Skip to content

build(deps): bump the major-updates group across 1 directory with 5 updates#891

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/essencium-backend/major-updates-b95b07737e
Open

build(deps): bump the major-updates group across 1 directory with 5 updates#891
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/essencium-backend/major-updates-b95b07737e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 23, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the major-updates group with 5 updates in the /essencium-backend directory:

Package From To
org.springframework.boot:spring-boot-starter-parent 3.5.15 4.1.0
org.springdoc:springdoc-openapi-starter-webmvc-ui 2.8.17 3.0.3
net.kaczmarzyk:specification-arg-resolver 3.4.0 4.1.0
com.cosium.code:google-java-format 5.6 6.0
com.cosium.code:git-code-format-maven-plugin 5.6 6.0

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.15 to 4.1.0

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v4.1.0

Full release notes for Spring Boot 4.1 are available on the wiki.

⭐ New Features

  • Add public constructor to InvalidConfigurationPropertyValueException that accepts a cause #50211
  • Reduce memory consumption when repeatedly calling WritableJson.toByteArray #49428

🐞 Bug Fixes

  • MailSender auto-configuration does not enable hostname verification #50747
  • Artemis auto-configuration uses a predictable default location for the embedded broker's data #50745
  • Embedded LDAP SSL should not be enabled when its bundle is empty #50700
  • InetAddressFilter.externalAddresses does not exclude special purpose addresses from RFC 6890 #50668
  • NullPointerException in reactor-netty SniProvider and unmapped SSL bundle with RSocket #50645
  • SSL should not be enabled when a SSL bundle is overridden to an empty string #50635
  • Test auto-configuration no longer integrates Spring Security with HtmlUnitDriver #50633
  • Configuration property metadata includes incorrect class references #50632
  • Docker Compose support does not restore thread interrupt flag when catching InterruptedException #50618
  • RabbitProperties enables SSL even when spring.rabbitmq.ssl.bundle is overridden to an empty string #50612
  • NullPointerException in reactor-netty SniProvider when SSL bundle uses client-auth or server truststore without server-name-bundles #50610
  • SpringJtaPlatform should have been deprecated since 4.1.0-M3 #50592
  • Layer written outside the output location of '//' exception is thrown when using extract layers in root directory #50510
  • ConfigurationPropertiesReportEndpoint exposes AOP proxy internals #50417
  • Created StackTracePrinter instances have no access to the Environment #50414
  • MappingsEndpoint reports the context's own ID as parentId when a parent exists #50412
  • Buildpack module does not validate long-to-int casts #50410
  • Gradle gRPC support fails if protobuf-java dependency is used instead of protobuf-java-util #50405
  • GraphQL WebSocket support does not configure allowed origins #50394
  • Spring Boot Loader Does Not Support RSA and EC Signed Jars #50298
  • Meter registries are not removed from the global registry when the context is closed #50287
  • DataSourceBuilder cannot derive a DataSource from a lazy connection proxy #50271
  • Nullable annotations from AbstractErrorController.getErrorAttributes are not aligned with implementation #50266
  • Bean definitions can be added with an initializer before setAllowBeanDefinitionOverriding is called #50264
  • EndpointRequest links matcher unnecessarily matches HTTP methods other than GET #50261
  • Actuator's '/cloudfoundryapplication' endpoint does not work if restrictive CORS configuration is provided using a bean named corsConfigurationSource #50258
  • ThreadPoolTaskScheduleBuilder unnecessarily loses precision when configuring await termination time #50234
  • NimbusJwtDecoder silently accepts unknown values for spring.security.oauth2.resourceserver.jwt.jws-algorithms #50228
  • Missing dependency management for spring-boot-web-server-test #50224
  • Spring Batch support for MongoDB modules are not included in dependency management #50223
  • Apply HTML escaping to timestamp attribute in Whitelabel error page #50216
  • GrpcServerHealthScheduler is not started in servlet environments #50209
  • Setting server.servlet.session.cookie.partitioned=true has no effect when using Tomcat #50204

📔 Documentation

  • Fix reference to Gradle documentation for module replacement #50647
  • Document SSL reloading with Let's Encrypt #50630
  • Remove the use of Optional from Data Neo4j repository examples #50622
  • Fix typos in documentation #50620

... (truncated)

Commits

Updates org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.17 to 3.0.3

Release notes

Sourced from org.springdoc:springdoc-openapi-starter-webmvc-ui's releases.

springdoc-openapi v3.0.3 released!

