From cb09daa42f65342950c28e0bb5d22f6c0d89d360 Mon Sep 17 00:00:00 2001
From: bbimber <bbimber@gmail.com>
Date: Tue, 2 Dec 2025 17:39:40 -0800
Subject: [PATCH] Bump lz4-java version

---
 tcrdb/build.gradle      | 7 +++++++
 tcrdb/gradle.properties | 4 +++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/tcrdb/build.gradle b/tcrdb/build.gradle
index 8218384ef..b0eec461e 100644
--- a/tcrdb/build.gradle
+++ b/tcrdb/build.gradle
@@ -5,6 +5,13 @@ repositories {
    mavenCentral()
 }
 
+configurations.all {
+    resolutionStrategy {
+        // Related to: https://nvd.nist.gov/vuln/detail/CVE-2025-12183
+        force "at.yawk.lz4:lz4-java:${lz4Version}"
+    }
+}
+
 dependencies {
    BuildUtils.addLabKeyDependency(project: project, config: "implementation", depProjectPath: ":server:modules:DiscvrLabKeyModules:singlecell", depProjectConfig: "apiJarFile")
    BuildUtils.addLabKeyDependency(project: project, config: "implementation", depProjectPath: ":server:modules:DiscvrLabKeyModules:SequenceAnalysis", depProjectConfig: "apiJarFile")
diff --git a/tcrdb/gradle.properties b/tcrdb/gradle.properties
index 50708a527..8b061f128 100644
--- a/tcrdb/gradle.properties
+++ b/tcrdb/gradle.properties
@@ -1 +1,3 @@
-repseqVersion=1.7.0
\ No newline at end of file
+repseqVersion=1.7.0
+# Related to: https://nvd.nist.gov/vuln/detail/CVE-2025-12183
+lz4Version=1.9.0
\ No newline at end of file