Skip to content

Bump the maven-dependencies group across 1 directory with 27 updates#445

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/maven-dependencies-87ffcd92c9
Open

Bump the maven-dependencies group across 1 directory with 27 updates#445
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/maven-dependencies-87ffcd92c9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 10, 2026

Bumps the maven-dependencies group with 27 updates in the / directory:

Package From To
org.axonframework:axon-bom 4.12.1 4.13.1
io.axoniq:axonserver-connector-java 2025.2.0-EAP 2026.0.0
org.axonframework:axon-server-connector 4.12.1 5.0.5
org.axonframework:axon-messaging 4.12.1 5.1.0
org.axonframework:axon-spring-boot-autoconfigure 4.12.1 4.13.1
org.springframework.boot:spring-boot-starter-parent 3.5.6 4.0.6
org.springframework.boot:spring-boot-starter-webflux 3.5.6 4.0.6
org.springframework.boot:spring-boot-maven-plugin 3.5.6 4.0.6
org.springframework.boot:spring-boot-starter 3.5.6 4.0.6
org.springframework.boot:spring-boot-starter-data-jpa 3.5.6 4.0.6
org.springframework.boot:spring-boot-docker-compose 3.5.6 4.0.6
io.projectreactor:reactor-core 3.7.11 3.8.5
org.hibernate:hibernate-core 6.2.6.Final 7.3.4.Final
org.junit.jupiter:junit-jupiter 6.0.0 6.0.3
org.testcontainers:junit-jupiter 1.21.3 1.21.4
org.mockito:mockito-core 5.20.0 5.23.0
org.apache.maven.plugins:maven-surefire-plugin 3.5.4 3.5.5
org.apache.maven.plugins:maven-compiler-plugin 3.14.1 3.15.0
org.jetbrains.kotlin:kotlin-stdlib-jdk8 2.2.20 2.3.21
org.jetbrains.kotlin:kotlin-reflect 2.2.20 2.3.21
org.jetbrains.kotlin:kotlin-maven-allopen 2.2.20 2.3.21
org.jetbrains.kotlin:kotlin-maven-plugin 2.2.20 2.3.21
com.vaadin:vaadin-bom 24.9.2 25.1.5
com.vaadin:vaadin-maven-plugin 24.9.2 25.1.5
org.flywaydb:flyway-core 11.13.2 12.6.0
com.fasterxml.jackson.core:jackson-annotations 2.20 2.21
org.springdoc:springdoc-openapi-starter-webmvc-ui 2.8.13 3.0.3

Updates org.axonframework:axon-bom from 4.12.1 to 4.13.1

Release notes

Sourced from org.axonframework:axon-bom's releases.

Axon Bill of Materials v4.13.1

🛠️ Dependency Upgrade

  • Upgrade Axon Framework version to 4.13.1 #213

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Axon Bill of Materials v4.13.0

🛠️ Dependency Upgrade

  • Upgrade Axon Framework to 4.13.0 and Axon Server Connector for Java to 2025.2.1 #212

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Axon Bill of Materials v4.12.3

🛠️ Dependency Upgrade

  • Upgrade AF to 4.12.3 and Connector to 2024.2.5 #210

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Axon Bill of Materials v4.12.2

🛠️ Dependency Upgrade

  • Upgrade AF to 4.12.2 #209

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Commits
  • cba8bd0 [maven-release-plugin] prepare release axon-4.13.1
  • a96f50a Merge pull request #213 from AxonFramework/dependency-upgrade/af-4.13.1
  • 4de9abb Upgrade framework version to 4.13.1
  • e6f5d50 [maven-release-plugin] prepare for next development iteration
  • 4e8dfc4 [maven-release-plugin] prepare release axon-4.13.0
  • d9de2ad Merge pull request #212 from AxonFramework/dependency-upgrade/af4.13.0-connec...
  • 74900c2 Upgrade framework version to 4.13.0
  • 906fe34 Upgrade connector version to 4.13.0
  • 297ce5d Merge pull request #211 from jangalinski/patch-2
  • 8745351 Update Maven Central badge in README.md
  • Additional commits viewable in compare view

Updates io.axoniq:axonserver-connector-java from 2025.2.0-EAP to 2026.0.0

Release notes

Sourced from io.axoniq:axonserver-connector-java's releases.

