Update all dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
io.github.oshai:kotlin-logging-jvm	7.0.13 → 7.0.14
io.arrow-kt:arrow-core (source)	2.2.0 → 2.2.1.1
org.apache.maven.plugins:maven-compiler-plugin (source)	3.14.1 → 3.15.0
org.codehaus.mojo:properties-maven-plugin (source)	1.2.1 → 1.3.0
org.springframework.boot:spring-boot-starter-parent (source)	3.5.7 → 4.0.2

---

Release Notes

oshai/kotlin-logging (io.github.oshai:kotlin-logging-jvm)

v7.0.14

Compare Source

What's Changed

• Bump actions/upload-pages-artifact from 3 to 4 by @​dependabot[bot] in #​559
• Bump actions/setup-java from 4 to 5 by @​dependabot[bot] in #​560
• Upgrade Gradle wrapper to 8.14.3 by @​Copilot in #​563
• Bump com.android.library from 8.12.0 to 8.12.1 by @​dependabot[bot] in #​561
• Bump jackson from 2.19.2 to 2.20.0 by @​dependabot[bot] in #​565
• Bump com.android.library from 8.12.2 to 8.13.0 by @​dependabot[bot] in #​564
• Bump org.graalvm.sdk:nativeimage from 24.2.2 to 25.0.0 by @​dependabot[bot] in #​568
• Bump org.mockito:mockito-core from 5.19.0 to 5.20.0 by @​dependabot[bot] in #​567
• Bump log4j from 2.25.1 to 2.25.2 by @​dependabot[bot] in #​572
• Bump actions/cache from 4.2.4 to 4.3.0 by @​dependabot[bot] in #​571
• Bump com.diffplug.spotless from 7.2.1 to 8.0.0 by @​dependabot[bot] in #​570
• Bump gradle/actions from 4 to 5 by @​dependabot[bot] in #​574
• Bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19 by @​dependabot[bot] in #​573
• Change LogbackLogEvent to implement ILoggingEvent by @​oshai in #​583

New Contributors

• @​Copilot made their first contribution in #​563

Full Changelog: oshai/kotlin-logging@7.0.13...7.0.14

arrow-kt/arrow (io.arrow-kt:arrow-core)

v2.2.1.1

Compare Source

This release was triggered just because 2.2.1 failed to publish. Please refer to the 2.2.1 release for more information.

v2.2.1

Compare Source

For the full release notes, see the Arrow blog.

What's Changed

• Additional overloads for zipOrAccumulate by @​tibtof in #​3782
• propagate contracts to overloads added in #​3782 by @​tKe in #​3787
• warn on call already handled by @​tKe in #​3786
• Fix #​3791 by @​kyay10 in #​3792
• Ensure sorting is stable by @​kyay10 in #​3801
• Optimize Nel functions by @​kyay10 in #​3802
• Unify handling of addSuppressed by @​kyay10 in #​3793
• Fix #​3799 by @​kyay10 in #​3800
• Remove erroneous mentions of kotlin.Error by @​kyay10 in #​3808
• Cleanup CircuitBreaker by @​kyay10 in #​3797
• Use AutoCloseScope in SuspendApp by @​kyay10 in #​3798
• Prevent error accumulation in withNel when RCE caught by @​kyay10 in #​3812
• Enable "unused value checker" by @​serras in #​3773
• Use guaranteeCase in CircuitBreaker instead of addSuppressed by @​kyay10 in #​3796
• Update to Jackson 3.0 by @​serras in #​3758

New Contributors

• @​tibtof made their first contribution in #​3782

Full Changelog: arrow-kt/arrow@2.2.0...2.2.1

spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-parent)

v4.0.2

Compare Source

⚠️ Noteworthy Changes

• The dependency on org.eclipse.jetty.ee11:jetty-ee11-servlets has been removed from spring-boot-jetty as it was unnecessary and unused. If your application code depends on a class from jetty-ee11-servlets, declare a dependency on it in your build configuration. #​48677