Added

  • #3246 – Add Springdoc OpenAPI MCP (Model Context Protocol) support
  • #3256 – Auto-set nullable: true for Kotlin nullable types in schema properties
  • #3239 – Add support for the @Range constraint validation annotation
  • #3244 – Handle default values for LocalDate

Changed

  • Upgrade Spring Boot to version 4.0.5
  • Upgrade swagger-core to version 2.2.47
  • Upgrade swagger-ui to version 5.32.2
  • #3260@ConditionalOnClass(HateoasProperties.class) in SpringDocHateoasConfiguration
  • Forwards all MCP non-transport headers to downstream methods
  • Dynamically resolve the base path from window.location.pathname for MCP UI

Fixed

  • #3258 – Setting API Version Required when using WebFlux breaks the Swagger UI
  • #3259 – Annotated Generic properties getting applied to sibling properties
  • #3255Direction enum: fixed visibility scope of group order so that setGroupsOrder method can be used
  • #3247 – Preserve YAML group URLs in Swagger UI
  • #3245 – Upgrade swagger-core from version 2.2.43 to 2.2.45
  • #3235PropertyResolverUtils retains a JsonNode when reading an ExtensionProperty annotation
  • #3226 – Propagate JsonView context when resolving Page<T> schema

New Contributors

Full Changelog: springdoc/springdoc-openapi@v3.0.2...v3.0.3

springdoc-openapi v3.0.2 released!

Added

  • #3229 – Add support for Spring Framework API Versioning with Functional Endpoints
  • #3208 – Add springdoc.swagger-ui.document-title property

Changed

  • Upgrade Spring Boot to version 4.0.3
  • Upgrade swagger-core to version 2.2.43
  • Upgrade swagger-ui to version 5.32.0
  • Upgrade Scalar to version 0.5.55

Fixed

  • #3232 – Gracefully handle springdoc endpoint paths during API version resolution
  • #3230 – Scalar source URLs resolve to null/<groupName> on second request when using GroupedOpenApi
  • #3228 – springdoc-openapi-starter 3.x doesn't depend on org.springframework.boot:spring-boot-starter

... (truncated)

Changelog

Sourced from org.springdoc:springdoc-openapi-starter-webmvc-ui's changelog.

[3.0.3] - 2026-04-12

Added

  • #3246 – Add Springdoc OpenAPI MCP (Model Context Protocol) support
  • #3256 – Auto-set nullable: true for Kotlin nullable types in schema properties
  • #3239 – Add support for the @Range constraint validation annotation
  • #3244 – Handle default values for LocalDate

Changed

  • Upgrade Spring Boot to version 4.0.5
  • Upgrade swagger-core to version 2.2.47
  • Upgrade swagger-ui to version 5.32.2
  • #3260@ConditionalOnClass(HateoasProperties.class) in SpringDocHateoasConfiguration
  • Forwards all MCP non-transport headers to downstream methods
  • Dynamically resolve the base path from window.location.pathname for MCP UI

Fixed

  • #3258 – Setting API Version Required when using WebFlux breaks the Swagger UI
  • #3259 – Annotated Generic properties getting applied to sibling properties
  • #3255Direction enum: fixed visibility scope of group order so that setGroupsOrder method can be used
  • #3247 – Preserve YAML group URLs in Swagger UI
  • #3245 – Upgrade swagger-core from version 2.2.43 to 2.2.45
  • #3235PropertyResolverUtils retains a JsonNode when reading an ExtensionProperty annotation
  • #3226 – Propagate JsonView context when resolving Page<T> schema

[3.0.2] - 2026-02-27

Added

  • #3229 – Add support for Spring Framework API Versioning with Functional Endpoints
  • #3208 – Add springdoc.swagger-ui.document-title property

Changed

  • Upgrade Spring Boot to version 4.0.3
  • Upgrade swagger-core to version 2.2.43
  • Upgrade swagger-ui to version 5.32.0
  • Upgrade Scalar to version 0.5.55

Fixed

  • #3232 – Gracefully handle springdoc endpoint paths during API version resolution
  • #3230 – Scalar source URLs resolve to null/<groupName> on second request when using GroupedOpenApi
  • #3228 – springdoc-openapi-starter 3.x doesn't depend on org.springframework.boot:spring-boot-starter
  • #3220 – Reachability metadata not compatible with GraalVM 25
  • #3195 – Application won't compile when OpenApi and spring-boot-data-rest is present
  • #3193OpenApi field in SpringDocConfigProperties does not comply with camel case naming conventions

... (truncated)

Commits
  • 3c30283 [maven-release-plugin] prepare release v3.0.3
  • 4184c05 update .gitignore
  • 89745c2 CHANGELOG.md update
  • 4d1a730 Merge pull request #3260 from seregamorph/SpringDocHateoasConfiguration-class...
  • 54e7650 ConditionalOnClass (HateoasProperties.class) in SpringDocHateoasConfiguration
  • 9f354b2 Spring-boot upgrade to version 4.0.5
  • 14df32f Forwards all MCP non-transport headers, to downstream methods
  • 3ee9a44 Forwards all MCP non-transport headers, to downstream methods
  • df99408 upgrade swagger-ui to version 5.32.2
  • 6ee70f4 upgrade swagger-api to version 2.2.47
  • Additional commits viewable in compare view

Updates net.kaczmarzyk:specification-arg-resolver from 3.4.0 to 4.1.0

Release notes

Sourced from net.kaczmarzyk:specification-arg-resolver's releases.

v4.1.0

  • Added character escaping support for LIKE-based specifications. It allows to treat special characters (such as % and _) as literals during database searches - developed by @​Nawrok 🚀

v4.0.0

  • Build integrated with Spring Boot 4 (and related Hibernate version). This version updates to spring-boot-dependencies-4.0.0 and deals with breaking changes from the upstream dependencies.
  • If you need a release compatible with Spring Boot 3.x - please select the latest 3.x version of specification-arg-resolver
  • BREAKING CHANGE: Removed support for Calendar, Date in favour of java.time API (JPA 3.2)
  • BREAKING CHANGE: please be aware that new version of Hibernate may generate different queries than the previous version. In context of this library, this is noticable when generating joins. For the same set of annotations and the same request, SAR 3.x will generate INNER and SAR 4.x will generate LEFT join on implicit join table queries. This is strictly related to Hibernate internals, not SAR-specific behaviour
  • Spring Boot 4 support developed mainly by @​sourcloud 🚀 with review and additional fixes from @​jradlica and @​tkaczmarzyk
  • added support for extended interfaces when generating OpenAPI docs. Developed by @​gibbz00 🚀
  • bumped dependency versions
  • added InIgnoreCase and NotInIgnoreCase - developed by @​cschierle 🚀
  • added case insensitivity support to boolean parameter values - developed by @​cschierle 🚀

v4.0.0-M2

  • added support for extended interfaces when generating OpenAPI docs. Developed by @​gibbz00 🚀
  • bumped dependency versions