Axon Server Connector for Java version 2026.0.0

⭐ Features

  • Upgrade axonserver API usage to 2026.0.0-snapshot #483

📈 Enhancements

  • Port 2025.2.2 to 2026.0.0 #485
  • Add clientId header to all GRPC calls #477

🛠️ Dependency Upgrade

  • Upgrade the Axon Server API version to 2026.0.0 #486
  • Bump the maven-dependencies group with 3 updates #484
  • Bump org.apache.maven.plugins:maven-resources-plugin from 3.4.0 to 3.5.0 in the maven-dependencies group #482
  • Bump the maven-dependencies group with 3 updates #480
  • Bump the maven-dependencies group across 1 directory with 6 updates #479
  • Bump the maven-dependencies group across 1 directory with 5 updates #478
  • Bump actions/setup-java from 5.1.0 to 5.2.0 in the github-dependencies group #475
  • Bump the maven-dependencies group with 3 updates #471
  • Bump the maven-dependencies group with 4 updates #470
  • Bump org.apache.logging.log4j:log4j-core from 2.25.2 to 2.25.3 #469
  • Bump the maven-dependencies group with 4 updates #468
  • Bump the maven-dependencies group with 2 updates #467
  • Bump actions/setup-java from 5.0.0 to 5.1.0 in the github-dependencies group #466
  • Bump the maven-dependencies group with 3 updates #465
  • Bump actions/checkout from 5 to 6 in the github-dependencies group #457

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Axon Server Connector for Java version 2025.2.2

📈 Enhancements

  • Update the issue templates #464

🪲 Bug Fixes

  • #461 Fix logging on channel registration #462

🛠️ Dependency Upgrade

... (truncated)

Commits
  • 82ffc42 [maven-release-plugin] prepare release 2026.0.0
  • 5554b3d Merge pull request #486 from AxonIQ/dependency-upgrade/api-version-2026.0.0
  • b6385fb Upgrade the Axon Server API version to 2026.0.0
  • 5333a56 Merge pull request #485 from AxonIQ/enhancement/port-2025.2.2
  • 4e6a150 Fix incorrect auto merge resolution
  • fbc5a95 Merge branch 'connector-2025.2.x' into enhancement/port-2025.2.2
  • 613179c [maven-release-plugin] prepare for next development iteration
  • b6a395f [maven-release-plugin] prepare release 2025.2.2
  • c44a938 Merge pull request #484 from AxonIQ/dependabot/maven/maven-dependencies-fda89...
  • 8d38243 Bump the maven-dependencies group with 3 updates
  • Additional commits viewable in compare view

Updates org.axonframework:axon-server-connector from 4.12.1 to 5.0.5

Updates org.axonframework:axon-messaging from 4.12.1 to 5.1.0

Updates org.axonframework:axon-spring-boot-autoconfigure from 4.12.1 to 4.13.1

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.6 to 4.0.6

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v4.0.6

🐞 Bug Fixes

  • Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not #50188
  • Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client #50187
  • ApplicationPidFileWriter does not handle symlinks correctly #50185
  • RandomValuePropertySource is not suitable for secrets #50183
  • Cassandra auto-configuration misconfigures CqlSessionBuilder #50180
  • ApplicationTemp does not handle symlinks correctly #50178
  • Remote DevTools performs comparison incorrectly #50176
  • spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50174
  • Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50077
  • Classic starters are missing several modules #50071
  • Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic #50069
  • Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50064
  • EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50039
  • WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50017
  • Imports on a containing test class are ignored when a nested class has imports #50012
  • With spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled #49951
  • 500 response from env endpoint when supplied pattern is invalid #49946
  • Reactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver #49945
  • HTTP method is lost when configuring excludes in EndpointRequest #49943
  • Honor HttpMethod for reactive additional endpoint paths #49880
  • Docker Compose support doesn't work with apache/artemis image #49869
  • Docker Compose support doesn't work with apache/activemq image #49866
  • Spring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test #49854
  • API versioning path strategy should be applied path last as it is not meant to yield #49800

📔 Documentation

  • Update docs to encourage Java fundamentals for beginners that prefer to learn that way #50146
  • HTTP Service Interface Clients still document that API versioning can be configured via properties #50126
  • Link to the observability section of the Lettuce documentation is broken #50097
  • Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50085
  • MySamlRelyingPartyConfiguration is missing a Kotlin sample #50024
  • Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50019
  • Link to the Kubernetes documentation when discussing startup probes #50015
  • Typo in JdbcSessionAutoConfiguration Javadoc #49873
  • Clarify that configuration property default values are not available through the Environment #49851
  • Document the need for Liquibase and Flyway starters #49839
  • Kafka documentation refers to deprecated JSON serializer and deserializer classes #49826

🔨 Dependency Upgrades

... (truncated)

