From 64c0dfbbe17b91c84aa6625485e967170f956026 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 14 Jul 2025 06:02:05 +0000
Subject: [PATCH] fix: pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMMONSLANG-10734077
---
 pom.xml | 67 ++++++++++++++++++++++++++++-----------------------------
 1 file changed, 33 insertions(+), 34 deletions(-)

diff --git a/pom.xml b/pom.xml
index c82810ad1d..cba738b9fc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -73,7 +73,7 @@
         <bigtable.version>1.24.0</bigtable.version>
         <!-- align with org.apache.spark:spark-core_2.12 -->
         <jackson2.version>2.16.0</jackson2.version>
-        <lucene-solr.version>8.11.2</lucene-solr.version>
+        <lucene-solr.version>9.0.0</lucene-solr.version>
         <elasticsearch.version>8.10.4</elasticsearch.version>
         <commons.beanutils.version>1.9.4</commons.beanutils.version>
         <commons.collections.version>3.2.2</commons.collections.version>
@@ -85,10 +85,10 @@
         <janusgraph.testdir>${project.build.directory}/janusgraph-test</janusgraph.testdir>
         <gpg.skip>false</gpg.skip>
         <maven.gpg.version>3.0.1</maven.gpg.version>
-        <perf.jvm.opts />
+        <perf.jvm.opts/>
         <default.test.jvm.opts>-Xms256m -Xmx768m -XX:+HeapDumpOnOutOfMemoryError -ea ${test.extra.jvm.opts}</default.test.jvm.opts>
         <mem.jvm.opts>-Xms256m -Xmx256m -ea -XX:+HeapDumpOnOutOfMemoryError ${test.extra.jvm.opts}</mem.jvm.opts>
-        <test.extra.jvm.opts />
+        <test.extra.jvm.opts/>
         <test.skip.default>false</test.skip.default>
         <test.skip.tp>true</test.skip.tp>
         <top.level.basedir>${basedir}</top.level.basedir>
@@ -182,7 +182,7 @@
                                         <exclude>com.fasterxml.jackson.core:jackson-core</exclude>
                                     </excludes>
                                 </requireUpperBoundDeps>
-                                <DependencyConvergence />
+                                <DependencyConvergence/>
                             </rules>
                         </configuration>
                     </execution>
@@ -306,39 +306,38 @@
                     <!-- define here because checkstyle and multi module is a PITA -->
                     <checkstyleRules>
                         <module name="Checker">
-                            <module name="NewlineAtEndOfFile" />
-                            <module name="UniqueProperties" />
+                            <module name="NewlineAtEndOfFile"/>
+                            <module name="UniqueProperties"/>
                             <module name="TreeWalker">
                                 <!-- <property name="tabWidth" value="4"/> -->
                                 <!-- Annotations: https://checkstyle.sourceforge.io/config_annotation.html -->
-                                <module name="MissingOverride" />
+                                <module name="MissingOverride"/>
                                 <!-- Class Design: https://checkstyle.sourceforge.io/config_design.html -->
-                                <module name="OneTopLevelClass" />
+                                <module name="OneTopLevelClass"/>
                                 <!-- Coding: https://checkstyle.sourceforge.io/config_coding.html-->
-                                <module name="CovariantEquals" />
+                                <module name="CovariantEquals"/>
                                 <!-- <module name="EqualsHashCode" /> -->
                                 <!-- <module name="OneStatementPerLine" /> -->
-                                <module name="PackageDeclaration" />
-                                <module name="SimplifyBooleanExpression" />
-                                <module name="StringLiteralEquality" />
-                                <module name="UnnecessarySemicolonAfterOuterTypeDeclaration" />
-                                <module name="UnnecessarySemicolonAfterTypeMemberDeclaration" />
-                                <module name="UnnecessarySemicolonInEnumeration" />
-                                <module name="UnnecessarySemicolonInTryWithResources" />
+                                <module name="PackageDeclaration"/>
+                                <module name="SimplifyBooleanExpression"/>
+                                <module name="StringLiteralEquality"/>
+                                <module name="UnnecessarySemicolonAfterOuterTypeDeclaration"/>
+                                <module name="UnnecessarySemicolonAfterTypeMemberDeclaration"/>
+                                <module name="UnnecessarySemicolonInEnumeration"/>
+                                <module name="UnnecessarySemicolonInTryWithResources"/>
                                 <!-- Imports: https://checkstyle.sourceforge.io/config_imports.html -->
-                                <module name="RedundantImport" />
-                                <module name="UnusedImports" />
-                                <module name="AvoidStarImport" />
+                                <module name="RedundantImport"/>
+                                <module name="UnusedImports"/>
