fix: resolve CVEs

Author: meotchwilliams

.vogue.yml

@@ -0,0 +1,9 @@
+---
+defaultRules: {}
+packageRules:
+- package: "com.github.mxenabled.coppuccino:com.github.mxenabled.coppuccino.gradle.plugin"
+  rules: {}
+  suppressUntil: "2026-02-15"
+- package: "com.github.mxenabled.vogue:com.github.mxenabled.vogue.gradle.plugin"
+  rules: {}
+  suppressUntil: "2026-02-15"

build.gradle

@@ -27,12 +27,47 @@ allprojects {
     mavenLocal()
   }
 
-  configurations.all {
+  configurations.configureEach {
+    resolutionStrategy.eachDependency { details ->
+      //Uncontrolled Recursion [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-10734078] in org.apache.commons:commons-lang3@3.17.0
+      //    introduced by net.sourceforge.pmd:pmd-java@7.16.0 > org.apache.commons:commons-lang3@3.17.0 and 7 other path(s)
+      //  This issue was fixed in versions: 3.18.0
+      if (details.requested.group == "org.apache.commons" && details.requested.name == "commons-lang3") {
+        details.useVersion "3.18.0"
+      }
+      //Improper Validation of Certificate with Host Mismatch [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-14532782] in org.apache.logging.log4j:log4j-core@2.24.3
+      //    introduced by com.github.spotbugs:spotbugs@4.9.8 > org.apache.logging.log4j:log4j-core@2.24.3
+      //  This issue was fixed in versions: 2.25.3
+      else if (details.requested.group == "org.apache.logging.log4j" && details.requested.name == "log4j-core") {
+        details.useVersion "2.25.3"
+      }
+      //XML External Entity (XXE) Injection [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGASSERTJ-15102413] in org.assertj:assertj-core@3.27.6
+      //    introduced by com.mx.path-core:testing@5.1.0 > org.assertj:assertj-core@3.27.6 and 1 other path(s)
+      //  This issue was fixed in versions: 3.27.7
+      else if (details.requested.group == "org.assertj" && details.requested.name == "assertj-core") {
+        details.useVersion "3.27.7"
+      }
+      //Stack-based Buffer Overflow [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-10500754] in com.fasterxml.jackson.core:jackson-core@2.14.2
+      //    introduced by io.honeybadger:honeybadger-java@2.1.2 > com.fasterxml.jackson.core:jackson-core@2.14.2 and 1 other path(s)
+      //  This issue was fixed in versions: 2.15.0-rc1
+      //Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538] in com.fasterxml.jackson.core:jackson-core@2.14.2
+      //    introduced by io.honeybadger:honeybadger-java@2.1.2 > com.fasterxml.jackson.core:jackson-core@2.14.2 and 1 other path(s)
+      //  This issue was fixed in versions: 2.15.0-rc1
+      else if (details.requested.group == "com.fasterxml.jackson.core" && details.requested.name == "jackson-core") {
+        details.useVersion "2.15.0-rc1"
+      }
+      //Information Exposure [Low Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMMONSCODEC-561518] in commons-codec:commons-codec@1.11
+      //    introduced by io.honeybadger:honeybadger-java@2.1.2 > org.apache.httpcomponents:fluent-hc@4.5.14 > org.apache.httpcomponents:httpclient@4.5.14 > commons-codec:commons-codec@1.11
+      //  This issue was fixed in versions: 1.14
+      else if (details.requested.group == "commons-codec" && details.requested.name == "commons-codec") {
+        details.useVersion "1.14"
+      }
+    }
     resolutionStrategy.cacheChangingModulesFor 0, 'seconds'
   }
 
   ext {
-    pathSDKVersion = "[5.0,6.0)"
+    pathSDKVersion = "[6.0,7.0)"
   }
 }
 