🐞 Bug Fixes

• No TransactionAutoConfiguration with spring-boot-starter-kafka for Spring Boot 4 #​48880
• Evaluation of bean conditions unnecessarily queries the bean factory for types that are not present #​48840
• When a bean condition references a type that is not present, it appears as ? in the condition evaluation report #​48838
• SessionAutoConfiguration creates a DefaultCookieSerializer with a default SameSite of null instead of Lax #​48830
• Setting graphql schema location to "classpath*:graphql/**/" causes failure due to incorrectly packaged test resource #​48829
• Message interpolation by MVC and WebFlux's Validators does not work correctly in a native image #​48828
• CloudFoundry integration fails in Servlet-based web app without a dependency on spring-boot-starter-restclient #​48826
• RestTestClientAutoConfiguration and TestRestTemplateAutoConfiguration should be package-private #​48820
• SSL metrics are no longer auto-configured #​48819
• Actuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) #​48812
• DataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image #​48703
• The spring-boot-cloudfoundry module should only have an optional dependency on spring-boot-security #​48685
• Application JAR created by extract command is not reproductible #​48678
• AOT processing of tests should not be disabled when 'skipTests' is set #​48662
• @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) is no longer applied to the management server #​48653
• Fix zero-length byte buffer in InspectedContent #​48650
• Can no longer override JacksonJsonHttpMessageConverter with ServerHttpMessageConvertersCustomizer #​48635
• HttpServiceClientProperties incorrectly uses the @ConfigurationProperties annotation on a LinkedHashMap class #​48616
• spring-boot-micrometer-tracing-opentelemetry fails if spring-boot-opentelemetry isn't there #​48585
• App fails to start with starter-webmvc and starter-zipkin #​48581
• Micrometer test modules should have an api dependency on micrometer-observation-test #​48386

📔 Documentation

• Fix typo in REST client documentation #​48907
• Remove duplicate word #​48874
• Document support for configuring arguments passed to Docker Compose #​48806
• The documentation related to EnvironmentPostProcessor links to deprecated interface #​48803
• Update documentation for Buildpack's AOT Cache support #​48769
• Correct docs to use new location for error handling configuration properties #​48767
• Document spring-boot-starter-cloudfoundry on Cloud Foundry Support Page #​48675
• Clarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file #​48659
• Example using excludeDevtools property should document that optional dependencies should be enabled #​48641
• Fix grammar and typos in the reference guide #​48601
• Update Tracing section for Spring Boot 4's modularity #​48576

🔨 Dependency Upgrades

• Upgrade to Classmate 1.7.3 #​48783
• Upgrade to Elasticsearch Client 9.2.3 #​48721
• Upgrade to Hibernate 7.2.1.Final #​48857
• Upgrade to HttpClient5 5.5.2 #​48784
• Upgrade to Jackson 2 Bom 2.20.2 #​48910
• Upgrade to Jackson Bom 3.0.4 #​48931
• Upgrade to JUnit Jupiter 6.0.2 #​48785
• Upgrade to Lettuce 6.8.2.RELEASE #​48859
• Upgrade to Logback 1.5.24 #​48786
• Upgrade to Logback 1.5.25 #​48885
• Upgrade to Micrometer 1.16.2 #​48712
• Upgrade to Micrometer Tracing 1.6.2 #​48713
• Upgrade to Native Build Tools Plugin 0.11.4 #​48911
• Upgrade to Pooled JMS 3.1.9 #​48787
• Upgrade to Postgresql 42.7.9 #​48886
• Upgrade to R2DBC MSSQL 1.0.4.RELEASE #​48858
• Upgrade to Reactor Bom 2025.0.2 #​48714
• Upgrade to Spring AMQP 4.0.2 #​48832
• Upgrade to Spring Batch 6.0.2 #​48715
• Upgrade to Spring Data Bom 2025.1.2 #​48716
• Upgrade to Spring Framework 7.0.3 #​48717
• Upgrade to Spring GraphQL 2.0.2 #​48718
• Upgrade to Spring HATEOAS 3.0.2 #​48834
• Upgrade to Spring Integration 7.0.2 #​48833
• Upgrade to Spring Kafka 4.0.2 #​48719
• Upgrade to Spring Pulsar 2.0.2 #​48720
• Upgrade to WebJars Locator Lite 1.1.3 #​48788
• Upgrade to XML Maven Plugin 1.2.1 #​48887

