Outdated Dependencies

[GaneshPatil7517]

Several dependencies in pom.xml could potentially have vulnerabilities:

groovy:3.0.25 - Check if newer LTS versions available
javassist:3.30.2-GA - Verify if latest version is needed
asciidoctorj:2.5.13 - May need updates
freemarker:2.3.34 - Check for security updates
Multiple JNR/ASM libraries - Version management could be improved

[GaneshPatil7517]

hey @lprimak i want to work on this please assign me...

[lprimak]

I think JBake depends on these versions, and it hasn't been updated to the new ones.
But feel free to take a look

[fpapon]

I think we can start thinking moving from JBake to another generator like https://iamroq.com or https://github.com/yupiik/tools-maven-plugin minisite, or another.

[lprimak]

I think we can start thinking moving from JBake

Sounds like a lot of work :)

[GaneshPatil7517]

I've reviewed all dependencies mentioned in this issue. After checking Maven Central, all are already at their latest stable versions:

groovy 3.0.25, javassist 3.30.2-GA, asciidoctorj 2.5.13, freemarker 2.3.34 are all current
ASM libraries at 9.9.1, jnr-posix at 3.1.21 are also latest
Note: asciidoctorj 3.0.0 exists but is a major version with breaking changes—staying on 2.5.x is appropriate
The build verifies cleanly. This issue can be closed as the dependencies are already up to date. Thanks for flagging this for review