encryption-service-jasypt/gradle.lockfile

@@ -4,7 +4,7 @@
 com.auth0:java-jwt:4.5.0=testRuntimeClasspath
 com.datadoghq:dd-trace-api:1.38.0=testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-annotations:2.15.4=testRuntimeClasspath
-com.fasterxml.jackson.core:jackson-core:2.15.4=testRuntimeClasspath
+com.fasterxml.jackson.core:jackson-core:2.15.0-rc1=testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-databind:2.15.4=testRuntimeClasspath
 com.fasterxml.jackson:jackson-bom:2.15.4=testRuntimeClasspath
 com.github.oowekyala.ooxml:nice-xml-messages:3.1=pmd
@@ -25,22 +25,21 @@ com.google.guava:guava:33.4.8-jre=checkstyle
 com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava=checkstyle,compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.google.j2objc:j2objc-annotations:2.8=compileClasspath,testCompileClasspath
 com.google.j2objc:j2objc-annotations:3.0.0=checkstyle
-com.mx.path-core:common:5.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:context:5.0.0=testRuntimeClasspath
-com.mx.path-core:gateway:5.0.0=testRuntimeClasspath
-com.mx.path-core:messaging:5.0.0=testRuntimeClasspath
-com.mx.path-core:platform:5.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:testing:5.0.0=testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:utilities:5.0.0=testRuntimeClasspath
+com.mx.path-core:common:6.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:context:6.0.0=testRuntimeClasspath
+com.mx.path-core:gateway:6.0.0=testRuntimeClasspath
+com.mx.path-core:messaging:6.0.0=testRuntimeClasspath
+com.mx.path-core:platform:6.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:testing:6.0.0=testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:utilities:6.0.0=testRuntimeClasspath
 com.puppycrawl.tools:checkstyle:10.25.0=checkstyle
 com.sun.istack:istack-commons-runtime:4.1.2=testRuntimeClasspath
 com.sun.xml.bind:jaxb-core:4.0.6=testRuntimeClasspath
 com.sun.xml.bind:jaxb-impl:4.0.6=testRuntimeClasspath
 commons-beanutils:commons-beanutils:1.11.0=checkstyle
-commons-codec:commons-codec:1.15=checkstyle,compileClasspath,pmd,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+commons-codec:commons-codec:1.14=checkstyle,compileClasspath,pmd,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 commons-collections:commons-collections:3.2.2=checkstyle
 commons-io:commons-io:2.20.0=spotbugs
-commons-lang:commons-lang:2.6=testRuntimeClasspath
 commons-logging:commons-logging:1.2=testRuntimeClasspath
 info.picocli:picocli:4.7.7=checkstyle
 io.github.cdimascio:dotenv-java:2.3.2=testRuntimeClasspath
@@ -54,7 +53,7 @@ jakarta.xml.soap:jakarta.xml.soap-api:3.0.2=testRuntimeClasspath
 jaxen:jaxen:2.0.0=spotbugs
 net.bytebuddy:byte-buddy-agent:1.14.1=testCompileClasspath,testRuntimeClasspath
 net.bytebuddy:byte-buddy:1.14.1=testCompileClasspath
-net.bytebuddy:byte-buddy:1.17.7=testRuntimeClasspath
+net.bytebuddy:byte-buddy:1.18.3=testRuntimeClasspath
 net.sf.saxon:Saxon-HE:12.5=checkstyle,pmd
 net.sf.saxon:Saxon-HE:12.9=spotbugs
 net.sourceforge.pmd:pmd-ant:7.16.0=pmd
@@ -63,10 +62,7 @@ net.sourceforge.pmd:pmd-java:7.16.0=pmd
 org.antlr:antlr4-runtime:4.13.2=checkstyle
 org.antlr:antlr4-runtime:4.9.3=pmd
 org.apache.bcel:bcel:6.11.0=spotbugs
-org.apache.commons:commons-lang3:3.18.0=pmd
-org.apache.commons:commons-lang3:3.19.0=spotbugs
-org.apache.commons:commons-lang3:3.20.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-org.apache.commons:commons-lang3:3.8.1=checkstyle
+org.apache.commons:commons-lang3:3.18.0=checkstyle,compileClasspath,pmd,runtimeClasspath,spotbugs,testCompileClasspath,testRuntimeClasspath
 org.apache.commons:commons-text:1.14.0=spotbugs
 org.apache.commons:commons-text:1.15.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 org.apache.commons:commons-text:1.3=checkstyle
@@ -76,15 +72,15 @@ org.apache.httpcomponents.core5:httpcore5:5.1.3=checkstyle,pmd
 org.apache.httpcomponents:httpclient:4.5.13=checkstyle,testRuntimeClasspath
 org.apache.httpcomponents:httpcore:4.4.13=testRuntimeClasspath
 org.apache.httpcomponents:httpcore:4.4.14=checkstyle
-org.apache.logging.log4j:log4j-api:2.25.2=spotbugs
-org.apache.logging.log4j:log4j-core:2.25.2=spotbugs
+org.apache.logging.log4j:log4j-api:2.25.3=spotbugs
+org.apache.logging.log4j:log4j-core:2.25.3=spotbugs
 org.apache.maven.doxia:doxia-core:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-logging-api:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-module-xdoc:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-sink-api:1.12.0=checkstyle
 org.apache.xbean:xbean-reflect:3.7=checkstyle
 org.apiguardian:apiguardian-api:1.1.2=testCompileClasspath
-org.assertj:assertj-core:3.27.6=testRuntimeClasspath
+org.assertj:assertj-core:3.27.7=testRuntimeClasspath
 org.checkerframework:checker-qual:3.37.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 org.checkerframework:checker-qual:3.49.3=checkstyle
 org.checkerframework:checker-qual:3.49.5=pmd

