I have an old (~2005) java EE project which I would like to update to the latest dependencies.
The web project doesn't have any software project management tool like Maven or Gradle.
Some dependencies and versions:
Yes, it's this old.
I would like to update to the leatest TomCat, Hibernate, and MySql. If it's not necessary, I won't update Struts. What is the best way to do it? Do it version by version or just jump to the leatest?
We can't tell you what is strictly necessary to upgrade the dependencies. It depends on the nature of your old application and what your reasons for upgrading are. However, looking at the dependencies, these are some inherent reasons to upgrade:
Security vulnerabilities don't always need to be fixed. It depends on 1) how exposed the application is to untrustworthy people, and 2) the possible impact of someone exploiting the vulnerability. And there are potential mitigations; e.g. blocking any external access to the database.
The other thing you wanted was advice on whether to do everything at once, or to upgrade the dependencies one at a time.
I have a feeling it is going to be difficult whichever way you do it. For example, if you upgrade to Java 8 first, there is no guarantee that the old versions of dependencies will run on Java 8. (Though it is lot more likely to work than if upgraded all the way to Java 21 LTS. That's almost guaranteed to fail!) Likewise, if you upgrade to MySQL 8.x you are liable to have problems finding Java 6 compatible JDBC drivers.
Can I put it to you that there may be another alternative. Throw away1 the old code-base and start again! The code-base is nearly 20 years old, and it would have been designed for requirements from 20 years ago, based on UI design, etc from 20 years ago. Even if you succeed in migrating it, and make cosmetic UI changes, it will still look and behave like an old product.
1 - Not literally, of course. And there could well be core functionality / business logic that is independent of the "framework" of the EE application that can be salvaged. But even there, you will still most likely be using mostly Java 5 and earlier libraries and language features. A lot of good things have happened to Java since; e.g. lambdas, streams, records, etcetera.