Upgrade Spring Boot from 3.5.x to 4.0.3

[Copilot]

• Update spring-boot-starter-parent version from 3.5.11 to 4.0.3
• Update spring-boot.version property from 3.5.11 to 4.0.3
• Update spring.security.version from 6.5.8 to 7.0.3
• Update spring.cloud-version from 2025.0.0 to 2025.1.1
• Update com.azure.spring.version from 6.0.0 to 7.0.0
• Replace spring-cloud-gcp-dependencies BOM with libraries-bom 26.76.0
• Update io.netty.version from 4.1.123.Final to 4.2.10.Final
• Update spring-vault.version from 3.2.0 to 4.0.1
• Update springdoc.version from 2.8.15 to 3.0.1
• Fix SecretsErrorController.java: move ErrorController import to new org.springframework.boot.webmvc.error package
• Fix ChallengesCtfController.java: replace net.minidev.json with Jackson ObjectNode/ArrayNode
• Add spring-boot-starter-webmvc-test test dependency for AutoConfigureMockMvc
• Update AutoConfigureMockMvc import in all test files to new org.springframework.boot.webmvc.test.autoconfigure package
• Pin Groovy to 4.0.25 to fix thymeleaf-layout-dialect NPE with Spring Boot 4.0's managed Groovy 5.0.4
• Fix Spotless import ordering violations — spotless:apply to re-sort imports after package rename

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Can you update the spring boot version to 4.0?</issue_title>
<issue_description>We need to upgrade our spring boot version to 4.0, for this you need to update all dependencies that are relevant for spring boot</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Update to spring boot 4.0 #2407

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2408

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-1744c3f

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2408)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-1744c3f
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-1744c3f

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecretsErrorController.java
- src/main/java/org/owasp/wrongsecrets/challenges/ChallengesCtfController.java

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2408}

[commjoen]

@copilot can you fix the failing actions in this pr please?

[Copilot]

@copilot can you fix the failing actions in this pr please?

The failing java_swagger_doc workflow was caused by a Spotless import-ordering violation — when AutoConfigureMockMvc was moved to the org.springframework.boot.webmvc.test.autoconfigure package, the imports in the affected test files ended up out of alphabetical order. Fixed in commit 0a9a3ec by running mvn spotless:apply to re-sort all affected imports.

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2408

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-bcc1e6e

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2408)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-bcc1e6e
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-bcc1e6e

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecretsErrorController.java
- src/main/java/org/owasp/wrongsecrets/challenges/ChallengesCtfController.java

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2408}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2408

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-d16f9d2

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2408)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-d16f9d2
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-d16f9d2

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecretsErrorController.java
- src/main/java/org/owasp/wrongsecrets/challenges/ChallengesCtfController.java

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2408}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2408

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-d212994

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2408)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-d212994
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-d212994

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecretsErrorController.java
- src/main/java/org/owasp/wrongsecrets/challenges/ChallengesCtfController.java

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2408}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2408

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-216b9d1

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2408)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-216b9d1
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-216b9d1

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecretsErrorController.java
- src/main/java/org/owasp/wrongsecrets/challenges/ChallengesCtfController.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge59.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/SlackNotificationService.java
- src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/MetaDataChallenge.java
- src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/VaultSubKeyChallenge.java
- src/main/resources/explanations/challenge56_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2408}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2408

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-06e3abe

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2408)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-06e3abe
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-06e3abe

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecretsErrorController.java
- src/main/java/org/owasp/wrongsecrets/challenges/ChallengesCtfController.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge49.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge52.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge59.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/SlackNotificationService.java
- src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/MetaDataChallenge.java
- src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/VaultSubKeyChallenge.java
- src/main/resources/explanations/challenge56_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2408

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2408}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-f1aef53

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2408)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-f1aef53
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2408-f1aef53

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/SecretsErrorController.java
- src/main/java/org/owasp/wrongsecrets/challenges/ChallengesCtfController.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge49.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge52.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge59.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/SlackNotificationService.java
- src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/MetaDataChallenge.java
- src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/VaultSubKeyChallenge.java
- src/main/resources/explanations/challenge56_reason.adoc

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2408}