From ace1af61f866d9a2c5e1842de1e452209a31228f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 2 Aug 2025 09:51:56 +0000
Subject: [PATCH 1/2] fix: rabbit-core/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-10734078
---
 rabbit-core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rabbit-core/pom.xml b/rabbit-core/pom.xml
index bf7b3ae1..49f9f800 100644
--- a/rabbit-core/pom.xml
+++ b/rabbit-core/pom.xml
@@ -118,7 +118,7 @@
 	<dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-compress</artifactId>
-            <version>1.26.0</version>
+            <version>1.28.0</version>
         </dependency>
         <dependency>
             <groupId>com.healthmarketscience.jackcess</groupId>

From 715834ddd10f6630952752162f4a59316907239c Mon Sep 17 00:00:00 2001
From: Jan Blom <jan.j.blom@gmail.com>
Date: Mon, 4 Aug 2025 16:09:42 +0200
Subject: [PATCH 2/2] Resolve dependencies on old version of commons-io

---
 pom.xml             | 16 ++++++++++++++++
 whiterabbit/pom.xml |  6 +++---
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index 04c62b5a..019e4369 100644
--- a/pom.xml
+++ b/pom.xml
@@ -341,4 +341,20 @@
             </resource>
         </resources>
     </build>
+
+	<!-- exclude "old" dependencies globally -->
+	<dependencies>
+		<dependency>
+			<artifactId>commons-io</artifactId>
+			<groupId>commons-io</groupId>
+			<version>2.13.0</version>
+			<scope>provided</scope>
+		</dependency>
+		<dependency>
+			<artifactId>commons-io</artifactId>
+			<groupId>commons-io</groupId>
+			<version>2.20.0</version>
+		</dependency>
+	</dependencies>
+
 </project>
diff --git a/whiterabbit/pom.xml b/whiterabbit/pom.xml
index b0627bcb..0ff23d09 100644
--- a/whiterabbit/pom.xml
+++ b/whiterabbit/pom.xml
@@ -191,7 +191,7 @@
             <dependency>
                 <groupId>commons-io</groupId>
                 <artifactId>commons-io</artifactId>
-                <version>2.15.1</version>
+                <version>2.20.0</version>
             </dependency>
         </dependencies>
     </dependencyManagement>
@@ -208,11 +208,11 @@
             <version>1.7.36</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/commons-io/commons-io -->
-        <dependency>
+        <!--dependency>
             <groupId>commons-io</groupId>
             <artifactId>commons-io</artifactId>
             <version>2.15.1</version>
-        </dependency>
+        </dependency-->
 
 
         <!-- https://mvnrepository.com/artifact/org.testcontainers/testcontainers -->