Commits
  • 8821ad2 Release v4.0.6
  • 9e4048a Merge branch '3.5.x' into 4.0.x
  • 20bb11c Next development version (v3.5.15-SNAPSHOT)
  • 98daa8e Merge branch '3.5.x' into 4.0.x
  • 9dc5aa2 Polish
  • 874f629 Fix default security with actuator but without health
  • e41b3bf Enable hostname verification for SSL connections to Elasticsearch
  • ef8527b Merge branch '3.5.x' into 4.0.x
  • f533a45 Do not follow symlinks when writing PID file
  • 4a7bd33 Merge branch '3.5.x' into 4.0.x
  • Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter-webflux from 3.5.6 to 4.0.6

Release notes

Sourced from org.springframework.boot:spring-boot-starter-webflux's releases.

v4.0.6

🐞 Bug Fixes

  • Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not #50188
  • Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client #50187
  • ApplicationPidFileWriter does not handle symlinks correctly #50185
  • RandomValuePropertySource is not suitable for secrets #50183
  • Cassandra auto-configuration misconfigures CqlSessionBuilder #50180
  • ApplicationTemp does not handle symlinks correctly #50178
  • Remote DevTools performs comparison incorrectly #50176
  • spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50174
  • Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50077
  • Classic starters are missing several modules #50071
  • Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic #50069
  • Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50064
  • EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50039
  • WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50017
  • Imports on a containing test class are ignored when a nested class has imports #50012
  • With spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled #49951
  • 500 response from env endpoint when supplied pattern is invalid #49946
  • Reactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver #49945
  • HTTP method is lost when configuring excludes in EndpointRequest #49943
  • Honor HttpMethod for reactive additional endpoint paths #49880
  • Docker Compose support doesn't work with apache/artemis image #49869
  • Docker Compose support doesn't work with apache/activemq image #49866
  • Spring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test #49854
  • API versioning path strategy should be applied path last as it is not meant to yield #49800

📔 Documentation

  • Update docs to encourage Java fundamentals for beginners that prefer to learn that way #50146
  • HTTP Service Interface Clients still document that API versioning can be configured via properties #50126
  • Link to the observability section of the Lettuce documentation is broken #50097
  • Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50085
  • MySamlRelyingPartyConfiguration is missing a Kotlin sample #50024
  • Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50019
  • Link to the Kubernetes documentation when discussing startup probes #50015
  • Typo in JdbcSessionAutoConfiguration Javadoc #49873
  • Clarify that configuration property default values are not available through the Environment #49851
  • Document the need for Liquibase and Flyway starters #49839
  • Kafka documentation refers to deprecated JSON serializer and deserializer classes #49826

🔨 Dependency Upgrades

... (truncated)

Commits
  • 8821ad2 Release v4.0.6
  • 9e4048a Merge branch '3.5.x' into 4.0.x
  • 20bb11c Next development version (v3.5.15-SNAPSHOT)
  • 98daa8e Merge branch '3.5.x' into 4.0.x
  • 9dc5aa2 Polish
  • 874f629 Fix default security with actuator but without health
  • e41b3bf Enable hostname verification for SSL connections to Elasticsearch
  • ef8527b Merge branch '3.5.x' into 4.0.x
  • f533a45 Do not follow symlinks when writing PID file
  • 4a7bd33 Merge branch '3.5.x' into 4.0.x
  • Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-maven-plugin from 3.5.6 to 4.0.6

Release notes

Sourced from org.springframework.boot:spring-boot-maven-plugin's releases.

v4.0.6

🐞 Bug Fixes

  • Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not #50188
  • Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client #50187
  • ApplicationPidFileWriter does not handle symlinks correctly #50185
  • RandomValuePropertySource is not suitable for secrets #50183
  • Cassandra auto-configuration misconfigures CqlSessionBuilder #50180
  • ApplicationTemp does not handle symlinks correctly #50178
  • Remote DevTools performs comparison incorrectly #50176
  • spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50174
  • Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50077
  • Classic starters are missing several modules #50071
  • Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic #50069
  • Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50064
  • EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50039
  • WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50017
  • Imports on a containing test class are ignored when a nested class has imports #50012
  • With spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled #49951
  • 500 response from env endpoint when supplied pattern is invalid #49946
  • Reactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver #49945
  • HTTP method is lost when configuring excludes in EndpointRequest #49943
  • Honor HttpMethod for reactive additional endpoint paths #49880
  • Docker Compose support doesn't work with apache/artemis image #49869
  • Docker Compose support doesn't work with apache/activemq image #49866
  • Spring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test #49854
  • API versioning path strategy should be applied path last as it is not meant to yield #49800