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​GaoSSR, @​ShaunHaldane, @​Zuohuang-Cai, @​izeye, @​mspiess, @​ngocnhan-tran1996, and @​philipbolting

v4.0.1

Compare Source

⚠️ Noteworthy Changes

• Hibernate has been upgraded to 7.2.0.Final in response to Hibernate 7.1 moving to limited support
• spring-boot-starter-kotlin-serialization has been renamed to to spring-boot-starter-kotlinx-serialization-json and spring-boot-starter-kotlin-serialization-test has been renamed to spring-boot-starter-kotlinx-serialization-json-test. This change aligns the starters' names with those of their respective modules
• Using TestRestTemplate now requires a dependency on spring-boot-restclient

🐞 Bug Fixes

• JsonMixinModuleEntriesBeanRegistrationAotProcessor does not handle deprecated code #​48564
• JdbcSessionAutoConfiguration may not match when using the auto-configured DataSource #​48552
• @ServiceConnection for LgtmStackContainer fails when logging endpoint is configured due to multiple OtlpLoggingConnectionDetails beans #​48536
• WebApplicationType does not consider modules when deduced from classpath #​48517
• Spring Session auto-configuration fails in a war deployment as ServerProperties is not available #​48493
• Opentelemetry logging export requires actuator module #​48488
• RabbitHealthIndicator reports an error when version is missing from the connection's server properties #​48487
• Actuator Info class has inconsistent nullability annotations and cannot be built with null value #​48480
• Profiles retained during AOT processing are not configured in a native image #​48476
• Security matchers and WebServerNamespace resolution can fail with NoClassDefFoundError when used in a traditional WAR deployment #​48388
• HealthEndpointGroupMembershipValidator does not consider reactive health indicators causing NoSuchHealthContributorException to be thrown #​48387
• spring.jackson.default-property-inclusion is not applied to content inclusion #​48343
• TestRestTemplate.getRootUri() returns empty string #​48330
• Redis health check reports an error when redis_version is missing from the INFO response #​48328
• Parent's MeterRegistry beans are closed when child context closes #​48325
• HttpMessageConverters picks up converter beans for both client and server #​48310
• Conditions to auto-configure a RestClient are outdated with the modularization #​48308
• A custom JwtTypeValidator that replaces the default can no longer be configured #​48301
• PropertiesRestClientHttpServiceGroupConfigurer has highest precedence, preventing other configurers from being ordered ahead of it #​48296
• SpringBootTest.UseMainMethod.WHEN_AVAILABLE and ALWAYS are incompatible with package-private or parameter-less main method #​48275
• Conditions to auto-configure RestClient-based HTTP service clients are outdated with the modularization #​48274
• Starter for Kotlinx Serialization Json is misnamed #​48262
• ApplicationServletEnvironment is no longer configured in war deployments #​48254
• RestClient.Builder bean present in @SpringBootTest due to spring-boot-starter-webmvc-test, but missing at runtime without restclient starter #​48253
• ProblemDetail is rendered to XML incorrectly #​48222

