Skip to content

Bump the prod-deps group with 2 updates#298

Merged
skunkworks-rabot merged 1 commit into
release/1.10.xfrom
dependabot/maven/release/1.10.x/prod-deps-56300b33c2
Jun 15, 2026
Merged

Bump the prod-deps group with 2 updates#298
skunkworks-rabot merged 1 commit into
release/1.10.xfrom
dependabot/maven/release/1.10.x/prod-deps-56300b33c2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the prod-deps group with 2 updates: org.springframework.boot:spring-boot-dependencies and org.javers:javers-core.

Updates org.springframework.boot:spring-boot-dependencies from 4.0.6 to 4.0.7

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v4.0.7

🐞 Bug Fixes

  • MailSender auto-configuration does not enable hostname verification #50746
  • Artemis auto-configuration uses a predictable default location for the embedded broker's data #50744
  • NullPointerException in reactor-netty SniProvider and unmapped SSL bundle with RSocket #50640
  • SSL should not be enabled when a SSL bundle is overridden to an empty string #50634
  • Docker Compose support does not restore thread interrupt flag when catching InterruptedException #50617
  • RabbitProperties enables SSL even when spring.rabbitmq.ssl.bundle is overridden to an empty string #50611
  • NullPointerException in reactor-netty SniProvider when SSL bundle uses client-auth or server truststore without server-name-bundles #50609
  • Test auto-configuration no longer integrates Spring Security with HtmlUnitDriver #50602
  • Layer written outside the output location of '//' exception is thrown when using extract layers in root directory #50509
  • ConfigurationPropertiesReportEndpoint exposes AOP proxy internals #50416
  • Created StackTracePrinter instances have no access to the Environment #50413
  • MappingsEndpoint reports the context's own ID as parentId when a parent exists #50411
  • Buildpack module does not validate long-to-int casts #50409
  • GraphQL WebSocket support does not configure allowed origins #50393
  • Configuration property metadata includes incorrect class references #50375
  • Spring Boot Loader Does Not Support RSA and EC Signed Jars #50297
  • Meter registries are not removed from the global registry when the context is closed #50286
  • Nullable annotations from AbstractErrorController.getErrorAttributes are not aligned with implementation #50265
  • EndpointRequest links matcher unnecessarily matches HTTP methods other than GET #50260
  • Actuator's '/cloudfoundryapplication' endpoint does not work if restrictive CORS configuration is provided using a bean named corsConfigurationSource #50257
  • ThreadPoolTaskScheduleBuilder unnecessarily loses precision when configuring await termination time #50233
  • NimbusJwtDecoder silently accepts unknown values for spring.security.oauth2.resourceserver.jwt.jws-algorithms #50227
  • Apply HTML escaping to timestamp attribute in Whitelabel error page #50215
  • Setting server.servlet.session.cookie.partitioned=true has no effect when using Tomcat #50201

📔 Documentation

  • Fix reference to Gradle documentation for module replacement #50646
  • Document SSL reloading with Let's Encrypt #50629
  • Remove the use of Optional from Data Neo4j repository examples #50621
  • Fix typos in documentation #50619
  • Clarify dependency requirement for Bean Validation support #50613
  • Document Java 25 requirement for AOT cache #50484
  • Add links for Java CAS Client Spring Boot Starter #50281
  • Document known testcontainers lifecycle issues #50219
  • Document adding multiple connectors for Jetty #50217
  • Polish InvalidConfigurationPropertyValueException constructor javadoc #50213
  • Fix typo in Spring Security OAuth2 client registration documentation #50198

🔨 Dependency Upgrades

... (truncated)

Commits
  • 6f7341c Release v4.0.7
  • 9755ff2 Upgrade to Spring Batch 6.0.4
  • d549d07 Upgrade to Spring Integration 7.0.5
  • 4d9e463 Merge branch '3.5.x' into 4.0.x
  • b068647 Upgrade to Spring Integration 6.5.9
  • bb247bb Merge branch '3.5.x' into 4.0.x
  • 339ce3d Merge branch '3.5.x' into 4.0.x
  • 327bef3 Enable hostname verification by default in Mail auto-config
  • 4218bd7 Fix predictable temp directory in Artemis embedded configuration
  • 3da6e9a Upgrade to Spring GraphQL 2.0.4
  • Additional commits viewable in compare view

Updates org.javers:javers-core from 7.11.1 to 7.11.4

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the prod-deps group with 2 updates
bdda08c 
Bumps the prod-deps group with 2 updates: [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) and [org.javers:javers-core](https://github.com/javers/javers).


Updates `org.springframework.boot:spring-boot-dependencies` from 4.0.6 to 4.0.7
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.6...v4.0.7)

Updates `org.javers:javers-core` from 7.11.1 to 7.11.4
- [Release notes](https://github.com/javers/javers/releases)
- [Commits](javers/javers@v7.11.1...v7.11.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 4.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: org.javers:javers-core
  dependency-version: 7.11.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested review from a team and skunkworks-rabot as code owners June 15, 2026 14:57
@sonarqubecloud

sonarqubecloud Bot commented Jun 15, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@skunkworks-rabot skunkworks-rabot merged commit 5917d6e into release/1.10.x Jun 15, 2026
3 of 8 checks passed
@skunkworks-rabot skunkworks-rabot deleted the dependabot/maven/release/1.10.x/prod-deps-56300b33c2 branch June 15, 2026 14:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@skunkworks-rabot skunkworks-rabot skunkworks-rabot approved these changes

Assignees

No one assigned

Labels

dependency-update

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@skunkworks-rabot