From 73a4024481ffa624420da526a8eebe34a1ef02b7 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 2 Jan 2024 18:21:48 +0000
Subject: [PATCH 1/2] fix: flexible/helloworld-springboot/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETOMCATEMBED-5953331
---
 flexible/helloworld-springboot/pom.xml | 114 ++++++++++++-------------
 1 file changed, 57 insertions(+), 57 deletions(-)

diff --git a/flexible/helloworld-springboot/pom.xml b/flexible/helloworld-springboot/pom.xml
index 2558dc00ecc..78ed7488178 100644
--- a/flexible/helloworld-springboot/pom.xml
+++ b/flexible/helloworld-springboot/pom.xml
@@ -14,11 +14,11 @@
 ~ implied. See the License for the specific language governing
 ~ permissions and limitations under the License.
 -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
-  <modelVersion>4.0.0</modelVersion>
-  <groupId>com.example.java</groupId>
-  <artifactId>helloworld-springboot</artifactId>
-  <version>0.0.1-SNAPSHOT</version>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>com.example.java</groupId>
+  <artifactId>helloworld-springboot</artifactId>
+  <version>0.0.1-SNAPSHOT</version>
   <name>helloworld-springboot</name>
 
   <!--
@@ -30,62 +30,62 @@
     <artifactId>shared-configuration</artifactId>
     <version>1.0.23</version>
   </parent>
-
-  <properties>
-    <maven.compiler.source>1.8</maven.compiler.source>
-    <maven.compiler.target>1.8</maven.compiler.target>
+
+  <properties>
+    <maven.compiler.source>1.8</maven.compiler.source>
+    <maven.compiler.target>1.8</maven.compiler.target>
   </properties>
-
-  <dependencies>
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-web</artifactId>
-      <version>2.5.5</version>
-    </dependency>
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
+      <version>2.7.17</version>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-actuator</artifactId>
-      <version>2.5.5</version>
-    </dependency>
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
+      <version>2.5.5</version>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-test</artifactId>
-      <version>2.5.4</version>
-      <scope>test</scope>
-      <exclusions>
-        <exclusion>
-          <groupId>org.junit.vintage</groupId>
-          <artifactId>junit-vintage-engine</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
+      <version>2.5.4</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <groupId>org.junit.vintage</groupId>
+          <artifactId>junit-vintage-engine</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
   </dependencies>
-
-  <build>
-    <plugins>
-      <plugin>
-        <groupId>org.springframework.boot</groupId>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-maven-plugin</artifactId>
-        <version>2.5.5</version>
-        <executions>
-          <execution>
-            <goals>
-              <goal>repackage</goal>
-            </goals>
-          </execution>
-        </executions>
-      </plugin>
-      <plugin>
-        <groupId>com.google.cloud.tools</groupId>
-        <artifactId>appengine-maven-plugin</artifactId>
-        <version>2.4.1</version>
-        <configuration>
-          <!-- setting a property to "GCLOUD_CONFIG" will deploy using the gcloud settings for the property -->
-          <projectId>GCLOUD_CONFIG</projectId>
-          <!-- set the GAE version or use "GCLOUD_CONFIG" for an autogenerated GAE version -->
-          <version>GCLOUD_CONFIG</version>
-        </configuration>
-      </plugin>
-    </plugins>
-  </build>
+        <version>2.5.5</version>
+        <executions>
+          <execution>
+            <goals>
+              <goal>repackage</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+      <plugin>
+        <groupId>com.google.cloud.tools</groupId>
+        <artifactId>appengine-maven-plugin</artifactId>
+        <version>2.4.1</version>
+        <configuration>
+          <!-- setting a property to "GCLOUD_CONFIG" will deploy using the gcloud settings for the property -->
+          <projectId>GCLOUD_CONFIG</projectId>
+          <!-- set the GAE version or use "GCLOUD_CONFIG" for an autogenerated GAE version -->
+          <version>GCLOUD_CONFIG</version>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
 </project>

From e1bee65c3d20fdabbd635e4fc8a32af8c4b9fc63 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 10 Feb 2026 09:04:04 +0000
Subject: [PATCH 2/2] fix: flexible/helloworld-springboot/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETOMCATEMBED-5953331