📔 Documentation

• Harmonize Kotlin example for HTTP Service client support #​48577
• Document HttpMessageConverters detection changes in 4.0.1 #​48574
• Improve javadoc for when to use class names rather than class references #​48569
• Documentation has an outdated reference to the Jackson Kotlin Module #​48534
• Caching documentation should clarify how to use a no-op implementation to run a test suite #​48532
• Document that the default rolling policy for Log4j2 requires logging.file.path to be set #​48527
• Review documentation and migration guide about changes in @AutoConfigureCache #​48522
• License header in build samples is displayed in the reference documentation #​48478
• Configuring Two DataSources How-To code sample is inconsistent #​48449
• Fix links to source files on GitHub #​48398
• Documentation contains broken links to GitHub source files #​48394
• Document that org.aspectj.weaver.Advice must be on the classpath to enable support for Micrometer's annotations #​48360
• Correct the annotation in the Kotlin @ConfigurationPropertiesSource example #​48357
• Polish TestRestTemplate examples in the reference guide #​48336
• Documentation missing for LocalTestWebServer #​48333
• Update "Creating Your Own Starter" following modularisation #​48317
• Fix links to javadoc in the reference documentation #​48300
• Update references for RestTemplateCustomizer and RestTemplateBuilder classes in documentation #​48295
• Remove modules section of the README following modularisation #​48291
• Wrong number in Graceful Shutdown chapter #​48284
• Mention new spring-boot-h2console module when describing how to use H2 Console #​48278
• Clarify that @EnableBatchProcessing turns off all batch auto-configuration, including schema initialization #​48266
• Documented replacements for spring.jackson.generator and spring.jackson.parser are inverted #​48255
• Document the need for a JdbcDialect bean when using Spring Data JDBC and AOT #​48240
• Update reference documentation as Spring Batch's resourceless infrastructure means that it no longer always requires a DataSource #​48233
• Kotlin auto-configuration examples are not annotated with @AutoConfiguration #​48228
• Revise "Use Liquibase for test-only migrations" section in reference manual #​48219
• Infinispan Cache Documentation is outdated #​48218
• Removed max-attempts properties metadata don't have replacement #​48206
• Polish documentation on testing web applications and the various testing clients that are available #​47948

🔨 Dependency Upgrades

• Upgrade to AspectJ 1.9.25.1 #​48561
• Upgrade to Elasticsearch Client 9.2.2 #​48447
• Upgrade to Groovy 5.0.3 #​48460
• Upgrade to Hibernate 7.2.0.Final #​48518
• Upgrade to Jackson Bom 3.0.3 #​48462
• Upgrade to Jetty 12.1.5 #​48463
• Upgrade to jOOQ 3.19.29 #​48464
• Upgrade to Json Path 2.10.0 #​48553
• Upgrade to Log4j2 2.25.3 #​48551
• Upgrade to MariaDB 3.5.7 #​48562
• Upgrade to Micrometer 1.16.1 #​48433
• Upgrade to Micrometer Tracing 1.6.1 #​48434
• Upgrade to MongoDB 5.6.2 #​48501
• Upgrade to Netty 4.2.9.Final #​48544
• Upgrade to Pooled JMS 3.1.8 #​48563
• Upgrade to Pulsar 4.1.2 #​48465
• Upgrade to Quartz 2.5.2 #​48466
• Upgrade to Reactor Bom 2025.0.1 #​48435
• Upgrade to Spring AMQP 4.0.1 #​48436
• Upgrade to Spring Batch 6.0.1 #​48437
• Upgrade to Spring Data Bom 2025.1.1 #​48438
• Upgrade to Spring Framework 7.0.2 #​48439
• Upgrade to Spring GraphQL 2.0.1 #​48440
• Upgrade to Spring HATEOAS 3.0.1 #​48481
• Upgrade to Spring Integration 7.0.1 #​48482
• Upgrade to Spring Kafka 4.0.1 #​48441
• Upgrade to Spring LDAP 4.0.1 #​48442
• Upgrade to Spring Pulsar 2.0.1 #​48443
• Upgrade to Spring Security 7.0.2 #​48444
• Upgrade to Spring Session 4.0.1 #​48445
• Upgrade to Testcontainers 2.0.3 #​48545
• Upgrade to Tomcat 11.0.15 #​48467
• Upgrade to UnboundID LDAPSDK 7.0.4 #​48468

