Bump the dependencies group with 4 updates #125

dependabot · 2025-10-27T19:38:52Z

Bumps the dependencies group with 4 updates: org.springframework.boot:spring-boot-starter-web, org.springframework.boot:spring-boot-starter-cache, org.openapitools:jackson-databind-nullable and org.springframework.boot:spring-boot-maven-plugin.

Updates org.springframework.boot:spring-boot-starter-web from 3.5.6 to 3.5.7

Release notes

Sourced from org.springframework.boot:spring-boot-starter-web's releases.

v3.5.7

⭐ New Features

Add TWENTY_FIVE to JavaVersion enum #47609

🐞 Bug Fixes

Signed jar verification fails when nested in an uber war running on an Oracle JVM #47771

In an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location #47737

Homebrew formula for the CLI should use libexec #47722

When virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration #47717

ClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads #47678

OnBeanCondition no longer correctly finds annotations on scoped target proxy beans #47635

JavaVersion doesn't work reliably in native-image #47620

LiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema #47346

Launcher fails to find main method when it is parameterless #47311

Package private Main class using Java 25 is not found by build plugins #47309

Bitnami legacy images are not automatically detected #47275

Maven plugin does not provide an easy way to exclude optional dependencies from uber jar #25403

📔 Documentation

Some spring.test.* properties are not documented #47775

Dependency management for Maven AntRun Plugin is missing changelog link #47744

Developing Your First Spring Boot Application has outdated tools #47700

Include deprecated configuration properties in the reference documentation #47669

Aggregated Javadoc should link to the proper version of JakartaEE #47593

Update javadoc of TestRestTemplate following change to redirect behavior #47474

Use non-deprecated syntax to configure sourceCompatibility #47343

Fix link to Framework's @Bean annotation #47330

Update managed dependency version override examples in documentation #47306

🔨 Dependency Upgrades

Upgrade to ActiveMQ 6.1.8 #47767

Upgrade to Angus Mail 2.0.5 #47525

Upgrade to AssertJ 3.27.6 #47526

Upgrade to Byte Buddy 1.17.8 #47527

Upgrade to Cassandra Driver 4.19.1 #47768

Upgrade to Classmate 1.7.1 #47528

Upgrade to Elasticsearch Client 8.18.8 #47671

Upgrade to Glassfish JAXB 4.0.6 #47529

Upgrade to GraphQL Java 24.3 #47755

Upgrade to Groovy 4.0.29 #47713

Upgrade to Hibernate 6.6.33.Final #47530

Upgrade to HttpClient5 5.5.1 #47531

Upgrade to HttpCore5 5.3.6 #47532

Upgrade to Jakarta Mail 2.1.5 #47533

Upgrade to Jakarta XML Bind 4.0.4 #47242

Upgrade to Jetty 12.0.29 #47728

... (truncated)

Commits

d3152ea Release v3.5.7
af07358 Merge branch '3.4.x' into 3.5.x
b0bef35 Document missing spring.test.* properties
6683d0f Merge branch '3.4.x' into 3.5.x
5ba3642 Next development version (v3.4.12-SNAPSHOT)
59aba4e Merge branch '3.4.x' into 3.5.x
4525a0c Merge pull request #47284 from DKARAGODIN
43d91ae Write signature files to uber wars for Oracle Java 17 verification
eaad688 Upgrade to Spring Batch 5.2.4
edee2de Upgrade to Cassandra Driver 4.19.1
Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter-cache from 3.5.6 to 3.5.7

Release notes

Sourced from org.springframework.boot:spring-boot-starter-cache's releases.

v3.5.7

⭐ New Features

Add TWENTY_FIVE to JavaVersion enum #47609

🐞 Bug Fixes

Signed jar verification fails when nested in an uber war running on an Oracle JVM #47771

In an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location #47737

Homebrew formula for the CLI should use libexec #47722

When virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration #47717

ClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads #47678

OnBeanCondition no longer correctly finds annotations on scoped target proxy beans #47635

JavaVersion doesn't work reliably in native-image #47620

LiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema #47346

Launcher fails to find main method when it is parameterless #47311

Package private Main class using Java 25 is not found by build plugins #47309

Bitnami legacy images are not automatically detected #47275

Maven plugin does not provide an easy way to exclude optional dependencies from uber jar #25403

📔 Documentation

Some spring.test.* properties are not documented #47775

Dependency management for Maven AntRun Plugin is missing changelog link #47744

Developing Your First Spring Boot Application has outdated tools #47700

Include deprecated configuration properties in the reference documentation #47669

