From fcc0085c8b574023a9961fa674e22be0db20120b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 28 Jan 2026 04:06:07 +0000
Subject: [PATCH] fix: pom.xml & libraries/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGASSERTJ-15102413
- https://snyk.io/vuln/SNYK-JAVA-CHQOSLOGBACK-15062482
---
 libraries/pom.xml | 2 +-
 pom.xml           | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libraries/pom.xml b/libraries/pom.xml
index 3cca9aef4cef..2738e0f07dca 100644
--- a/libraries/pom.xml
+++ b/libraries/pom.xml
@@ -614,7 +614,7 @@
         <jasypt.version>1.9.2</jasypt.version>
         <javatuples.version>1.2</javatuples.version>
         <javaassist.version>3.21.0-GA</javaassist.version>
-        <assertj.version>3.6.2</assertj.version>
+        <assertj.version>3.27.7</assertj.version>
         <jsonassert.version>1.5.0</jsonassert.version>
         <javers.version>3.1.0</javers.version>
         <jetty.version>9.4.3.v20170317</jetty.version>
diff --git a/pom.xml b/pom.xml
index dfa7e09acc56..c377af1b0ccd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -21,7 +21,7 @@
         <mockito.version>2.8.9</mockito.version>
         <!-- logging -->
         <org.slf4j.version>1.7.21</org.slf4j.version>
-        <logback.version>1.1.7</logback.version>
+        <logback.version>1.5.25</logback.version>
         <!-- plugins -->
         <maven-surefire-plugin.version>2.19.1</maven-surefire-plugin.version>
         <maven-compiler-plugin.version>3.6.0</maven-compiler-plugin.version>