encryption-service-vault/gradle.lockfile

@@ -5,7 +5,7 @@ com.auth0:java-jwt:4.5.0=testRuntimeClasspath
 com.bettercloud:vault-java-driver:5.1.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.datadoghq:dd-trace-api:1.38.0=testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-annotations:2.15.4=testRuntimeClasspath
-com.fasterxml.jackson.core:jackson-core:2.15.4=testRuntimeClasspath
+com.fasterxml.jackson.core:jackson-core:2.15.0-rc1=testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-databind:2.15.4=testRuntimeClasspath
 com.fasterxml.jackson:jackson-bom:2.15.4=testRuntimeClasspath
 com.github.oowekyala.ooxml:nice-xml-messages:3.1=pmd
@@ -26,23 +26,21 @@ com.google.guava:guava:33.4.8-jre=checkstyle
 com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava=checkstyle,compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.google.j2objc:j2objc-annotations:2.8=compileClasspath,testCompileClasspath
 com.google.j2objc:j2objc-annotations:3.0.0=checkstyle
-com.mx.path-core:common:5.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:context:5.0.0=testRuntimeClasspath
-com.mx.path-core:gateway:5.0.0=testRuntimeClasspath
-com.mx.path-core:messaging:5.0.0=testRuntimeClasspath
-com.mx.path-core:platform:5.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:testing:5.0.0=testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:utilities:5.0.0=testRuntimeClasspath
+com.mx.path-core:common:6.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:context:6.0.0=testRuntimeClasspath
+com.mx.path-core:gateway:6.0.0=testRuntimeClasspath
+com.mx.path-core:messaging:6.0.0=testRuntimeClasspath
+com.mx.path-core:platform:6.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:testing:6.0.0=testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:utilities:6.0.0=testRuntimeClasspath
 com.puppycrawl.tools:checkstyle:10.25.0=checkstyle
 com.sun.istack:istack-commons-runtime:4.1.2=testRuntimeClasspath
 com.sun.xml.bind:jaxb-core:4.0.6=testRuntimeClasspath
 com.sun.xml.bind:jaxb-impl:4.0.6=testRuntimeClasspath
 commons-beanutils:commons-beanutils:1.11.0=checkstyle
-commons-codec:commons-codec:1.11=testRuntimeClasspath
-commons-codec:commons-codec:1.15=checkstyle,pmd
+commons-codec:commons-codec:1.14=checkstyle,pmd,testRuntimeClasspath
 commons-collections:commons-collections:3.2.2=checkstyle
 commons-io:commons-io:2.20.0=spotbugs
-commons-lang:commons-lang:2.6=testRuntimeClasspath
 commons-logging:commons-logging:1.2=testRuntimeClasspath
 info.picocli:picocli:4.7.7=checkstyle
 io.github.cdimascio:dotenv-java:2.3.2=testRuntimeClasspath
@@ -56,7 +54,7 @@ jakarta.xml.soap:jakarta.xml.soap-api:3.0.2=testRuntimeClasspath
 jaxen:jaxen:2.0.0=spotbugs
 net.bytebuddy:byte-buddy-agent:1.14.1=testCompileClasspath,testRuntimeClasspath
 net.bytebuddy:byte-buddy:1.14.1=testCompileClasspath
-net.bytebuddy:byte-buddy:1.17.7=testRuntimeClasspath
+net.bytebuddy:byte-buddy:1.18.3=testRuntimeClasspath
 net.sf.saxon:Saxon-HE:12.5=checkstyle,pmd
 net.sf.saxon:Saxon-HE:12.9=spotbugs
 net.sourceforge.pmd:pmd-ant:7.16.0=pmd
@@ -65,10 +63,7 @@ net.sourceforge.pmd:pmd-java:7.16.0=pmd
 org.antlr:antlr4-runtime:4.13.2=checkstyle
 org.antlr:antlr4-runtime:4.9.3=pmd
 org.apache.bcel:bcel:6.11.0=spotbugs
-org.apache.commons:commons-lang3:3.18.0=pmd
-org.apache.commons:commons-lang3:3.19.0=spotbugs
-org.apache.commons:commons-lang3:3.20.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-org.apache.commons:commons-lang3:3.8.1=checkstyle
+org.apache.commons:commons-lang3:3.18.0=checkstyle,compileClasspath,pmd,runtimeClasspath,spotbugs,testCompileClasspath,testRuntimeClasspath
 org.apache.commons:commons-text:1.14.0=spotbugs
 org.apache.commons:commons-text:1.15.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 org.apache.commons:commons-text:1.3=checkstyle
@@ -78,15 +73,15 @@ org.apache.httpcomponents.core5:httpcore5:5.1.3=checkstyle,pmd
 org.apache.httpcomponents:httpclient:4.5.13=checkstyle,testRuntimeClasspath
 org.apache.httpcomponents:httpcore:4.4.13=testRuntimeClasspath
 org.apache.httpcomponents:httpcore:4.4.14=checkstyle
-org.apache.logging.log4j:log4j-api:2.25.2=spotbugs
-org.apache.logging.log4j:log4j-core:2.25.2=spotbugs
+org.apache.logging.log4j:log4j-api:2.25.3=spotbugs
+org.apache.logging.log4j:log4j-core:2.25.3=spotbugs
 org.apache.maven.doxia:doxia-core:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-logging-api:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-module-xdoc:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-sink-api:1.12.0=checkstyle
 org.apache.xbean:xbean-reflect:3.7=checkstyle
 org.apiguardian:apiguardian-api:1.1.2=testCompileClasspath
-org.assertj:assertj-core:3.27.6=testRuntimeClasspath
+org.assertj:assertj-core:3.27.7=testRuntimeClasspath
 org.checkerframework:checker-qual:3.37.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 org.checkerframework:checker-qual:3.49.3=checkstyle
 org.checkerframework:checker-qual:3.49.5=pmd