Aggregated Javadoc should link to the proper version of JakartaEE #47593

Update javadoc of TestRestTemplate following change to redirect behavior #47474

Use non-deprecated syntax to configure sourceCompatibility #47343

Fix link to Framework's @Bean annotation #47330

Update managed dependency version override examples in documentation #47306

🔨 Dependency Upgrades

Upgrade to ActiveMQ 6.1.8 #47767

Upgrade to Angus Mail 2.0.5 #47525

Upgrade to AssertJ 3.27.6 #47526

Upgrade to Byte Buddy 1.17.8 #47527

Upgrade to Cassandra Driver 4.19.1 #47768

Upgrade to Classmate 1.7.1 #47528

Upgrade to Elasticsearch Client 8.18.8 #47671

Upgrade to Glassfish JAXB 4.0.6 #47529

Upgrade to GraphQL Java 24.3 #47755

Upgrade to Groovy 4.0.29 #47713

Upgrade to Hibernate 6.6.33.Final #47530

Upgrade to HttpClient5 5.5.1 #47531

Upgrade to HttpCore5 5.3.6 #47532

Upgrade to Jakarta Mail 2.1.5 #47533

Upgrade to Jakarta XML Bind 4.0.4 #47242

Upgrade to Jetty 12.0.29 #47728

... (truncated)

Commits

d3152ea Release v3.5.7
af07358 Merge branch '3.4.x' into 3.5.x
b0bef35 Document missing spring.test.* properties
6683d0f Merge branch '3.4.x' into 3.5.x
5ba3642 Next development version (v3.4.12-SNAPSHOT)
59aba4e Merge branch '3.4.x' into 3.5.x
4525a0c Merge pull request #47284 from DKARAGODIN
43d91ae Write signature files to uber wars for Oracle Java 17 verification
eaad688 Upgrade to Spring Batch 5.2.4
edee2de Upgrade to Cassandra Driver 4.19.1
Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter-cache from 3.5.6 to 3.5.7

Release notes

Sourced from org.springframework.boot:spring-boot-starter-cache's releases.

v3.5.7

⭐ New Features

Add TWENTY_FIVE to JavaVersion enum #47609

🐞 Bug Fixes

Signed jar verification fails when nested in an uber war running on an Oracle JVM #47771

In an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location #47737

Homebrew formula for the CLI should use libexec #47722

When virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration #47717

ClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads #47678

OnBeanCondition no longer correctly finds annotations on scoped target proxy beans #47635

JavaVersion doesn't work reliably in native-image #47620

LiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema #47346

Launcher fails to find main method when it is parameterless #47311

Package private Main class using Java 25 is not found by build plugins #47309

Bitnami legacy images are not automatically detected #47275

Maven plugin does not provide an easy way to exclude optional dependencies from uber jar #25403

📔 Documentation

Some spring.test.* properties are not documented #47775

Dependency management for Maven AntRun Plugin is missing changelog link #47744

Developing Your First Spring Boot Application has outdated tools #47700

Include deprecated configuration properties in the reference documentation #47669

Aggregated Javadoc should link to the proper version of JakartaEE #47593

Update javadoc of TestRestTemplate following change to redirect behavior #47474

Use non-deprecated syntax to configure sourceCompatibility #47343

Fix link to Framework's @Bean annotation #47330

Update managed dependency version override examples in documentation #47306

🔨 Dependency Upgrades

Upgrade to ActiveMQ 6.1.8 #47767

Upgrade to Angus Mail 2.0.5 #47525

Upgrade to AssertJ 3.27.6 #47526

Upgrade to Byte Buddy 1.17.8 #47527

Upgrade to Cassandra Driver 4.19.1 #47768

Upgrade to Classmate 1.7.1 #47528

Upgrade to Elasticsearch Client 8.18.8 #47671

Upgrade to Glassfish JAXB 4.0.6 #47529

Upgrade to GraphQL Java 24.3 #47755

Upgrade to Groovy 4.0.29 #47713

Upgrade to Hibernate 6.6.33.Final #47530

Upgrade to HttpClient5 5.5.1 #47531

Upgrade to HttpCore5 5.3.6 #47532

Upgrade to Jakarta Mail 2.1.5 #47533

Upgrade to Jakarta XML Bind 4.0.4 #47242

Upgrade to Jetty 12.0.29 #47728

... (truncated)

Commits

d3152ea Release v3.5.7
af07358 Merge branch '3.4.x' into 3.5.x
b0bef35 Document missing spring.test.* properties
6683d0f Merge branch '3.4.x' into 3.5.x
5ba3642 Next development version (v3.4.12-SNAPSHOT)
59aba4e Merge branch '3.4.x' into 3.5.x
4525a0c Merge pull request #47284 from DKARAGODIN
43d91ae Write signature files to uber wars for Oracle Java 17 verification
eaad688 Upgrade to Spring Batch 5.2.4
edee2de Upgrade to Cassandra Driver 4.19.1
Additional commits viewable in compare view

