From a580ab6b95f6218c35ee102f6b6c8ed19f55d00e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=A0est=C3=A1k=20V=C3=ADt?= <Vit.Sestak@ysoft.com>
Date: Wed, 9 Mar 2016 10:45:06 +0100
Subject: [PATCH] Evicted a vulnerable library. Althought the vulnerability
 does not seem to be triggerable, this should make it future-proof.

---
 build.sbt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/build.sbt b/build.sbt
index ade9185..5572732 100644
--- a/build.sbt
+++ b/build.sbt
@@ -81,6 +81,8 @@ libraryDependencies += "com.google.caliper" % "caliper" % "1.0-beta-2"
 
 libraryDependencies += "org.apache.httpcomponents" % "httpclient" % "4.3.6" // evict the vulnerable version
 
+libraryDependencies += "commons-collections" % "commons-collections" % "3.2.2" // evict the vulnerable version
+
 routesImport += "binders.QueryBinders._"
 
 // Uncomment to use Akka