From ed05ff17626d6772f94bd818f8b00eb7a80e0c9e Mon Sep 17 00:00:00 2001
From: Jiang Hua <jhua@vmware.com>
Date: Fri, 28 Feb 2025 09:31:47 -0800
Subject: [PATCH] CVE-2024-38286 - upgrade tomcat-embed-core to 9.0.100.

---
 .github/workflows/main.yml | 5 ++++-
 g11n-ws/build.gradle       | 4 ++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 1da2ecccb..fb47854cd 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -90,11 +90,14 @@ jobs:
           # Force 0 exit code to allow SARIF file generation
           # This will handover control about PR rejection to the GitHub side
           max-allowed-issues: 2147483647  
+      - name: Clean duplicates
+        run: |
+          jq '.runs |= unique_by({tool, invocations, results})' results.sarif > final-results.sarif
       # Upload the SARIF file generated in the previous step  
       - name: Upload SARIF results file
         uses: github/codeql-action/upload-sarif@main
         with:
-          sarif_file: results.sarif  
+          sarif_file: final-results.sarif
               
   smoke-test:
     name: Smoke Test
diff --git a/g11n-ws/build.gradle b/g11n-ws/build.gradle
index cb3baa4cb..f2e218846 100644
--- a/g11n-ws/build.gradle
+++ b/g11n-ws/build.gradle
@@ -1,4 +1,4 @@
-//Copyright 2019-2024 VMware, Inc.
+//Copyright 2019-2025 VMware, Inc.
 //SPDX-License-Identifier: EPL-2.0
 
 buildscript {
@@ -55,7 +55,7 @@ subprojects{
    	       
         projectVersion = '0.0.1-SNAPSHOT'
         springWebVersion='5.3.39'
-        tomcatVersion= '9.0.89'
+        tomcatVersion= '9.0.100'
         httpclient='4.5.13'
         jacksonVersion = '2.16.0'
     	sqliteVersion= '3.42.0.0'