Bump joda-time and guava versions

[sbesson]

Related to ome/bioformats#4245

The 5.6.0 release cdm-core upgrades several third-party dependencies including joda-time and guava which are bumped to patch releases.

Due to the combination of the Maven dependency mechanism which uses nearest definition and the order of the dependencies in the pom.xml, these upgraded versions are currently excluded from the Maven build.

This is not necessarily an issue per se but causes some problems down the line when OMERO is built with a development version of Bio-Formats in the OME CI -see https://merge-ci.openmicroscopy.org/jenkins/job/OMERO-build/197/

06:29:03 retrieve:
06:29:03 :: Apache Ivy 2.4.0 - 20141213170938 :: http://ant.apache.org/ivy/ ::
06:29:03 :: loading settings :: file = /home/omero/workspace/OMERO-build/src/etc/ivysettings.xml
06:29:04 WARNING: An illegal reflective access operation has occurred
06:29:04 WARNING: Illegal reflective access by org.apache.ivy.util.url.IvyAuthenticator (file:/home/omero/workspace/OMERO-build/src/lib/repository/ivy-2.4.0.jar) to field java.net.Authenticator.theAuthenticator
06:29:04 WARNING: Please consider reporting this to the maintainers of org.apache.ivy.util.url.IvyAuthenticator
06:29:04 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
06:29:04 WARNING: All illegal access operations will be denied in a future release
06:29:34 :: problems summary ::
06:29:34 :::: WARNINGS
06:29:34 		[NOT FOUND  ] com.google.guava#guava;32.0.1-jre!guava.jar(bundle) (0ms)
06:29:34 	==== user-maven: tried
06:29:34 	  /home/omero/.m2/repository/com/google/guava/guava/32.0.1-jre/guava-32.0.1-jre.jar
06:29:34 		[NOT FOUND  ] joda-time#joda-time;2.12.7!joda-time.jar (0ms)
06:29:34 	==== user-maven: tried
06:29:34 	  /home/omero/.m2/repository/joda-time/joda-time/2.12.7/joda-time-2.12.7.jar
06:29:34 		::::::::::::::::::::::::::::::::::::::::::::::
06:29:34 		::              FAILED DOWNLOADS            ::
06:29:34 		:: ^ see resolution messages for details  ^ ::
06:29:34 		::::::::::::::::::::::::::::::::::::::::::::::
06:29:34 		:: com.google.guava#guava;32.0.1-jre!guava.jar(bundle)
06:29:34 		:: joda-time#joda-time;2.12.7!joda-time.jar
06:29:34 		::::::::::::::::::::::::::::::::::::::::::::::
06:29:34 

From past experience, the workaround with the current build system is to enforce the dependencies declared in this low-level component are consistent with the one resolved by Maven and Ivy. Additionally, this should enforce that Bio-Formats is shipped with the correct versions.

[sbesson]

@melissalinkert should we get this and #91 in a patch release of ome-common-java and bump the component as part of ome/bioformats#4245?

[melissalinkert]

@melissalinkert should we get this and #91 in a patch release of ome-common-java and bump the component as part of ome/bioformats#4245?

Yes, I think that makes sense.

[sbesson]

Now released as https://repo1.maven.org/maven2/org/openmicroscopy/ome-common/6.0.24/