From 825afb76fc75fc6d418d5ee7346b4d464f0f22c5 Mon Sep 17 00:00:00 2001
From: A Brooks <alys@gaiwan.co>
Date: Mon, 27 Mar 2023 16:13:50 -0500
Subject: [PATCH 1/2]  Bump uri library to address security issue.

uri library change is "Treat a backslash in the authority section as a delimiter which starts the path section (CVE-2023-28628)."
---
 deps.edn | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deps.edn b/deps.edn
index d53c996..2e25d02 100644
--- a/deps.edn
+++ b/deps.edn
@@ -7,7 +7,7 @@
   hato/hato             {:mvn/version "0.8.1"}
   honeysql/honeysql     {:mvn/version "1.0.461"}
   io.replikativ/hasch   {:mvn/version "0.3.7"}
-  lambdaisland/uri      {:mvn/version "1.4.54"}}
+  lambdaisland/uri      {:mvn/version "1.14.120"}}
 
  :aliases
  {:dev

From ebdbfb82bfe7276541f771d03f81f0cb508168ea Mon Sep 17 00:00:00 2001
From: A Brooks <alys@gaiwan.co>
Date: Mon, 27 Mar 2023 16:22:04 -0500
Subject: [PATCH 2/2] Update other deps

I looked for other deps that may have security implications.
---
 deps.edn | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/deps.edn b/deps.edn
index 2e25d02..e921377 100644
--- a/deps.edn
+++ b/deps.edn
@@ -3,10 +3,10 @@
  :deps
  {org.clojure/clojure   {:mvn/version "1.10.3"}
   org.clojure/data.json {:mvn/version "2.3.1"}
-  buddy/buddy-sign      {:mvn/version "3.4.1"}
-  hato/hato             {:mvn/version "0.8.1"}
+  buddy/buddy-sign      {:mvn/version "3.4.333"}
+  hato/hato             {:mvn/version "0.9.0"}
   honeysql/honeysql     {:mvn/version "1.0.461"}
-  io.replikativ/hasch   {:mvn/version "0.3.7"}
+  io.replikativ/hasch   {:mvn/version "0.3.94"}
   lambdaisland/uri      {:mvn/version "1.14.120"}}
 
  :aliases
@@ -16,4 +16,4 @@
 
   :test
   {:extra-paths ["test"]
-   :extra-deps  {lambdaisland/kaocha {:mvn/version "1.0.861"}}}}}
+   :extra-deps  {lambdaisland/kaocha {:mvn/version "1.80.1274"}}}}}