From c8989ff84ff7e307bfd9b9534a438d88079a34c9 Mon Sep 17 00:00:00 2001
From: "snyk-io-us[bot]" <152054537+snyk-io-us[bot]@users.noreply.github.com>
Date: Wed, 22 Apr 2026 02:34:44 +0000
Subject: [PATCH] fix: todolist-goof/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHESTRUTS-6102825
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHESTRUTS-8496612
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHESTRUTS-14172798
- https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-16109615
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-10734078
- https://snyk.io/vuln/SNYK-JAVA-COMMONSFILEUPLOAD-10363252
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHESTRUTS-6100744
- https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-16109618
- https://snyk.io/vuln/SNYK-JAVA-COMMONSIO-8161190
---
 todolist-goof/pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/todolist-goof/pom.xml b/todolist-goof/pom.xml
index f02be37757..0f4e792071 100644
--- a/todolist-goof/pom.xml
+++ b/todolist-goof/pom.xml
@@ -10,10 +10,10 @@
     <url>https://github.com/snyk/java-goof</url>
 
     <properties>
-        <spring.version>3.2.6.RELEASE</spring.version>
+        <spring.version>6.2.17</spring.version>
         <hibernate.version>4.3.7.Final</hibernate.version>
         <tapestry.version>5.3.8</tapestry.version>
-        <struts2.version>6.3.0</struts2.version>
+        <struts2.version>7.1.1</struts2.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>