Updates org.openapitools:jackson-databind-nullable from 0.2.7 to 0.2.8

Release notes

Sourced from org.openapitools:jackson-databind-nullable's releases.

v0.2.8 released

What's Changed

Update to next snapshot version by @wing328 in OpenAPITools/jackson-databind-nullable#67

Skip SNAPSHOT deploy job on forks by @ctrimble in OpenAPITools/jackson-databind-nullable#70

Remove Javadoc argument --ignore-source-errors by @ctrimble in OpenAPITools/jackson-databind-nullable#69

Update to JUnit 5 and fix tests by @Til7701 in OpenAPITools/jackson-databind-nullable#72

Update all dependency and plugin versions by @nrayburn-tech in OpenAPITools/jackson-databind-nullable#75

GitHub actions cleanup by @nrayburn-tech in OpenAPITools/jackson-databind-nullable#76

Add dependabot configuration by @Til7701 in OpenAPITools/jackson-databind-nullable#77

Bump actions/checkout from 3 to 5 by @dependabot[bot] in OpenAPITools/jackson-databind-nullable#78

Bump actions/cache from 3 to 4 by @dependabot[bot] in OpenAPITools/jackson-databind-nullable#79

Bump actions/setup-java from 3 to 5 by @dependabot[bot] in OpenAPITools/jackson-databind-nullable#80

Update GitHub actions to use commit sha instead of tags by @nrayburn-tech in OpenAPITools/jackson-databind-nullable#82

Ignore Hibernate Validator updates until Java 17+ is used for builds by @nrayburn-tech in OpenAPITools/jackson-databind-nullable#83

Streaming methods by @ctrimble in OpenAPITools/jackson-databind-nullable#68

Ignore semver-major Mockito and JUnit updates until Java 17+ is used for builds by @nrayburn-tech in OpenAPITools/jackson-databind-nullable#86

Build as multi release jar by @Til7701 in OpenAPITools/jackson-databind-nullable#62

Bump org.junit:junit-bom from 5.13.4 to 5.14.0 by @dependabot[bot] in OpenAPITools/jackson-databind-nullable#87

Fix typos and linguistic errors in documentation / hacktoberfest by @survivant in OpenAPITools/jackson-databind-nullable#88

Change the maven compile execution for Java 8 to override the default compile by @nrayburn-tech in OpenAPITools/jackson-databind-nullable#89

Update to move away from deprecated methods by @nrayburn-tech in OpenAPITools/jackson-databind-nullable#91

New Contributors

@ctrimble made their first contribution in OpenAPITools/jackson-databind-nullable#70

@nrayburn-tech made their first contribution in OpenAPITools/jackson-databind-nullable#75

@survivant made their first contribution in OpenAPITools/jackson-databind-nullable#88

Full Changelog: OpenAPITools/jackson-databind-nullable@v0.2.7...v0.2.8

Commits

108f5bd v0.2.8 release (#92)
b2ca809 Update to move away from deprecated methods (#91)
377e8c4 Change the maven compile execution for Java 8 to override the default compile...
5b73076 Fix typos and linguistic errors in documentation (#88)
85e68d4 Bump org.junit:junit-bom from 5.13.4 to 5.14.0 (#87)
9dd4094 Build as multi release jar (#62)
6712288 Ignore semver-major Mockito and JUnit updates until Java 17+ is used for buil...
f377eda adding the following methods to JsonNullable, based on methods (#68)
09ee5fc Ignore Hibernate Validator updates until Java 17+ is used for builds (#83)
338ccf8 Update GitHub actions to use commit sha instead of tags to avoid supply chain...
Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-maven-plugin from 3.5.6 to 3.5.7

Release notes

Sourced from org.springframework.boot:spring-boot-maven-plugin's releases.

v3.5.7

⭐ New Features

Add TWENTY_FIVE to JavaVersion enum #47609

🐞 Bug Fixes

Signed jar verification fails when nested in an uber war running on an Oracle JVM #47771

In an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location #47737

Homebrew formula for the CLI should use libexec #47722

When virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration #47717

ClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads #47678

OnBeanCondition no longer correctly finds annotations on scoped target proxy beans #47635