exception-reporter-honeybadger/gradle.lockfile

@@ -5,8 +5,7 @@ com.auth0:java-jwt:4.5.0=testRuntimeClasspath
 com.datadoghq:dd-trace-api:1.38.0=testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-annotations:2.14.2=compileClasspath,runtimeClasspath,testCompileClasspath
 com.fasterxml.jackson.core:jackson-annotations:2.15.4=testRuntimeClasspath
-com.fasterxml.jackson.core:jackson-core:2.14.2=compileClasspath,runtimeClasspath,testCompileClasspath
-com.fasterxml.jackson.core:jackson-core:2.15.4=testRuntimeClasspath
+com.fasterxml.jackson.core:jackson-core:2.15.0-rc1=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-databind:2.14.2=compileClasspath,runtimeClasspath,testCompileClasspath
 com.fasterxml.jackson.core:jackson-databind:2.15.4=testRuntimeClasspath
 com.fasterxml.jackson:jackson-bom:2.14.2=compileClasspath,runtimeClasspath,testCompileClasspath
@@ -32,23 +31,21 @@ com.google.j2objc:j2objc-annotations:2.8=compileClasspath,testCompileClasspath
 com.google.j2objc:j2objc-annotations:3.0.0=checkstyle
 com.jcabi:jcabi-log:0.20.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.jcabi:jcabi-manifests:1.2.1=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:common:5.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:context:5.0.0=testRuntimeClasspath
-com.mx.path-core:gateway:5.0.0=testRuntimeClasspath
-com.mx.path-core:messaging:5.0.0=testRuntimeClasspath
-com.mx.path-core:platform:5.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:testing:5.0.0=testCompileClasspath,testRuntimeClasspath
-com.mx.path-core:utilities:5.0.0=testRuntimeClasspath
+com.mx.path-core:common:6.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:context:6.0.0=testRuntimeClasspath
+com.mx.path-core:gateway:6.0.0=testRuntimeClasspath
+com.mx.path-core:messaging:6.0.0=testRuntimeClasspath
+com.mx.path-core:platform:6.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:testing:6.0.0=testCompileClasspath,testRuntimeClasspath
+com.mx.path-core:utilities:6.0.0=testRuntimeClasspath
 com.puppycrawl.tools:checkstyle:10.25.0=checkstyle
 com.sun.istack:istack-commons-runtime:4.1.2=testRuntimeClasspath
 com.sun.xml.bind:jaxb-core:4.0.6=testRuntimeClasspath
 com.sun.xml.bind:jaxb-impl:4.0.6=testRuntimeClasspath
 commons-beanutils:commons-beanutils:1.11.0=checkstyle
-commons-codec:commons-codec:1.11=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-commons-codec:commons-codec:1.15=checkstyle,pmd
+commons-codec:commons-codec:1.14=checkstyle,compileClasspath,pmd,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 commons-collections:commons-collections:3.2.2=checkstyle
 commons-io:commons-io:2.20.0=spotbugs
-commons-lang:commons-lang:2.6=testRuntimeClasspath
