GH-225 Upgrade versions of redoc and swagger plugins

[mourjo]

Use latest versions of the swagger plugin and redoc plugin.

Fixes vulnerable dependencies from maven:org.webjars:swagger-ui:3.52.5
CVE-2021-46708 6.1 Improper Restriction of Rendered UI Layers or Frames vulnerability with Medium severity found
CVE-2018-25031 4.3 Improper Input Validation vulnerability with Medium severity found

[dzikoysk]

We're keeping the same versions on purpose, they're introducing breaking changes quite often and these CVEs are usually not really an issue for us. Did you test these 2 new versions? 🤔

[danshinton]

these CVEs are usually not really an issue for us

Are you sure they are not an issue? I have to write a justification for a security exception on this and it would be nice if there was an official statement from the project that these vulnerabilities do not apply.

[dzikoysk]

It's not the issue, but I've got some time to test it on my own & submit a patch. Let's jump to the latest version for both, Swagger & ReDoc 👌

[dzikoysk]

Released as 6.3.1-SNAPSHOT :)

[danshinton]

Nice! I just tested the Swagger plugin locally. Looks good! Thank you!

[dzikoysk]

Great! It'll be available in the next stable build alongside new Javalin version.