sc
@@ -25,11 +25,11 @@ object server extends ScalaModule with ScalafmtModule with BuildInfo {
 
   def ivyDeps =
     Agg(
-      ivy"ch.qos.logback:logback-classic:1.2.7",
+      ivy"ch.qos.logback:logback-classic:1.2.10",
       ivy"com.github.pureconfig::pureconfig:0.17.1",
       ivy"com.github.scopt::scopt:4.0.1",
-      ivy"com.typesafe.akka::akka-stream:2.6.17",
-      ivy"org.bouncycastle:bcprov-jdk15to18:1.69",
+      ivy"com.typesafe.akka::akka-stream:2.6.18",
+      ivy"org.bouncycastle:bcprov-jdk15to18:1.70",
       ivy"org.log4s::log4s:1.10.0"
     )
 
diff --git a/mill b/mill
index a6207bc..054a823 100755
--- a/mill
+++ b/mill
@@ -3,7 +3,7 @@
 # This is a wrapper script, that automatically download mill from GitHub release pages
 # You can give the required mill version with MILL_VERSION env variable
 # If no version is given, it falls back to the value of DEFAULT_MILL_VERSION
-DEFAULT_MILL_VERSION=0.9.9
+DEFAULT_MILL_VERSION=0.9.12
 
 set -e