SONARJAVA-5608 Update tomcat-embed-jasper to from 9.0.104 to 9.0.105 to suppress alert about CVE-2025-46701 (#5181)

tomasz-tylenda-sonarsource · web-flow · commit 246016842762 · 2025-06-04T11:20:19.000+02:00
diff --git a/java-jsp/pom.xml b/java-jsp/pom.xml
@@ -31,7 +31,7 @@
     <dependency>
       <groupId>org.apache.tomcat.embed</groupId>
       <artifactId>tomcat-embed-jasper</artifactId>
-      <version>9.0.104</version>
+      <version>9.0.105</version>
       <exclusions>
         <exclusion>
           <groupId>org.eclipse.jdt</groupId>
diff --git a/java-jsp/src/main/java/org/sonar/java/jsp/JasperOptions.java b/java-jsp/src/main/java/org/sonar/java/jsp/JasperOptions.java
@@ -232,4 +232,9 @@ public boolean getStrictQuoteEscaping() {
   public boolean getQuoteAttributeEL() {
     return false;
   }
+
+  @Override
+  public String getUseNonstandardTagOptimizations() {
+    return "";
+  }
 }

Original file line number	Diff line number	Diff line change
`@@ -232,4 +232,9 @@ public boolean getStrictQuoteEscaping() {`
`232`	`232`	`public boolean getQuoteAttributeEL() {`
`233`	`233`	`return false;`
`234`	`234`	`}`
	`235`	`+`
	`236`	`+ @Override`
	`237`	`+ public String getUseNonstandardTagOptimizations() {`
	`238`	`+ return "";`
	`239`	`+ }`
`235`	`240`	`}`