fix: support for zoned iso date deser (#204)

aaron-steinfeld · web-flow · commit 7f1aa02e5866 · 2023-11-30T16:12:52.000-05:00
* fix: support for zoned iso date deser

* chore: update suppressions
diff --git a/hypertrace-core-graphql b/hypertrace-core-graphql
@@ -1 +1 @@
-Subproject commit beeb208f19cf46b7e7f001e59abdf7be18209e44
+Subproject commit 6b980ed08b6b9cc518587bbc7129ca29a8dd7206
diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
@@ -9,15 +9,7 @@
     <cpe>cpe:/a:utils_project:utils</cpe>
     <cpe>cpe:/a:processing:processing</cpe>
   </suppress>
-  <suppress>
-    <notes><![CDATA[
-   file name: graphql-java-annotations-9.1.jar
-   ]]></notes>
-    <packageUrl regex="true">^pkg:maven/io\.github\.graphql\-java/graphql\-java\-annotations@.*$
-    </packageUrl>
-    <cpe>cpe:/a:graphql-java:graphql-java</cpe>
-  </suppress>
-  <suppress until="2023-11-30Z">
+  <suppress until="2023-12-31Z">
     <notes><![CDATA[
   This vulnerability is disputed, with the argument that SSL configuration is the responsibility of the client rather
   than the transport. The change in default is under consideration for the next major Netty release, revisit then.
@@ -29,7 +21,7 @@
     <packageUrl regex="true">^pkg:maven/io\.netty/netty.*@.*$</packageUrl>
     <vulnerabilityName>CVE-2023-4586</vulnerabilityName>
   </suppress>
-  <suppress until="2023-11-30Z">
+  <suppress until="2023-12-31Z">
     <notes><![CDATA[
    This CVE is declared fixed from 9.4.52, but the vuln db is not reflecting that. Suppress that specific version until
    db is updated.
@@ -39,7 +31,7 @@
     <packageUrl regex="true">^pkg:maven/org\.eclipse\.jetty/jetty\-servlets@9.4.53\..*$</packageUrl>
     <vulnerabilityName>CVE-2023-36479</vulnerabilityName>
   </suppress>
-  <suppress until="2023-11-30Z">
+  <suppress until="2023-12-31Z">
     <notes><![CDATA[
    file name: jackson-databind-2.15.2.jar
    ]]></notes>
