Skip to content

chore(deps): bump the all-maven group across 1 directory with 3 updates#60

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/backend-spring/all-maven-055ac8efe0
Open

chore(deps): bump the all-maven group across 1 directory with 3 updates#60
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/backend-spring/all-maven-055ac8efe0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 30, 2026

Bumps the all-maven group with 3 updates in the /backend-spring directory: org.springframework.boot:spring-boot-starter-parent, org.testcontainers:testcontainers-bom and cn.hutool:hutool-all.

Updates org.springframework.boot:spring-boot-starter-parent from 3.2.5 to 4.0.6

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v4.0.6

🐞 Bug Fixes

  • Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not #50188
  • Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client #50187
  • ApplicationPidFileWriter does not handle symlinks correctly #50185
  • RandomValuePropertySource is not suitable for secrets #50183
  • Cassandra auto-configuration misconfigures CqlSessionBuilder #50180
  • ApplicationTemp does not handle symlinks correctly #50178
  • Remote DevTools performs comparison incorrectly #50176
  • spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50174
  • Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50077
  • Classic starters are missing several modules #50071
  • Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic #50069
  • Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50064
  • EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50039
  • WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50017
  • Imports on a containing test class are ignored when a nested class has imports #50012
  • With spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled #49951
  • 500 response from env endpoint when supplied pattern is invalid #49946
  • Reactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver #49945
  • HTTP method is lost when configuring excludes in EndpointRequest #49943
  • Honor HttpMethod for reactive additional endpoint paths #49880
  • Docker Compose support doesn't work with apache/artemis image #49869
  • Docker Compose support doesn't work with apache/activemq image #49866
  • Spring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test #49854
  • API versioning path strategy should be applied path last as it is not meant to yield #49800

📔 Documentation

  • Update docs to encourage Java fundamentals for beginners that prefer to learn that way #50146
  • HTTP Service Interface Clients still document that API versioning can be configured via properties #50126
  • Link to the observability section of the Lettuce documentation is broken #50097
  • Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50085
  • MySamlRelyingPartyConfiguration is missing a Kotlin sample #50024
  • Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50019
  • Link to the Kubernetes documentation when discussing startup probes #50015
  • Typo in JdbcSessionAutoConfiguration Javadoc #49873
  • Clarify that configuration property default values are not available through the Environment #49851
  • Document the need for Liquibase and Flyway starters #49839
  • Kafka documentation refers to deprecated JSON serializer and deserializer classes #49826

🔨 Dependency Upgrades

... (truncated)

Commits
  • 8821ad2 Release v4.0.6
  • 9e4048a Merge branch '3.5.x' into 4.0.x
  • 20bb11c Next development version (v3.5.15-SNAPSHOT)
  • 98daa8e Merge branch '3.5.x' into 4.0.x
  • 9dc5aa2 Polish
  • 874f629 Fix default security with actuator but without health
  • e41b3bf Enable hostname verification for SSL connections to Elasticsearch
  • ef8527b Merge branch '3.5.x' into 4.0.x
  • f533a45 Do not follow symlinks when writing PID file
  • 4a7bd33 Merge branch '3.5.x' into 4.0.x
  • Additional commits viewable in compare view

Updates org.testcontainers:testcontainers-bom from 1.21.4 to 2.0.5

Release notes

Sourced from org.testcontainers:testcontainers-bom's releases.

2.0.5

What's Changed

🚀 Features & Enhancements

🐛 Bug Fixes

📖 Documentation

🧹 Housekeeping

📦 Dependency updates

2.0.4

... (truncated)

Commits
  • 5c44820 Fix typo (#11717)
  • 84b1c3a Add getHttpPort and getGrpcPort methods in WeaviateContainer (#11712)
  • a412b8e Use weaviate client v6 (#11711)
  • 058fa82 Combined dependencies PR (#11710)
  • 773f344 Merge remote-tracking branch 'origin/dependabot/gradle/modules/hivemq/ch.qos....
  • ebe6043 Merge remote-tracking branch 'origin/dependabot/gradle/modules/activemq/org.a...
  • 5248d1d Merge remote-tracking branch 'origin/dependabot/gradle/modules/scylladb/softw...
  • ab781f6 Combined dependencies PR (#11708)
  • 2d6c1be Merge remote-tracking branch 'origin/dependabot/gradle/core/org.jetbrains-ann...
  • e76c291 Merge remote-tracking branch 'origin/dependabot/gradle/core/org.junit.platfor...
  • Additional commits viewable in compare view