v4.0.0-M1

  • Build integrated with Spring Boot 4 M1. Spring Boot 4 will be released in November 2005 and will update to Hibernate 7 and JPA 3.2. This PR updates to spring-boot-4.0.0-M1 and deals with breaking changes from the upstream dependencies.
  • If you need a stable release and/or Spring Boot 3.x compatible - please select the latest 3.x version of specification-arg-resolver
  • BREAKING CHANGE: Removed support for Calendar, Date in favour of java.time API (JPA 3.2)
  • BREAKING CHANGE: please be aware that new version of Hibernate may generate different queries than the previous version. In context of this library, this is noticable when generating joins. For the same set of annotations and the same request, SAR 3.x will generate INNER and SAR 4.x will generate LEFT join on implicit join table queries. This is strictly related to Hibernate internals, not SAR-specific behaviour
  • Developed by @​sourcloud 🚀
Changelog

Sourced from net.kaczmarzyk:specification-arg-resolver's changelog.

v4.1.0

  • Added character escaping support for LIKE-based specifications. It allows to treat special characters (such as % and _) as literals during database searches - developed by @​Nawrok 🚀

v4.0.0

  • Build integrated with Spring Boot 4 (and related Hibernate version). This version updates to spring-boot-dependencies-4.0.0 and deals with breaking changes from the upstream dependencies.
  • If you need a release compatible with Spring Boot 3.x - please select the latest 3.x version of specification-arg-resolver
  • BREAKING CHANGE: Removed support for Calendar, Date in favour of java.time API (JPA 3.2)
  • BREAKING CHANGE: please be aware that new version of Hibernate may generate different queries than the previous version. In context of this library, this is noticable when generating joins. For the same set of annotations and the same request, SAR 3.x will generate INNER and SAR 4.x will generate LEFT join on implicit join table queries. This is strictly related to Hibernate internals, not SAR-specific behaviour
  • Spring Boot 4 support developed mainly by @​sourcloud 🚀 with review and additional fixes from @​jradlica and @​tkaczmarzyk
  • added support for extended interfaces when generating OpenAPI docs. Developed by @​gibbz00 🚀
  • bumped dependency versions
  • added InIgnoreCase and NotInIgnoreCase - developed by @​cschierle 🚀
  • added case insensitivity support to boolean parameter values - developed by @​cschierle 🚀
Commits
  • 7d4bc6b [maven-release-plugin] prepare release v4.1.0
  • 3ac1b34 updated license headers
  • 08094ce Introduce character escaping support (#302)
  • dc3ef24 Bump org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.2.0 (#298)
  • 8782558 Bump io.github.classgraph:classgraph from 4.8.181 to 4.8.184 (#299)
  • 77bc7d0 refactor: clarify variable naming in tests (#300)
  • 9dc4227 Bump org.apache.maven.scm:maven-scm-api from 2.1.0 to 2.2.1 (#296)
  • a400ad2 Bump org.sonatype.central:central-publishing-maven-plugin (#295)
  • 7254c2f Bump org.apache.maven.scm:maven-scm-provider-gitexe from 2.1.0 to 2.2.1 (#288)
  • 72b3d3b updated readme
  • Additional commits viewable in compare view

Updates com.cosium.code:google-java-format from 5.6 to 6.0

Release notes

Sourced from com.cosium.code:google-java-format's releases.

6.0

Breaking changes

  • The minimum JDK version supported by google-java-format is now JDK 21. Therefore this is now the minimum JDK version required by this plugin.

What's Changed

New Contributors

Full Changelog: Cosium/git-code-format-maven-plugin@5.4...6.0

Commits

Updates com.cosium.code:git-code-format-maven-plugin from 5.6 to 6.0

Release notes

Sourced from com.cosium.code:git-code-format-maven-plugin's releases.

6.0

Breaking changes

  • The minimum JDK version supported by google-java-format is now JDK 21. Therefore this is now the minimum JDK version required by this plugin.

