From b756215b65bb0f5ffdc049f0968426eda3b9e8d8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 28 Jan 2026 23:11:42 +0000
Subject: [PATCH] fix: pom.xml & libraries-http/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGASSERTJ-15102413
- https://snyk.io/vuln/SNYK-JAVA-CHQOSLOGBACK-15062482
---
 libraries-http/pom.xml | 2 +-
 pom.xml                | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/libraries-http/pom.xml b/libraries-http/pom.xml
index 86f5390c3a1d..1e83d8c23b84 100644
--- a/libraries-http/pom.xml
+++ b/libraries-http/pom.xml
@@ -120,7 +120,7 @@
 	<properties>
 		<httpclient.version>4.5.3</httpclient.version>
 		<jackson.version>2.9.8</jackson.version>
-		<assertj.version>3.6.2</assertj.version>
+		<assertj.version>3.27.7</assertj.version>
         <com.squareup.okhttp3.version>3.14.2</com.squareup.okhttp3.version>
         <googleclient.version>1.23.0</googleclient.version>
         <async.http.client.version>2.2.0</async.http.client.version>
diff --git a/pom.xml b/pom.xml
index 7c46f29c74c1..bb9647535ec1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -263,7 +263,7 @@
                                         </goals>
                                     </pluginExecutionFilter>
                                     <action>
-                                        <ignore></ignore>
+                                        <ignore/>
                                     </action>
                                 </pluginExecution>
                                 <pluginExecution>
@@ -282,7 +282,7 @@
                                         </goals>
                                     </pluginExecutionFilter>
                                     <action>
-                                        <ignore></ignore>
+                                        <ignore/>
                                     </action>
                                 </pluginExecution>
                             </pluginExecutions>
@@ -1571,7 +1571,7 @@
 
         <!-- logging -->
         <org.slf4j.version>1.7.21</org.slf4j.version>
-        <logback.version>1.1.7</logback.version>
+        <logback.version>1.5.25</logback.version>
 
         <!-- plugins -->
         <!-- can't upgrade the plugin yet; as there is an issue with 2.22 no longer running all the tests-->