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Nhahan, @​arey, @​banseok1216, @​berry120, @​candrews, @​dmitrysulman, @​geopark021, @​hktechn0, @​igslznev, @​jwalter, @​kzander91, @​michaldo, @​mzeijen, @​ngocnhan-tran1996, @​noojung, @​scottfrederick, @​vpavic, and @​youngledo

v4.0.0

Compare Source

Full release notes for Spring Boot 4.0 are available on the wiki. There is also a migration guide to help you upgrade from Spring Boot 3.5.

⭐ New Features

• Change tomcat and jetty runtime modules to starters #​48175
• Rename spring-boot-kotlin-serialization to align with the name of the Kotlinx module that it pulls in #​48076

🐞 Bug Fixes

• Error properties are a general web concern and should not be located beneath server.* #​48201
• With both Jackson 2 and 3 on the classpath, @JsonTest fails due to duplicate jacksonTesterFactoryBean #​48198
• Gradle war task does not exclude starter POMs from lib-provided #​48197
• spring.test.webclient.mockrestserviceserver.enabled is not aligned with its module's name #​48193
• SslMeterBinder doesn't register metrics for dynamically added bundles if no bundles exist at bind time #​48182
• Properties bound in the child management context ignore the parent's environment prefix #​48177
• ssl.chain.expiry metrics doesn't update for dynamically registered SSL bundles #​48171
• Starter for spring-boot-micrometer-metrics is missing #​48161
• Elasticsearch client's sniffer functionality should not be enabled by default #​48155
• spring-boot-starter-elasticsearch should depend on elasticsearch-java #​48141
• Auto-configuration exclusions are checked using a different class loader to the one that loads auto-configuration classes #​48132
• New arm64 macbooks fail to bootBuildImage due to incorrect platform image #​48128
• Properties for configuring an isolated JsonMapper or ObjectMapper are incorrectly named #​48116
• Buildpack fails with recent Docker installs due to hardcoded version in URL #​48103
• Image building may fail when specifying a platform if an image has already been built with a different platform #​48099
• Default values of Kotlinx Serialization JSON configuration properties are not documented #​48097
• Custom XML converters should override defaults in HttpMessageConverters #​48096
• Kotlin serialization is used too aggressively when other JSON libraries are available #​48070
• PortInUseException incorrectly thrown on failure to bind port due to Netty IP misconfiguration #​48059
• Auto-configured JCacheMetrics cannot be customized #​48057
• WebSecurityCustomizer beans are excluded by WebMvcTest #​48055
• Deprecated EnvironmentPostProcessor does not resolve arguments #​48047
• RetryPolicySettings should refer to maxRetries, not maxAttempts #​48023
• Devtools Restarter does not work with a parameterless main method #​47996
• Dependency management for Kafka should not manage Scala 2.12 libraries #​47991
• spring-boot-mail should depend on jakarta.mail:jakarta.mail-api and org.eclipse.angus:angus-mail instead of org.eclipse.angus:jakarta.mail #​47983
• spring-boot-starter-data-mongodb-reactive has dependency on reactor-test #​47982
• Support for ReactiveElasticsearchClient is in the wrong module #​47848

📔 Documentation

• Removed property spring.test.webclient.register-rest-template is still documented #​48199
• Mention support for detecting AWS ECS in "Deploying to the Cloud" #​48170
• Revise AWS section of "Deploying to the Cloud" in reference manual #​48163
• Fix typo in PortInUseException Javadoc #​48134
• Correct section about required setters in "Type-safe Configuration Properties" #​48131
• Use since attribute in configuration properties deprecation consistently #​48122
• Document EndpointJsonMapper and management.endpoints.jackson.isolated-json-mapper #​48115
• Document support for configuring servlet context init parameters using properties #​48112
• Some configuration properties are not documented in the appendix #​48095
• Clarify how warnings about soon-to-expire SSL certificates are reported #​48063
• Document how to use ContextPropagatingTaskDecorator for propagating trace context over thread boundaries #​48053
• Document the level of support for the OpenTelemetry APIs #​47960
• Document that you need to build with Java 25 for buildpack build-image Graal support #​45501