What's Changed

New Contributors

Full Changelog: Cosium/git-code-format-maven-plugin@5.4...6.0

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Apr 23, 2026
@dependabot dependabot Bot changed the title build(deps): bump the major-updates group in /essencium-backend with 5 updates build(deps): bump the major-updates group across 1 directory with 5 updates Apr 23, 2026
@dependabot dependabot Bot force-pushed the dependabot/maven/essencium-backend/major-updates-b95b07737e branch 4 times, most recently from 949b846 to 0e7863e Compare April 29, 2026 07:44
@dependabot dependabot Bot force-pushed the dependabot/maven/essencium-backend/major-updates-b95b07737e branch 3 times, most recently from f6a5e04 to ad0c48e Compare May 11, 2026 09:56
@dependabot dependabot Bot force-pushed the dependabot/maven/essencium-backend/major-updates-b95b07737e branch 3 times, most recently from 9d22365 to 26810f4 Compare May 22, 2026 07:42
@dependabot dependabot Bot force-pushed the dependabot/maven/essencium-backend/major-updates-b95b07737e branch from 26810f4 to 0266212 Compare May 25, 2026 11:08
@dependabot dependabot Bot force-pushed the dependabot/maven/essencium-backend/major-updates-b95b07737e branch 2 times, most recently from 5c0337c to 983105a Compare June 3, 2026 23:02
@dependabot
build(deps): bump the major-updates group across 1 directory with 5 u…
e745855 
…pdates

Bumps the major-updates group with 5 updates in the /essencium-backend directory:

| Package | From | To |
| --- | --- | --- |
| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.15` | `4.1.0` |
| [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) | `2.8.17` | `3.0.3` |
| [net.kaczmarzyk:specification-arg-resolver](https://github.com/tkaczmarzyk/specification-arg-resolver) | `3.4.0` | `4.1.0` |
| [com.cosium.code:google-java-format](https://github.com/Cosium/git-code-format-maven-plugin) | `5.6` | `6.0` |
| [com.cosium.code:git-code-format-maven-plugin](https://github.com/Cosium/git-code-format-maven-plugin) | `5.6` | `6.0` |



Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.15 to 4.1.0
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.15...v4.1.0)

Updates `org.springdoc:springdoc-openapi-starter-webmvc-ui` from 2.8.17 to 3.0.3
- [Release notes](https://github.com/springdoc/springdoc-openapi/releases)
- [Changelog](https://github.com/springdoc/springdoc-openapi/blob/v3.0.3/CHANGELOG.md)
- [Commits](springdoc/springdoc-openapi@v2.8.17...v3.0.3)

Updates `net.kaczmarzyk:specification-arg-resolver` from 3.4.0 to 4.1.0
- [Release notes](https://github.com/tkaczmarzyk/specification-arg-resolver/releases)
- [Changelog](https://github.com/tkaczmarzyk/specification-arg-resolver/blob/master/CHANGELOG.md)
- [Commits](tkaczmarzyk/specification-arg-resolver@v3.4.0...v4.1.0)

Updates `com.cosium.code:google-java-format` from 5.6 to 6.0
- [Release notes](https://github.com/Cosium/git-code-format-maven-plugin/releases)
- [Commits](Cosium/git-code-format-maven-plugin@5.6...6.0)

Updates `com.cosium.code:git-code-format-maven-plugin` from 5.6 to 6.0
- [Release notes](https://github.com/Cosium/git-code-format-maven-plugin/releases)
- [Commits](Cosium/git-code-format-maven-plugin@5.6...6.0)

---
updated-dependencies:
- dependency-name: com.cosium.code:git-code-format-maven-plugin
  dependency-version: '6.0'
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major-updates
- dependency-name: com.cosium.code:google-java-format
  dependency-version: '6.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major-updates
- dependency-name: net.kaczmarzyk:specification-arg-resolver
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major-updates
- dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui
  dependency-version: 3.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major-updates
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-version: 4.0.5
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/maven/essencium-backend/major-updates-b95b07737e branch from 983105a to e745855 Compare June 12, 2026 07:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants