Techeer-Hogwarts · HwangMinSeon · Nov 29, 2025 · Nov 29, 2025 · Dec 21, 2025 · Dec 21, 2025
diff --git a/techeerzip/build.gradle b/techeerzip/build.gradle
@@ -48,11 +48,11 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-actuator'
     implementation 'org.springframework.boot:spring-boot-starter-aop'
 
-    // QueryDSL
-    implementation 'com.querydsl:querydsl-core:5.0.0'
-    implementation 'com.querydsl:querydsl-jpa:5.0.0:jakarta'
+    // QueryDSL (CVE-2024-49203 수정 버전)
+    implementation 'com.querydsl:querydsl-core:6.10.1'
+    implementation 'com.querydsl:querydsl-jpa:6.10.1:jakarta'
 
-    annotationProcessor 'com.querydsl:querydsl-apt:5.0.0:jakarta'
+    annotationProcessor 'com.querydsl:querydsl-apt:6.10.1:jakarta'
     annotationProcessor 'jakarta.annotation:jakarta.annotation-api'
     annotationProcessor 'jakarta.persistence:jakarta.persistence-api'
 
@@ -81,9 +81,18 @@ dependencies {
     testImplementation 'org.testcontainers:junit-jupiter'
     testImplementation 'org.testcontainers:postgresql'
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+
+    // Testcontainers
+    testImplementation 'org.testcontainers:testcontainers:1.19.3'
+    testImplementation 'org.testcontainers:junit-jupiter:1.19.3'
+    testImplementation 'org.testcontainers:postgresql:1.19.3'
 
     // SpringDoc OpenAPI (테스트 용도)
     implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.0.2'
+
+    // 보안 취약점 해결을 위한 전이 의존성 버전 지정
+    implementation 'org.apache.commons:commons-compress:1.28.0'
+    implementation 'org.apache.commons:commons-lang3:3.18.0'
 
     // S3
     implementation "software.amazon.awssdk:s3:2.31.32"