🔨 Dependency Upgrades

• Upgrade to Cassandra Driver 4.19.2 #​48184
• Upgrade to DB2 JDBC 12.1.3.0 #​48087
• Upgrade to Elasticsearch Client 9.2.1 #​48137
• Upgrade to GraphQL Java 25.0 #​48034
• Upgrade to Hibernate 7.1.8.Final #​48150
• Upgrade to Jackson Bom 3.0.2 #​48089
• Upgrade to Jetty 12.1.4 #​48120
• Upgrade to Jetty Reactive HTTPClient 4.1.4 #​48151
• Upgrade to jOOQ 3.19.28 #​48090
• Upgrade to Kafka 4.1.1 #​48185
• Upgrade to Logback 1.5.21 #​48091
• Upgrade to Micrometer 1.16.0 #​47820
• Upgrade to Micrometer Tracing 1.6.0 #​47821
• Upgrade to MySQL 9.5.0 #​48092
• Upgrade to Native Build Tools Plugin 0.11.3 #​48051
• Upgrade to Neo4j Java Driver 6.0.2 #​47997
• Upgrade to Prometheus Client 1.4.3 #​48093
• Upgrade to Reactor Bom 2025.0.0 #​47822
• Upgrade to Spring AMQP 4.0.0 #​47823
• Upgrade to Spring Batch 6.0.0 #​47834
• Upgrade to Spring Data Bom 2025.1.0 #​47824
• Upgrade to Spring Framework 7.0.1 #​48168
• Upgrade to Spring GraphQL 2.0.0 #​47826
• Upgrade to Spring HATEOAS 3.0.0 #​47827
• Upgrade to Spring Integration 7.0.0 #​47828
• Upgrade to Spring Kafka 4.0.0 #​47829
• Upgrade to Spring LDAP 4.0.0 #​47999
• Upgrade to Spring Pulsar 2.0.0 #​47830
• Upgrade to Spring RESTDocs 4.0.0 #​47831
• Upgrade to Spring Security 7.0.0 #​47832
• Upgrade to Spring Session 4.0.0 #​48000
• Upgrade to Spring WS 5.0.0 #​47833
• Upgrade to Testcontainers 2.0.2 #​48152
• Upgrade to Tomcat 11.0.14 #​48094

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​K-jun98, @​TerryTaoYY, @​filiphr, @​hojooo, @​linw-bai, @​nosan, @​scottfrederick, @​stevearmstrong-dev, @​stewue, and @​vpavic

v3.5.10

🐞 Bug Fixes

• Evaluation of bean conditions unnecessarily queries the bean factory for types that are not present #​48836
• When a bean condition references a type that is not present, it appears as ? in the condition evaluation report #​48835
• Actuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) #​48810
• DataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image #​48702
• Application JAR created by extract command is not reproductible #​48664
• AOT processing of tests should not be disabled when 'skipTests' is set #​48661
• Fix zero-length byte buffer in InspectedContent #​48649

📔 Documentation

• Update documentation for Buildpack's AOT Cache support #​48768
• Document support for configuring arguments passed to Docker Compose #​48657
• Clarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file #​48634
• Fix grammar and typos in the reference guide #​48596

