From d63fdf3a15e86892c465ac9d621e8c6200218dd4 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 15 Jul 2025 09:19:20 +0000
Subject: [PATCH] fix: pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-10734078
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-10500754
- https://snyk.io/vuln/SNYK-JAVA-COMMONSBEANUTILS-10259368
---
 pom.xml | 50 +++++++++++++++++++++++++-------------------------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/pom.xml b/pom.xml
index 15293a0ac..bfa80ea59 100644
--- a/pom.xml
+++ b/pom.xml
@@ -321,39 +321,39 @@
                                 <!-- windows build -->
                                 <copy todir="${dist.base}/windows">
                                     <fileset dir="${project.basedir}">
-                                        <include name="config/**" />
-                                        <include name="LICENSE*" />
+                                        <include name="config/**"/>
+                                        <include name="LICENSE*"/>
                                     </fileset>
                                     <fileset dir="${project.basedir}/target">
-                                        <include name="semux.exe" />
+                                        <include name="semux.exe"/>
                                     </fileset>
                                 </copy>
-                                <copy file="${project.basedir}/misc/launch4j/semux.l4j.ini" tofile="${dist.base}/windows/semux.l4j.ini" />
-                                <fixcrlf srcdir="${dist.base}/windows" includes="**/*.ini" eol="dos" eof="asis" />
-                                <fixcrlf srcdir="${dist.base}/windows" includes="config/*" eol="dos" eof="asis" />
-                                <fixcrlf srcdir="${dist.base}/windows" includes="LICENSE*" eol="dos" eof="asis" />
+                                <copy file="${project.basedir}/misc/launch4j/semux.l4j.ini" tofile="${dist.base}/windows/semux.l4j.ini"/>
+                                <fixcrlf srcdir="${dist.base}/windows" includes="**/*.ini" eol="dos" eof="asis"/>
+                                <fixcrlf srcdir="${dist.base}/windows" includes="config/*" eol="dos" eof="asis"/>
+                                <fixcrlf srcdir="${dist.base}/windows" includes="LICENSE*" eol="dos" eof="asis"/>
 
                                 <!-- linux build (executable jar) -->
                                 <copy todir="${dist.base}/linux">
                                     <fileset dir="${project.basedir}">
-                                        <include name="config/**" />
-                                        <include name="LICENSE*" />
+                                        <include name="config/**"/>
+                                        <include name="LICENSE*"/>
                                     </fileset>
                                 </copy>
-                                <copy file="${project.basedir}/src/main/resources/org/semux/gui/splash.png" todir="${dist.base}/linux/resources" />
-                                <copy file="${project.basedir}/target/semux-${project.version}-shaded.jar" tofile="${dist.base}/linux/semux.jar" />
-                                <copy file="${project.basedir}/scripts/semux-cli.sh" tofile="${dist.base}/linux/semux-cli.sh" />
-                                <copy file="${project.basedir}/scripts/semux-gui.sh" tofile="${dist.base}/linux/semux-gui.sh" />
-                                <chmod file="${dist.base}/linux/semux.jar" perm="755" />
-                                <chmod file="${dist.base}/linux/semux*.sh" perm="755" />
+                                <copy file="${project.basedir}/src/main/resources/org/semux/gui/splash.png" todir="${dist.base}/linux/resources"/>
+                                <copy file="${project.basedir}/target/semux-${project.version}-shaded.jar" tofile="${dist.base}/linux/semux.jar"/>
+                                <copy file="${project.basedir}/scripts/semux-cli.sh" tofile="${dist.base}/linux/semux-cli.sh"/>
+                                <copy file="${project.basedir}/scripts/semux-gui.sh" tofile="${dist.base}/linux/semux-gui.sh"/>
+                                <chmod file="${dist.base}/linux/semux.jar" perm="755"/>
+                                <chmod file="${dist.base}/linux/semux*.sh" perm="755"/>
 
                                 <!-- macos build -->
                                 <!-- use fat jar because .app bundle is not production ready -->
                                 <copy todir="${dist.base}/macos">
-                                    <fileset dir="${dist.base}/linux"></fileset>
+                                    <fileset dir="${dist.base}/linux"/>
                                 </copy>
-                                <chmod file="${dist.base}/macos/semux.jar" perm="755" />
-                                <chmod file="${dist.base}/macos/semux*.sh" perm="755" />
+                                <chmod file="${dist.base}/macos/semux.jar" perm="755"/>
+                                <chmod file="${dist.base}/macos/semux*.sh" perm="755"/>
                             </target>
                         </configuration>
                         <goals>
@@ -395,7 +395,7 @@
                     <instrumentation>
                         <ignoreTrivial>true</ignoreTrivial>
                     </instrumentation>
-                    <check />
+                    <check/>
                 </configuration>
             </plugin>
 
@@ -474,7 +474,7 @@
                         <configuration>
                             <skip>false</skip>
                             <rules>
-                                <DependencyConvergence />
+                                <DependencyConvergence/>
                                 <digestRule implementation="uk.co.froot.maven.enforcer.DigestRule">
                                     <!-- Create a snapshot to build the list of URNs below -->
                                     <buildSnapshot>false</buildSnapshot>
@@ -602,7 +602,7 @@
                                         </goals>
                                     </pluginExecutionFilter>
                                     <action>
-                                        <ignore></ignore>
+                                        <ignore/>
                                     </action>
                                 </pluginExecution>
                             </pluginExecutions>
@@ -696,7 +696,7 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>3.7</version>
+            <version>3.18.0</version>
         </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>
@@ -706,7 +706,7 @@
         <dependency>
             <groupId>commons-validator</groupId>
             <artifactId>commons-validator</artifactId>
-            <version>1.6</version>
+            <version>1.10.0</version>
             <exclusions>
                 <exclusion>
                     <groupId>commons-collections</groupId>
@@ -739,12 +739,12 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.9.4</version>
+            <version>2.15.0</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.9.4</version>
+            <version>2.15.0</version>
         </dependency>
 
         <!-- ED25519 -->