Skip to content

feat(QTDI-2292): security 5 CVE issues include #1156

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
yyin-talend merged 12 commits into from
Jan 23, 2026
Merged

feat(QTDI-2292): security 5 CVE issues include #1156

yyin-talend merged 12 commits into from
Jan 23, 2026
+48 −44

Conversation

@yyin-talend
Copy link
Collaborator

@yyin-talend yyin-talend commented Jan 22, 2026

Requirements

  • Any code change adding any logic MUST be tested through a unit test executed with the default build
  • Any API addition MUST be done with a documentation update if relevant

Why this PR is needed?

What does this PR adds (design/code thoughts)?

undx and others added 12 commits January 21, 2026 16:37
@undx
chore(QTDI-2446): bump log4j to 2.25.3
a6f2449
@undx
chore(QTDI-2465): bump logback to 1.5.19
923a705
@undx
chore(QTDI-2457): bump react-router to 6.30.2 to fix cve on @remix-ru…
a6f911a 
…n/router
@undx
chore(QTDI-2457): remove logback fix
abeca5e
@undx
chore(QTDI-2242): bump tomcat to 9.0.110
14f741d
@undx
chore(QTDI-2394): bump rhino to 1.8.1
d53856e
@undx
chore(QTDI-2394): bump rhino to 1.9.0
aa2bb81
@undx
chore(QTDI-2242): bump tomcat to 9.0.113
b8fac94
@yyin-talend
Merge remote-tracking branch 'origin/undx/QTDI-2394-bump-rhino' into …
ccf41ec 
…feat/QTDI-2292_security-5-CVEs
@yyin-talend
Merge remote-tracking branch 'origin/undx/QTDI-2446-bump-log4j' into …
deffa50 
…feat/QTDI-2292_security-5-CVEs

# Conflicts:
#	pom.xml
@yyin-talend
Merge remote-tracking branch 'origin/undx/QTDI-2457-cve-on-react' int…
0c92696 
…o feat/QTDI-2292_security-5-CVEs
@yyin-talend
logback
a364b2f
ozhelezniak-talend
ozhelezniak-talend approved these changes Jan 22, 2026
View reviewed changes
Copy link
Contributor

@ozhelezniak-talend ozhelezniak-talend left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@yyin-talend yyin-talend changed the title Feat/qtdi 2292 security 5 cv es Feat/qtdi 2292 security 5 CVE issues include Jan 22, 2026
@yyin-talend yyin-talend changed the title Feat/qtdi 2292 security 5 CVE issues include Feat(QTDI- 2292) security 5 CVE issues include Jan 22, 2026
@yyin-talend yyin-talend changed the title Feat(QTDI- 2292) security 5 CVE issues include feat(QTDI- 2292): security 5 CVE issues include Jan 22, 2026
@ozhelezniak-talend ozhelezniak-talend changed the title feat(QTDI- 2292): security 5 CVE issues include feat(QTDI-2292): security 5 CVE issues include Jan 22, 2026
@sonar-eks
Copy link

sonar-eks bot commented Jan 23, 2026

Passed Quality Gate passed

Issues

Measures

Project ID: org.talend.sdk.component:component-runtime

View in SonarQube

@yyin-talend yyin-talend merged commit 05b9657 into feat/QTDI-2292_security Jan 23, 2026
6 checks passed
@yyin-talend yyin-talend deleted the feat/QTDI-2292_security-5-CVEs branch January 23, 2026 03:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ozhelezniak-talend ozhelezniak-talend ozhelezniak-talend approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@yyin-talend @ozhelezniak-talend @undx