From e9f815a11eb143691493545872fec5439e4c3f84 Mon Sep 17 00:00:00 2001
From: Derek Troy-West <derek@factorhouse.io>
Date: Mon, 9 Dec 2024 21:58:05 +1100
Subject: [PATCH] bump jetty10 dependencies

---
 slipway-jetty10/project.clj | 11 ++++++-----
 slipway-jetty9/project.clj  |  4 ++--
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/slipway-jetty10/project.clj b/slipway-jetty10/project.clj
index 61ea42bd..7ab3570f 100644
--- a/slipway-jetty10/project.clj
+++ b/slipway-jetty10/project.clj
@@ -1,4 +1,4 @@
-(defproject io.factorhouse/slipway-jetty10 "1.1.17"
+(defproject io.factorhouse/slipway-jetty10 "1.1.18"
 
   :description "A Clojure Companion for Jetty"
 
@@ -7,8 +7,8 @@
   :license {:name "MIT License"
             :url  "https://github.com/factorhouse/slipway/blob/main/LICENSE"}
 
-  :profiles {:dev   {:dependencies   [[com.fasterxml.jackson.core/jackson-core "2.17.2"] ;; required for internal inconsistency within clj-kondo, kept at latest for CVE avoidance
-                                      [clj-kondo "2023.12.15"]
+  :profiles {:dev   {:dependencies   [[com.fasterxml.jackson.core/jackson-core "2.18.2"] ;; required for internal inconsistency within clj-kondo, kept at latest for CVE avoidance
+                                      [clj-kondo "2024.11.14"]
                                       [clj-http "3.13.0"]
                                       [ch.qos.logback/logback-classic "1.3.14"] ;; Logback 1.3.x supports the Java EE edition whereas logback 1.4.x supports Jakarta EE, otherwise the two versions are feature identical. The 1.5.x continues the 1.4.x series but with logback-access relocated to its own repository.
                                       [ring/ring-anti-forgery "1.3.1"]
@@ -21,9 +21,10 @@
             "kondo" ["with-profile" "+smoke" "run" "-m" "clj-kondo.main" "--lint" "common/src:common-jetty1x/src:test:common/test" "--parallel"]
             "fmt"   ["with-profile" "+smoke" "cljfmt" "check"]}
 
-  :dependencies [[org.clojure/clojure "1.11.4"]
+  :dependencies [[org.clojure/clojure "1.12.0"]
                  [org.clojure/tools.logging "1.3.0"]
-                 [ring/ring-servlet "1.9.6"]
+                 [commons-io "2.16.1"] ;; replaces old version with CVE in ring-servlet, remove when ring bumped to latest
+                 [ring/ring-servlet "1.10.0"]
                  [com.taoensso/sente "1.17.0"]
                  [org.eclipse.jetty.websocket/websocket-jetty-api "10.0.24"]
                  [org.eclipse.jetty.websocket/websocket-jetty-server "10.0.24" :exclusions [org.slf4j/slf4j-api]]
diff --git a/slipway-jetty9/project.clj b/slipway-jetty9/project.clj
index a88d3ada..ae032764 100644
--- a/slipway-jetty9/project.clj
+++ b/slipway-jetty9/project.clj
@@ -1,4 +1,4 @@
-(defproject io.factorhouse/slipway-jetty9 "1.1.17"
+(defproject io.factorhouse/slipway-jetty9 "1.1.18"
 
   :description "A Clojure Companion for Jetty"
 
@@ -23,8 +23,8 @@
 
   :dependencies [[org.clojure/clojure "1.12.0"]
                  [org.clojure/tools.logging "1.3.0"]
-                 [ring/ring-servlet "1.10.0"]
                  [commons-io "2.16.1"]                      ;; replaces old version with CVE in ring-servlet, remove when ring bumped to latest
+                 [ring/ring-servlet "1.10.0"]
                  [com.taoensso/sente "1.17.0"]
                  [org.eclipse.jetty/jetty-server "9.4.56.v20240826"]
                  [org.eclipse.jetty.websocket/websocket-server "9.4.56.v20240826"]