From 55a5ffaffada75c524b0340cf5ef7fb528c7fad0 Mon Sep 17 00:00:00 2001
From: "cycode-security[bot]"
 <54410473+cycode-security[bot]@users.noreply.github.com>
Date: Wed, 20 May 2026 16:02:55 +0000
Subject: [PATCH] [Cycode] Fix for vulnerable manifest file dependency -
 org.apache.commons:commons-configuration2 updated to version 2.15.0

---
 test/fixtures/hdfs-fixture/build.gradle | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/fixtures/hdfs-fixture/build.gradle b/test/fixtures/hdfs-fixture/build.gradle
index abcbfb1575b64..1a52a485fc72c 100644
--- a/test/fixtures/hdfs-fixture/build.gradle
+++ b/test/fixtures/hdfs-fixture/build.gradle
@@ -83,7 +83,7 @@ dependencies {
   api "ch.qos.logback:logback-classic:1.5.32"
   api "org.jboss.xnio:xnio-nio:3.8.17.Final"
   api 'org.jline:jline:4.0.0'
-  api 'org.apache.commons:commons-configuration2:2.13.0'
+  api 'org.apache.commons:commons-configuration2:2.15.0'
   api 'com.nimbusds:nimbus-jose-jwt:10.8'
   api ('org.apache.kerby:kerb-admin:2.1.1') {
     exclude group: "org.jboss.xnio"
@@ -96,3 +96,4 @@ dependencies {
   runtimeOnly "com.squareup.okio:okio:3.16.4"
   runtimeOnly "org.xerial.snappy:snappy-java:1.1.10.8"
 }
+