+                                <module name="AvoidStarImport"/>
                                 <module name="CustomImportOrder">
-                                    <property name="customImportOrderRules"
-                                              value="THIRD_PARTY_PACKAGE###STANDARD_JAVA_PACKAGE###STATIC"/>
+                                    <property name="customImportOrderRules" value="THIRD_PARTY_PACKAGE###STANDARD_JAVA_PACKAGE###STATIC"/>
                                 </module>
                                 <!-- Miscellaneous: https://checkstyle.sourceforge.io/config_misc.html -->
-                                <module name="ArrayTypeStyle" />
-                                <module name="OuterTypeFilename" />
-                                <module name="UpperEll" />
+                                <module name="ArrayTypeStyle"/>
+                                <module name="OuterTypeFilename"/>
+                                <module name="UpperEll"/>
                                 <!-- Modifiers: https://checkstyle.sourceforge.io/config_modifier.html -->
-                                <module name="ModifierOrder" />
+                                <module name="ModifierOrder"/>
                                 <!-- <module name="RedundantModifier" /> -->
                             </module>
                         </module>
@@ -1630,7 +1629,7 @@
                                     <goal>unpack-dependencies</goal>
                                 </goals>
                                 <configuration>
-                                    <classifier />
+                                    <classifier/>
                                     <!-- empty classifier requests the artifact containing classes -->
                                     <outputDirectory>${project.build.directory}/jacoco-classes</outputDirectory>
                                     <includeGroupIds>${project.groupId}</includeGroupIds>
@@ -1673,21 +1672,21 @@
                                 </goals>
                                 <configuration>
                                     <target>
-                                        <taskdef name="report" classname="org.jacoco.ant.ReportTask" classpathref="maven.plugin.classpath" />
+                                        <taskdef name="report" classname="org.jacoco.ant.ReportTask" classpathref="maven.plugin.classpath"/>
                                         <report>
                                             <executiondata>
-                                                <file file="${top.level.basedir}/target/jacoco-combined.exec" />
+                                                <file file="${top.level.basedir}/target/jacoco-combined.exec"/>
                                             </executiondata>
                                             <structure name="Integration test coverage">
                                                 <classfiles>
-                                                    <fileset dir="${project.build.directory}/jacoco-classes" />
+                                                    <fileset dir="${project.build.directory}/jacoco-classes"/>
                                                 </classfiles>
                                                 <sourcefiles encoding="UTF-8">
-                                                    <fileset dir="${project.build.directory}/jacoco-sources" />
+                                                    <fileset dir="${project.build.directory}/jacoco-sources"/>
                                                 </sourcefiles>
                                             </structure>
-                                            <html destdir="${project.build.directory}/jacoco-report" />
-                                            <xml destfile="${project.build.directory}/jacoco-report/report.xml" />
+                                            <html destdir="${project.build.directory}/jacoco-report"/>
+                                            <xml destfile="${project.build.directory}/jacoco-report/report.xml"/>
                                         </report>
                                     </target>
                                 </configuration>
@@ -1733,7 +1732,7 @@
                                     <perCoreThreadCount>false</perCoreThreadCount>
                                     <runOrder>alphabetical</runOrder>
                                     <groups>MEMORY_TESTS</groups>
-                                    <excludedGroups />
+                                    <excludedGroups/>
                                 </configuration>
                             </execution>
                         </executions>
@@ -1770,7 +1769,7 @@
                                     <perCoreThreadCount>false</perCoreThreadCount>
                                     <runOrder>alphabetical</runOrder>
                                     <groups>PERFORMANCE_TESTS</groups>
-                                    <excludedGroups />
+                                    <excludedGroups/>
                                 </configuration>
                             </execution>
                         </executions>