Updates cn.hutool:hutool-all from 5.8.44 to 5.8.46

Release notes

Sourced from cn.hutool:hutool-all's releases.

v5.8.46

5.8.46(2026-05-25) 🐣新特性 【core 】 AnnotationUtil新增两级缓存架构,提升高频注解解析性能(pr#1434@Gitee) 【core 】 RegexPool.PLATE_NUMBER新增粤AP号段支持(issue#IJNDJR@Gitee) 🐞Bug修复 【db 】 修复Page和PageResult首页调用问题(issue#IH7A18@Gitee) 【ai 】 修复AI SPI classloader找不到实现问题(issue#4241@Github) 【extra 】 修复ExpressionEngine中SpELEngine、MVEL白名单无效问题(issue#4249@Github) 【core 】 修复JNDIUtil远程加载漏洞(issue#4249@Github) 【core 】 修复ValidateObjectInputStream白名单规则问题(issue#4249@Github) 【core 】 修复VersionUtil比对null时结果异常问题(issue#IJNFQZ@Gitee) 【core 】 修复BeanConverter和MapConverter源Bean判断问题(pr#4252@Github)

Changelog

Sourced from cn.hutool:hutool-all's changelog.

5.8.46(2026-05-25)

🐣新特性

  • 【core 】 AnnotationUtil新增两级缓存架构,提升高频注解解析性能(pr#1434@Gitee)
  • 【core 】 RegexPool.PLATE_NUMBER新增粤AP号段支持(issue#IJNDJR@Gitee)

🐞Bug修复

  • 【db 】 修复PagePageResult首页调用问题(issue#IH7A18@Gitee)
  • 【ai 】 修复AI SPI classloader找不到实现问题(issue#4241@Github)
  • 【extra 】 修复ExpressionEngine中SpELEngine、MVEL白名单无效问题(issue#4249@Github)
  • 【core 】 修复JNDIUtil远程加载漏洞(issue#4249@Github)
  • 【core 】 修复ValidateObjectInputStream白名单规则问题(issue#4249@Github)
  • 【core 】 修复VersionUtil比对null时结果异常问题(issue#IJNFQZ@Gitee)
  • 【core 】 修复BeanConverterMapConverter源Bean判断问题(pr#4252@Github)

5.8.45(2026-05-19)

🐣新特性

  • 此版本发布出现问题,跳过!

🐞Bug修复

Commits
  • a0bd223 Prepare release
  • 80ef0ba release 5.8.46
  • 8456177 prepare 5.8.46
  • 3c8c0a3 🚀 release5.8.45
  • 510ff83 $'\U1F680'release5.8.45
  • 079a813 修复BeanConverterMapConverter源Bean判断问题(pr#4252@Github)
  • 62f240a Merge pull request #4252 from Faerytale/v5-dev
  • 64fc614 fix: BeanConverter和MapConverter对源Bean使用isReadableBean替代isBean
  • eaecb10 修复VersionUtil比对null时结果异常问题(issue#IJNFQZ@Gitee)
  • 6d8dd97 RegexPool.PLATE_NUMBER新增粤AP号段支持(issue#IJNDJR@Gitee)
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the all-maven group across 1 directory with 3 updates
f5831dc 
Bumps the all-maven group with 3 updates in the /backend-spring directory: [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot), [org.testcontainers:testcontainers-bom](https://github.com/testcontainers/testcontainers-java) and [cn.hutool:hutool-all](https://github.com/looly/hutool).


Updates `org.springframework.boot:spring-boot-starter-parent` from 3.2.5 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.2.5...v4.0.6)

Updates `org.testcontainers:testcontainers-bom` from 1.21.4 to 2.0.5
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](testcontainers/testcontainers-java@1.21.4...2.0.5)

Updates `cn.hutool:hutool-all` from 5.8.44 to 5.8.46
- [Release notes](https://github.com/looly/hutool/releases)
- [Changelog](https://github.com/chinabugotech/hutool/blob/v5-master/CHANGELOG.md)
- [Commits](chinabugotech/hutool@v5.8.44...v5.8.46)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-maven
- dependency-name: org.testcontainers:testcontainers-bom
  dependency-version: 2.0.5
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-maven
- dependency-name: cn.hutool:hutool-all
  dependency-version: 5.8.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-maven
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 30, 2026

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants