From a6f24495bbd4a1bfc8430c7c322fde3be21ebed9 Mon Sep 17 00:00:00 2001 From: Emmanuel GALLOIS Date: Wed, 21 Jan 2026 16:37:45 +0100 Subject: [PATCH 1/9] chore(QTDI-2446): bump log4j to 2.25.3 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e806d1f246951..6281e72879b9b 100644 --- a/pom.xml +++ b/pom.xml @@ -297,7 +297,7 @@ 1.2.21 1.7.34 - 2.20.0 + 2.25.3 1.7.14 0.32 4.5.14 From 923a70543b560a5efb71076e504aacd7b6ff91f8 Mon Sep 17 00:00:00 2001 From: Emmanuel GALLOIS Date: Wed, 21 Jan 2026 16:45:49 +0100 Subject: [PATCH 2/9] chore(QTDI-2465): bump logback to 1.5.19 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e806d1f246951..584ffee250a7b 100644 --- a/pom.xml +++ b/pom.xml @@ -178,7 +178,7 @@ 6.5.0 - 1.5.18 + 1.5.19 1.2.19 1.1 1.1 From a6f911add3d0be3e45f861fb2026373e4023df8d Mon Sep 17 00:00:00 2001 From: Emmanuel GALLOIS Date: Wed, 21 Jan 2026 17:17:20 +0100 Subject: [PATCH 3/9] chore(QTDI-2457): bump react-router to 6.30.2 to fix cve on @remix-run/router --- .../src/main/frontend/package-lock.json | 44 +++++++++++-------- .../src/main/frontend/package-template.json | 4 +- .../src/main/frontend/package.json | 4 +- .../src/main/frontend/package-lock.json | 26 +++++------ .../src/main/frontend/package-template.json | 3 +- .../src/main/frontend/package.json | 3 +- 6 files changed, 44 insertions(+), 40 deletions(-) diff --git a/component-starter-server/src/main/frontend/package-lock.json b/component-starter-server/src/main/frontend/package-lock.json index 49c237207c712..73f5cb181a45e 100644 --- a/component-starter-server/src/main/frontend/package-lock.json +++ b/component-starter-server/src/main/frontend/package-lock.json @@ -26,8 +26,8 @@ "react-ace": "^12.0.0", "react-dom": "^18.3.1", "react-i18next": "^13.5.0", - "react-router": "~6.3.0", - "react-router-dom": "~6.3.0", + "react-router": "~6.30.2", + "react-router-dom": "~6.30.2", "uuid": "^10.0.0" }, "devDependencies": { @@ -3703,6 +3703,14 @@ "url": "https://opencollective.com/popperjs" } }, + "node_modules/@remix-run/router": { + "version": "1.23.2", + "resolved": "https://registry.npmjs.org/@remix-run/router/-/router-1.23.2.tgz", + "integrity": "sha512-Ic6m2U/rMjTkhERIa/0ZtXJP17QUi2CbWE7cqx4J58M8aA3QTfW+2UlQ4psvTX9IO1RfNVhK3pcpdjej7L+t2w==", + "engines": { + "node": ">=14.0.0" + } + }, "node_modules/@rooks/use-mutation-observer": { "version": "4.11.2", "license": "MIT", @@ -12125,14 +12133,6 @@ "he": "bin/he" } }, - "node_modules/history": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/history/-/history-5.3.0.tgz", - "integrity": "sha512-ZqaKwjjrAYUYfLG+htGaIIZ4nioX2L70ZUMIFysS3xvBsSG4x/n1V6TXV3N8ZYNuFGlDirFg32T7B6WOUPDYcQ==", - "dependencies": { - "@babel/runtime": "^7.7.6" - } - }, "node_modules/hosted-git-info": { "version": "2.8.9", "dev": true, @@ -19616,23 +19616,29 @@ } }, "node_modules/react-router": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/react-router/-/react-router-6.3.0.tgz", - "integrity": "sha512-7Wh1DzVQ+tlFjkeo+ujvjSqSJmkt1+8JO+T5xklPlgrh70y7ogx75ODRW0ThWhY7S+6yEDks8TYrtQe/aoboBQ==", + "version": "6.30.3", + "resolved": "https://registry.npmjs.org/react-router/-/react-router-6.30.3.tgz", + "integrity": "sha512-XRnlbKMTmktBkjCLE8/XcZFlnHvr2Ltdr1eJX4idL55/9BbORzyZEaIkBFDhFGCEWBBItsVrDxwx3gnisMitdw==", "dependencies": { - "history": "^5.2.0" + "@remix-run/router": "1.23.2" + }, + "engines": { + "node": ">=14.0.0" }, "peerDependencies": { "react": ">=16.8" } }, "node_modules/react-router-dom": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-6.3.0.tgz", - "integrity": "sha512-uaJj7LKytRxZNQV8+RbzJWnJ8K2nPsOOEuX7aQstlMZKQT0164C+X2w6bnkqU3sjtLvpd5ojrezAyfZ1+0sStw==", + "version": "6.30.3", + "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-6.30.3.tgz", + "integrity": "sha512-pxPcv1AczD4vso7G4Z3TKcvlxK7g7TNt3/FNGMhfqyntocvYKj+GCatfigGDjbLozC4baguJ0ReCigoDJXb0ag==", "dependencies": { - "history": "^5.2.0", - "react-router": "6.3.0" + "@remix-run/router": "1.23.2", + "react-router": "6.30.3" + }, + "engines": { + "node": ">=14.0.0" }, "peerDependencies": { "react": ">=16.8", diff --git a/component-starter-server/src/main/frontend/package-template.json b/component-starter-server/src/main/frontend/package-template.json index cf513efb1d1fb..f6748e1d51f6f 100644 --- a/component-starter-server/src/main/frontend/package-template.json +++ b/component-starter-server/src/main/frontend/package-template.json @@ -21,8 +21,8 @@ "react-ace": "^12.0.0", "react-dom": "^18.3.1", "react-i18next": "^13.5.0", - "react-router": "~6.3.0", - "react-router-dom": "~6.3.0", + "react-router": "~6.30.2", + "react-router-dom": "~6.30.2", "uuid": "^10.0.0", "form-data": ">=4.0.4", "body-parser": "1.20.3", diff --git a/component-starter-server/src/main/frontend/package.json b/component-starter-server/src/main/frontend/package.json index cf513efb1d1fb..f6748e1d51f6f 100644 --- a/component-starter-server/src/main/frontend/package.json +++ b/component-starter-server/src/main/frontend/package.json @@ -21,8 +21,8 @@ "react-ace": "^12.0.0", "react-dom": "^18.3.1", "react-i18next": "^13.5.0", - "react-router": "~6.3.0", - "react-router-dom": "~6.3.0", + "react-router": "~6.30.2", + "react-router-dom": "~6.30.2", "uuid": "^10.0.0", "form-data": ">=4.0.4", "body-parser": "1.20.3", diff --git a/component-tools-webapp/src/main/frontend/package-lock.json b/component-tools-webapp/src/main/frontend/package-lock.json index 0429dcb82cb67..d5f15bd9a2fbf 100644 --- a/component-tools-webapp/src/main/frontend/package-lock.json +++ b/component-tools-webapp/src/main/frontend/package-lock.json @@ -32,7 +32,7 @@ "react": "^18.3.1", "react-dom": "^18.3.1", "react-redux": "^7.2.9", - "react-router-dom": "^6.24.1", + "react-router-dom": "^6.30.2", "redux": "^4.2.1", "redux-thunk": "2.4.2" }, @@ -3750,9 +3750,9 @@ "integrity": "sha512-1dgmkh+3so0+LlBWRhGA33ua4MYr7tUOj+a9Si28vUi0IUFNbff1T3sgpeDJI/LaC75bBYnQ0A3wXjn0OrRNBA==" }, "node_modules/@remix-run/router": { - "version": "1.17.1", - "resolved": "https://registry.npmjs.org/@remix-run/router/-/router-1.17.1.tgz", - "integrity": "sha512-mCOMec4BKd6BRGBZeSnGiIgwsbLGp3yhVqAD8H+PxiRNEHgDpZb8J1TnrSDlg97t0ySKMQJTHCWBCmBpSmkF6Q==", + "version": "1.23.2", + "resolved": "https://registry.npmjs.org/@remix-run/router/-/router-1.23.2.tgz", + "integrity": "sha512-Ic6m2U/rMjTkhERIa/0ZtXJP17QUi2CbWE7cqx4J58M8aA3QTfW+2UlQ4psvTX9IO1RfNVhK3pcpdjej7L+t2w==", "engines": { "node": ">=14.0.0" } @@ -18545,11 +18545,11 @@ } }, "node_modules/react-router": { - "version": "6.24.1", - "resolved": "https://registry.npmjs.org/react-router/-/react-router-6.24.1.tgz", - "integrity": "sha512-PTXFXGK2pyXpHzVo3rR9H7ip4lSPZZc0bHG5CARmj65fTT6qG7sTngmb6lcYu1gf3y/8KxORoy9yn59pGpCnpg==", + "version": "6.30.3", + "resolved": "https://registry.npmjs.org/react-router/-/react-router-6.30.3.tgz", + "integrity": "sha512-XRnlbKMTmktBkjCLE8/XcZFlnHvr2Ltdr1eJX4idL55/9BbORzyZEaIkBFDhFGCEWBBItsVrDxwx3gnisMitdw==", "dependencies": { - "@remix-run/router": "1.17.1" + "@remix-run/router": "1.23.2" }, "engines": { "node": ">=14.0.0" @@ -18559,12 +18559,12 @@ } }, "node_modules/react-router-dom": { - "version": "6.24.1", - "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-6.24.1.tgz", - "integrity": "sha512-U19KtXqooqw967Vw0Qcn5cOvrX5Ejo9ORmOtJMzYWtCT4/WOfFLIZGGsVLxcd9UkBO0mSTZtXqhZBsWlHr7+Sg==", + "version": "6.30.3", + "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-6.30.3.tgz", + "integrity": "sha512-pxPcv1AczD4vso7G4Z3TKcvlxK7g7TNt3/FNGMhfqyntocvYKj+GCatfigGDjbLozC4baguJ0ReCigoDJXb0ag==", "dependencies": { - "@remix-run/router": "1.17.1", - "react-router": "6.24.1" + "@remix-run/router": "1.23.2", + "react-router": "6.30.3" }, "engines": { "node": ">=14.0.0" diff --git a/component-tools-webapp/src/main/frontend/package-template.json b/component-tools-webapp/src/main/frontend/package-template.json index 642da59a7e506..6d79820fc8889 100644 --- a/component-tools-webapp/src/main/frontend/package-template.json +++ b/component-tools-webapp/src/main/frontend/package-template.json @@ -20,7 +20,7 @@ "react": "^18.3.1", "react-dom": "^18.3.1", "react-redux": "^7.2.9", - "react-router-dom": "^6.24.1", + "react-router-dom": "^6.30.2", "redux": "^4.2.1", "redux-thunk": "2.4.2", "asciidoctor": "3.0.4", @@ -34,7 +34,6 @@ "brace-expansion": "2.0.2", "formidable": "2.1.3", "postcss": "8.4.31" - }, "devDependencies": { "@talend/scripts-config-react-webpack": "^16.8.0", diff --git a/component-tools-webapp/src/main/frontend/package.json b/component-tools-webapp/src/main/frontend/package.json index 642da59a7e506..6d79820fc8889 100644 --- a/component-tools-webapp/src/main/frontend/package.json +++ b/component-tools-webapp/src/main/frontend/package.json @@ -20,7 +20,7 @@ "react": "^18.3.1", "react-dom": "^18.3.1", "react-redux": "^7.2.9", - "react-router-dom": "^6.24.1", + "react-router-dom": "^6.30.2", "redux": "^4.2.1", "redux-thunk": "2.4.2", "asciidoctor": "3.0.4", @@ -34,7 +34,6 @@ "brace-expansion": "2.0.2", "formidable": "2.1.3", "postcss": "8.4.31" - }, "devDependencies": { "@talend/scripts-config-react-webpack": "^16.8.0", From abeca5e22bfdcfab5254ca78433a1d2f1c400350 Mon Sep 17 00:00:00 2001 From: Emmanuel GALLOIS Date: Wed, 21 Jan 2026 17:20:14 +0100 Subject: [PATCH 4/9] chore(QTDI-2457): remove logback fix --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 584ffee250a7b..e806d1f246951 100644 --- a/pom.xml +++ b/pom.xml @@ -178,7 +178,7 @@ 6.5.0 - 1.5.19 + 1.5.18 1.2.19 1.1 1.1 From 14f741d984f0dcf07fc0873940e6332fb1445480 Mon Sep 17 00:00:00 2001 From: Emmanuel GALLOIS Date: Wed, 21 Jan 2026 17:30:31 +0100 Subject: [PATCH 5/9] chore(QTDI-2242): bump tomcat to 9.0.110 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e806d1f246951..bad23f0897dc5 100644 --- a/pom.xml +++ b/pom.xml @@ -173,7 +173,7 @@ 8.0.14 1.2.15 2.0.27 - 9.0.109 + 9.0.110 3.5.11 6.5.0 From d53856e9c4a62770468fb377d5f9f133981cb504 Mon Sep 17 00:00:00 2001 From: Emmanuel GALLOIS Date: Wed, 21 Jan 2026 17:36:34 +0100 Subject: [PATCH 6/9] chore(QTDI-2394): bump rhino to 1.8.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e806d1f246951..0084398f3a224 100644 --- a/pom.xml +++ b/pom.xml @@ -298,7 +298,7 @@ 1.2.21 1.7.34 2.20.0 - 1.7.14 + 1.8.1 0.32 4.5.14 33.4.8-jre From aa2bb8129b830a3f5dc076bdc06f68da70db6ed2 Mon Sep 17 00:00:00 2001 From: Emmanuel GALLOIS Date: Wed, 21 Jan 2026 17:57:49 +0100 Subject: [PATCH 7/9] chore(QTDI-2394): bump rhino to 1.9.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0084398f3a224..2e710fbb4be30 100644 --- a/pom.xml +++ b/pom.xml @@ -298,7 +298,7 @@ 1.2.21 1.7.34 2.20.0 - 1.8.1 + 1.9.0 0.32 4.5.14 33.4.8-jre From b8fac94ed064c826a5cdb2317a0691185ecccad8 Mon Sep 17 00:00:00 2001 From: Emmanuel GALLOIS Date: Wed, 21 Jan 2026 17:58:21 +0100 Subject: [PATCH 8/9] chore(QTDI-2242): bump tomcat to 9.0.113 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index bad23f0897dc5..5f0384eb4995f 100644 --- a/pom.xml +++ b/pom.xml @@ -173,7 +173,7 @@ 8.0.14 1.2.15 2.0.27 - 9.0.110 + 9.0.113 3.5.11 6.5.0 From a364b2fc6230b2964599c37620d4c6922a45a868 Mon Sep 17 00:00:00 2001 From: yyin-talend Date: Thu, 22 Jan 2026 17:45:53 +0800 Subject: [PATCH 9/9] logback --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0ea9114656e18..39c75cd7cf826 100644 --- a/pom.xml +++ b/pom.xml @@ -178,7 +178,7 @@ 6.5.0 - 1.5.18 + 1.5.19 1.2.19 1.1 1.1