JavaVersion doesn't work reliably in native-image #47620

LiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema #47346

Launcher fails to find main method when it is parameterless #47311

Package private Main class using Java 25 is not found by build plugins #47309

Bitnami legacy images are not automatically detected #47275

Maven plugin does not provide an easy way to exclude optional dependencies from uber jar #25403

📔 Documentation

Some spring.test.* properties are not documented #47775

Dependency management for Maven AntRun Plugin is missing changelog link #47744

Developing Your First Spring Boot Application has outdated tools #47700

Include deprecated configuration properties in the reference documentation #47669

Aggregated Javadoc should link to the proper version of JakartaEE #47593

Update javadoc of TestRestTemplate following change to redirect behavior #47474

Use non-deprecated syntax to configure sourceCompatibility #47343

Fix link to Framework's @Bean annotation #47330

Update managed dependency version override examples in documentation #47306

🔨 Dependency Upgrades

Upgrade to ActiveMQ 6.1.8 #47767

Upgrade to Angus Mail 2.0.5 #47525

Upgrade to AssertJ 3.27.6 #47526

Upgrade to Byte Buddy 1.17.8 #47527

Upgrade to Cassandra Driver 4.19.1 #47768

Upgrade to Classmate 1.7.1 #47528

Upgrade to Elasticsearch Client 8.18.8 #47671

Upgrade to Glassfish JAXB 4.0.6 #47529

Upgrade to GraphQL Java 24.3 #47755

Upgrade to Groovy 4.0.29 #47713

Upgrade to Hibernate 6.6.33.Final #47530

Upgrade to HttpClient5 5.5.1 #47531

Upgrade to HttpCore5 5.3.6 #47532

Upgrade to Jakarta Mail 2.1.5 #47533

Upgrade to Jakarta XML Bind 4.0.4 #47242

Upgrade to Jetty 12.0.29 #47728

... (truncated)

Commits

d3152ea Release v3.5.7
af07358 Merge branch '3.4.x' into 3.5.x
b0bef35 Document missing spring.test.* properties
6683d0f Merge branch '3.4.x' into 3.5.x
5ba3642 Next development version (v3.4.12-SNAPSHOT)
59aba4e Merge branch '3.4.x' into 3.5.x
4525a0c Merge pull request #47284 from DKARAGODIN
43d91ae Write signature files to uber wars for Oracle Java 17 verification
eaad688 Upgrade to Spring Batch 5.2.4
edee2de Upgrade to Cassandra Driver 4.19.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 4 updates: [org.springframework.boot:spring-boot-starter-web](https://github.com/spring-projects/spring-boot), [org.springframework.boot:spring-boot-starter-cache](https://github.com/spring-projects/spring-boot), [org.openapitools:jackson-databind-nullable](https://github.com/OpenAPITools/jackson-databind-nullable) and [org.springframework.boot:spring-boot-maven-plugin](https://github.com/spring-projects/spring-boot). Updates `org.springframework.boot:spring-boot-starter-web` from 3.5.6 to 3.5.7 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.6...v3.5.7) Updates `org.springframework.boot:spring-boot-starter-cache` from 3.5.6 to 3.5.7 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.6...v3.5.7) Updates `org.springframework.boot:spring-boot-starter-cache` from 3.5.6 to 3.5.7 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.6...v3.5.7) Updates `org.openapitools:jackson-databind-nullable` from 0.2.7 to 0.2.8 - [Release notes](https://github.com/OpenAPITools/jackson-databind-nullable/releases) - [Commits](OpenAPITools/jackson-databind-nullable@v0.2.7...v0.2.8) Updates `org.springframework.boot:spring-boot-maven-plugin` from 3.5.6 to 3.5.7 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.6...v3.5.7) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-web dependency-version: 3.5.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.springframework.boot:spring-boot-starter-cache dependency-version: 3.5.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.springframework.boot:spring-boot-starter-cache dependency-version: 3.5.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.openapitools:jackson-databind-nullable dependency-version: 0.2.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.springframework.boot:spring-boot-maven-plugin dependency-version: 3.5.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Oct 27, 2025

rfresh2 merged commit 916ae40 into mainline Oct 27, 2025
2 checks passed

dependabot bot deleted the dependabot/maven/dependencies-63efacd6d2 branch October 27, 2025 20:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the dependencies group with 4 updates #125

Bump the dependencies group with 4 updates #125

Uh oh!

dependabot bot commented on behalf of github Oct 27, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Bump the dependencies group with 4 updates #125

Bump the dependencies group with 4 updates #125

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 27, 2025

v3.5.7

⭐ New Features

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

v3.5.7

⭐ New Features

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

v3.5.7

⭐ New Features

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

v0.2.8 released

What's Changed

New Contributors

v3.5.7

⭐ New Features

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants