Update dependencies.

[matsreeves-nasstar]

Affected version

Latest

Bug description

The dependencies need to be bumped to newer versions to resolve CVE warnings.

In particular, org.apache.rat:apache-rat-plugin needs to have its version explicitly specified (latest is 0.17) rather than relying on the parent version (currently at 0.16.1), as the latter has a CVE in transitive dependency org.apache.commons:commons-text at version 1.3.