From 988a8336d041f0c4ddd567b63efd1550e332ac89 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 4 Oct 2024 10:52:56 +0000
Subject: [PATCH] fix: pom.xml & dspace-oai/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMMONSIO-8161190
---
 dspace-oai/pom.xml | 2 +-
 pom.xml            | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/dspace-oai/pom.xml b/dspace-oai/pom.xml
index 27efba73d069..081611232295 100644
--- a/dspace-oai/pom.xml
+++ b/dspace-oai/pom.xml
@@ -15,7 +15,7 @@
     <properties>
         <!-- This is the path to the root [dspace-src] directory. -->
         <root.basedir>${basedir}/..</root.basedir>
-        <xoai.version>3.3.0</xoai.version>
+        <xoai.version>4.2.0</xoai.version>
         <jtwig.version>5.87.0.RELEASE</jtwig.version>
     </properties>
 
diff --git a/pom.xml b/pom.xml
index 3d9e6851d1d0..f88b0b0b2ecb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -115,7 +115,7 @@
                             </goals>
                             <configuration>
                                 <rules>
-                                    <DependencyConvergence />
+                                    <DependencyConvergence/>
                                 </rules>
                             </configuration>
                         </execution>
@@ -1489,7 +1489,7 @@
             <dependency>
                 <groupId>commons-io</groupId>
                 <artifactId>commons-io</artifactId>
-                <version>2.7</version>
+                <version>2.14.0</version>
             </dependency>
             <dependency>
                 <groupId>org.apache.commons</groupId>