 commons-logging:commons-logging:1.2=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 info.picocli:picocli:4.7.7=checkstyle
 io.github.cdimascio:dotenv-java:2.3.2=testRuntimeClasspath
@@ -65,7 +62,7 @@ net.bytebuddy:byte-buddy-agent:1.10.13=compileClasspath,runtimeClasspath
 net.bytebuddy:byte-buddy-agent:1.14.1=testCompileClasspath,testRuntimeClasspath
 net.bytebuddy:byte-buddy:1.10.13=compileClasspath,runtimeClasspath
 net.bytebuddy:byte-buddy:1.14.1=testCompileClasspath
-net.bytebuddy:byte-buddy:1.17.7=testRuntimeClasspath
+net.bytebuddy:byte-buddy:1.18.3=testRuntimeClasspath
 net.logstash.logback:logstash-logback-encoder:6.6=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 net.sf.saxon:Saxon-HE:12.5=checkstyle,pmd
 net.sf.saxon:Saxon-HE:12.9=spotbugs
@@ -75,10 +72,7 @@ net.sourceforge.pmd:pmd-java:7.16.0=pmd
 org.antlr:antlr4-runtime:4.13.2=checkstyle
 org.antlr:antlr4-runtime:4.9.3=pmd
 org.apache.bcel:bcel:6.11.0=spotbugs
-org.apache.commons:commons-lang3:3.18.0=pmd
-org.apache.commons:commons-lang3:3.19.0=spotbugs
-org.apache.commons:commons-lang3:3.20.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-org.apache.commons:commons-lang3:3.8.1=checkstyle
+org.apache.commons:commons-lang3:3.18.0=checkstyle,compileClasspath,pmd,runtimeClasspath,spotbugs,testCompileClasspath,testRuntimeClasspath
 org.apache.commons:commons-text:1.14.0=spotbugs
 org.apache.commons:commons-text:1.15.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 org.apache.commons:commons-text:1.3=checkstyle
@@ -90,15 +84,15 @@ org.apache.httpcomponents:httpclient:4.5.13=checkstyle
 org.apache.httpcomponents:httpclient:4.5.14=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 org.apache.httpcomponents:httpcore:4.4.14=checkstyle
 org.apache.httpcomponents:httpcore:4.4.16=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-org.apache.logging.log4j:log4j-api:2.25.2=spotbugs
-org.apache.logging.log4j:log4j-core:2.25.2=spotbugs
+org.apache.logging.log4j:log4j-api:2.25.3=spotbugs
+org.apache.logging.log4j:log4j-core:2.25.3=spotbugs
 org.apache.maven.doxia:doxia-core:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-logging-api:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-module-xdoc:1.12.0=checkstyle
 org.apache.maven.doxia:doxia-sink-api:1.12.0=checkstyle
 org.apache.xbean:xbean-reflect:3.7=checkstyle
 org.apiguardian:apiguardian-api:1.1.2=testCompileClasspath
-org.assertj:assertj-core:3.27.6=testRuntimeClasspath
+org.assertj:assertj-core:3.27.7=testRuntimeClasspath
 org.checkerframework:checker-qual:3.37.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 org.checkerframework:checker-qual:3.49.3=checkstyle
 org.checkerframework:checker-qual:3.49.5=pmd