🔨 Dependency Upgrades

• Upgrade to Classmate 1.7.3 #​48775
• Upgrade to Hibernate 6.6.41.Final #​48881
• Upgrade to HttpClient5 5.5.2 #​48777
• Upgrade to Logback 1.5.25 #​48882
• Upgrade to Micrometer 1.15.8 #​48705
• Upgrade to Micrometer Tracing 1.5.8 #​48706
• Upgrade to Pooled JMS 3.1.9 #​48779
• Upgrade to Postgresql 42.7.9 #​48883
• Upgrade to R2DBC MSSQL 1.0.4.RELEASE #​48847
• Upgrade to Reactor Bom 2024.0.14 #​48707
• Upgrade to REST Assured 5.5.7 #​48884
• Upgrade to Spring AMQP 3.2.9 #​48909
• Upgrade to Spring Data Bom 2025.0.8 #​48708
• Upgrade to Spring Integration 6.5.6 #​48921
• Upgrade to Spring Kafka 3.3.12 #​48709
• Upgrade to Spring Pulsar 1.2.14 #​48710
• Upgrade to Undertow 2.3.22.Final #​48848
• Upgrade to WebJars Locator Lite 1.1.3 #​48780

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​GaoSSR, @​izeye, and @​ngocnhan-tran1996

v3.5.9

Compare Source

🐞 Bug Fixes

• RabbitHealthIndicator reports an error when version is missing from the connection's server properties #​48486
• Profiles retained during AOT processing are not configured in a native image #​48475
• NullPointerException in UndertowWebServer.destroy() when using @DirtiesContext and Citrus Spring Boot Simulator #​48450
• Redis health check reports an error when redis_version is missing from the INFO response #​48326
• Parent's MeterRegistry beans are closed when child context closes #​48324
• SpringBootTest.UseMainMethod.WHEN_AVAILABLE and ALWAYS are incompatible with package-private or parameter-less main method #​48271

📔 Documentation

• Documentation has an outdated reference to the Jackson Kotlin Module #​48533
• Caching documentation should clarify how to use a no-op implementation to run a test suite #​48531
• Document that the default rolling policy for Log4j2 requires logging.file.path to be set #​48526
• License header in build samples is displayed in the reference documentation #​48477
• Configuring Two DataSources How-To code sample is inconsistent #​48448
• Improve javadoc for when to use class names rather than class references #​48395
• Document that org.aspectj.weaver.Advice must be on the classpath to enable support for Micrometer's annotations #​48359
• Polish TestRestTemplate examples in the reference guide #​48335
• Fix links to javadoc in the reference documentation #​48299
• Clarify that @EnableBatchProcessing turns off all batch auto-configuration, including schema initialization #​48265
• Kotlin auto-configuration examples are not annotated with @AutoConfiguration #​48227
• Infinispan Cache Documentation is outdated #​48217
• Revise "Use Liquibase for test-only migrations" section in reference manual #​48169

🔨 Dependency Upgrades

• Prevent upgrade to Netty 4.1.129.Final #​48508
• Upgrade to AspectJ 1.9.25.1 #​48557
• Upgrade to Hibernate 6.6.39.Final [#​48540](https:/

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

---

This change is 

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
maven/io.arrow-kt:arrow-core	2.2.1.1	🟢 4.5	Details Check Score Reason Code-Review 🟢 6 Found 10/15 approved changesets -- score normalized to 6 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 7 binaries present in source code Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 9 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected Vulnerabilities ⚠️ 0 15 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
maven/io.github.oshai:kotlin-logging-jvm	7.0.14	Unknown	Unknown
maven/org.apache.maven.plugins:maven-compiler-plugin	3.15.0	🟢 5.7	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 17 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 7 Found 12/17 approved changesets -- score normalized to 7 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Vulnerabilities 🟢 5 5 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
maven/org.codehaus.mojo:properties-maven-plugin	1.3.0	🟢 3.1	Details Check Score Reason Code-Review ⚠️ 2 Found 3/11 approved changesets -- score normalized to 2 Packaging ⚠️ -1 packaging workflow not detected Maintained ⚠️ 2 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 Binary-Artifacts 🟢 9 binaries present in source code Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 3 7 existing vulnerabilities detected

Scanned Files

• pom.xml