Fjern sårbarhet i Netty (#336)

* Fjern sårbarhet i Netty

* Fjern ubrukt avhengighet

api/build.gradle.kts

@@ -1,4 +1,3 @@
-val altinnVersion: String by project
 val ktorVersion: String by project
 val lettuceVersion: String by project
 val mockOauth2ServerVersion: String by project
@@ -14,13 +13,19 @@ tasks {
 }
 
 dependencies {
+    constraints {
+        // En transitiv avhengighet i ktor 2.3.5. Kan trolig fjernes ved nyere versjoner.
+        implementation("io.netty:netty-codec-http2:4.1.100.Final") {
+            because("https://github.com/navikt/helsearbeidsgiver-inntektsmelding/security/dependabot/14")
+        }
+    }
+
     implementation("io.ktor:ktor-serialization-kotlinx-json:$ktorVersion")
     implementation("io.ktor:ktor-server-content-negotiation:$ktorVersion")
     implementation("io.ktor:ktor-server-core:$ktorVersion")
     implementation("io.ktor:ktor-server-netty:$ktorVersion")
     implementation("io.ktor:ktor-server-status-pages:$ktorVersion")
     implementation("io.lettuce:lettuce-core:$lettuceVersion")
-    implementation("no.nav.helsearbeidsgiver:altinn-client:$altinnVersion")
     implementation("no.nav.security:token-client-core:$tokenSupportVersion")
     implementation("no.nav.security:token-validation-ktor-v2:$tokenSupportVersion")
     implementation("org.valiktor:valiktor-core:$valiktorVersion")

api/gradle.properties

@@ -1,6 +1,5 @@
 # Dependency versions
-altinnVersion=0.1.11
 # nyere versjon av mockOauth2ServerVersion finnes, men med bug
 mockOauth2ServerVersion=0.5.3
-tokenSupportVersion=3.1.4
+tokenSupportVersion=3.1.7
 valiktorVersion=0.12.0