From 964757e7407d8a1976073e3d4bd594b83160b3d4 Mon Sep 17 00:00:00 2001
From: Thomas Barber <59735858+tmbrbr@users.noreply.github.com>
Date: Mon, 8 Dec 2025 11:11:24 +0100
Subject: [PATCH 1/2] Reserve Scanner IDs for Foxhound Checks (#9173)

Reserve an ID for each Foxhound scan type.

Signed-off-by: Thomas Barber <59735858+tmbrbr@users.noreply.github.com>
---
 docs/scanners.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/scanners.md b/docs/scanners.md
index 69e89ce21be..d8b2fe4314b 100644
--- a/docs/scanners.md
+++ b/docs/scanners.md
@@ -182,6 +182,10 @@ Scan rules:
 40046   Server Side Request Forgery
 40047   Text4Shell (CVE-2022-42889)
 40048   React4Shell (CVE-2025-55182, CVE-2025-66478)
+40100   Client-Side Data Flow (Foxhound)
+40101   Client-Side Cross-Site Scripting (Foxhound)
+40102   Stored Client-Side Cross-Site Scripting (Foxhound)
+40103   Client-Side Cross-Site Request Forgery (Foxhound)
 
 50000   Active Scan scripts
 50001   Passive Scan scripts

From 785d2b52361e1c1763290daf85816b83429726d3 Mon Sep 17 00:00:00 2001
From: thc202 <thc202@gmail.com>
Date: Mon, 8 Dec 2025 10:21:38 +0000
Subject: [PATCH 2/2] Update FlatLaf

Update FlatLaf to 3.7.
Remove extra char in legal notice entry.

Signed-off-by: thc202 <thc202@gmail.com>
---
 LEGALNOTICE.md     | 6 +++---
 zap/zap.gradle.kts | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/LEGALNOTICE.md b/LEGALNOTICE.md
index 886f1caf675..197609f0b20 100644
--- a/LEGALNOTICE.md
+++ b/LEGALNOTICE.md
@@ -43,8 +43,8 @@ and subject to their respective licenses.
 | commons-logging-1.3.5.jar           | Apache 2.0                |
 | commons-text-1.14.0.jar             | Apache 2.0                |
 | ezmorph-1.0.6.jar                   | Apache 2.0                |
-| flatlaf-3.6.2.jar                   | Apache 2.0                |
-| flatlaf-swingx-3.6.2.jar            | Apache 2.0                |
+| flatlaf-3.7.jar                     | Apache 2.0                |
+| flatlaf-swingx-3.7.jar              | Apache 2.0                |
 | harlib-1.1.3.jar                    | Apache 2.0                |
 | hsqldb-2.7.4.jar                    | BSD                       |
 | jackson-core-asl-1.9.13.jar         | Apache 2.0                |
@@ -55,7 +55,7 @@ and subject to their respective licenses.
 | jgrapht-core-0.9.2.jar              | LGPL 2.1                  |
 | json-lib-2.4-jdk15.jar              | MIT + "Good, Not Evil"    |
 | log4j-1.2-api-2.25.2.jar            | Apache 2.0                |
-| log4j-api-2.25.2".jar               | Apache 2.0                |
+| log4j-api-2.25.2.jar                | Apache 2.0                |
 | log4j-core-2.25.2.jar               | Apache 2.0                |
 | log4j-jul-2.25.2.jar                | Apache 2.0                |
 | rsyntaxtextarea-3.6.0.jar           | BSD-3 clause              |
diff --git a/zap/zap.gradle.kts b/zap/zap.gradle.kts
index 23e96400bd4..2f9993b6548 100644
--- a/zap/zap.gradle.kts
+++ b/zap/zap.gradle.kts
@@ -113,8 +113,8 @@ dependencies {
     api("org.jgrapht:jgrapht-core:0.9.2")
     api("org.swinglabs.swingx:swingx-all:1.6.5-1")
 
-    implementation("com.formdev:flatlaf:3.6.2")
-    implementation("com.formdev:flatlaf-swingx:3.6.2")
+    implementation("com.formdev:flatlaf:3.7")
+    implementation("com.formdev:flatlaf-swingx:3.7")
 
     runtimeOnly("commons-logging:commons-logging:1.3.5")
     runtimeOnly("xom:xom:1.3.9") {