📔 Documentation

  • Update docs to encourage Java fundamentals for beginners that prefer to learn that way #50146
  • HTTP Service Interface Clients still document that API versioning can be configured via properties #50126
  • Link to the observability section of the Lettuce documentation is broken #50097
  • Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50085
  • MySamlRelyingPartyConfiguration is missing a Kotlin sample #50024
  • Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50019
  • Link to the Kubernetes documentation when discussing startup probes #50015
  • Typo in JdbcSessionAutoConfiguration Javadoc #49873
  • Clarify that configuration property default values are not available through the Environment #49851
  • Document the need for Liquibase and Flyway starters #49839
  • Kafka documentation refers to deprecated JSON serializer and deserializer classes #49826

🔨 Dependency Upgrades

... (truncated)

Commits
  • 8821ad2 Release v4.0.6
  • 9e4048a Merge branch '3.5.x' into 4.0.x
  • 20bb11c Next development version (v3.5.15-SNAPSHOT)
  • 98daa8e Merge branch '3.5.x' into 4.0.x
  • 9dc5aa2 Polish
  • 874f629 Fix default security with actuator but without health
  • e41b3bf Enable hostname verification for SSL connections to Elasticsearch
  • ef8527b Merge branch '3.5.x' into 4.0.x
  • f533a45 Do not follow symlinks when writing PID file
  • 4a7bd33 Merge branch '3.5.x' into 4.0.x
  • Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter from 3.5.6 to 4.0.6

Release notes

Sourced from org.springframework.boot:spring-boot-starter's releases.

v4.0.6

🐞 Bug Fixes

  • Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not #50188
  • Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client #50187
  • ApplicationPidFileWriter does not handle symlinks correctly #50185
  • RandomValuePropertySource is not suitable for secrets #50183
  • Cassandra auto-configuration misconfigures CqlSessionBuilder #50180
  • ApplicationTemp does not handle symlinks correctly #50178
  • Remote DevTools performs comparison incorrectly #50176
  • spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50174
  • Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50077
  • Classic starters are missing several modules #50071
  • Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic #50069
  • Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50064
  • EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50039
  • WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50017
  • Imports on a containing test class are ignored when a nested class has imports #50012
  • With spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled #49951
  • 500 response from env endpoint when supplied pattern is invalid #49946
  • Reactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver #49945
  • HTTP method is lost when configuring excludes in EndpointRequest #49943
  • Honor HttpMethod for reactive additional endpoint paths #49880
  • Docker Compose support doesn't work with apache/artemis image #49869
  • Docker Compose support doesn't work with apache/activemq image #49866
  • Spring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test #49854
  • API versioning path strategy should be applied path last as it is not meant to yield #49800

📔 Documentation

  • Update docs to encourage Java fundamentals for beginners that prefer to learn that way #50146
  • HTTP Service Interface Clients still document that API versioning can be configured via properties #50126
  • Link to the observability section of the Lettuce documentation is broken #50097
  • Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50085
  • MySamlRelyingPartyConfiguration is missing a Kotlin sample #50024
  • Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50019
  • Link to the Kubernetes documentation when discussing startup probes #50015
  • Typo in JdbcSessionAutoConfiguration Javadoc #49873
  • Clarify that configuration property default values are not available through the Environment #49851
  • Document the need for Liquibase and Flyway starters #49839
  • Kafka documentation refers to deprecated JSON serializer and deserializer classes #49826

🔨 Dependency Upgrades

... (truncated)

Commits
  • 8821ad2 Release v4.0.6
  • 9e4048a Merge branch '3.5.x' into 4.0.x
  • 20bb11c Next development version (v3.5.15-SNAPSHOT)
  • 98daa8e Merge branch '3.5.x' into 4.0.x
  • 9dc5aa2 Polish
  • 874f629 Fix default security with actuator but without health
  • e41b3bf Enable hostname verification for SSL connections to Elasticsearch
  • ef8527b Merge branch '3.5.x' into 4.0.x
  • f533a45 Do not follow symlinks when writing PID file
  • 4a7bd33 Merge branch '3.5.x' into 4.0.x
  • Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter-data-jpa from 3.5.6 to 4.0.6

Release notes

Sourced from org.springframework.boot:spring-boot-starter-data-jpa's releases.

v4.0.6

🐞 Bug Fixes

  • Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not #50188
  • Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client #50187
  • ApplicationPidFileWriter does not handle symlinks correctly #50185
  • RandomValuePropertySource is not suitable for secrets #50183
  • Cassandra auto-configuration misconfigures CqlSessionBuilder #50180
  • ApplicationTemp does not handle symlinks correctly #50178
  • Remote DevTools performs comparison incorrectly #50176
  • spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50174
  • Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50077
  • Classic starters are missing several modules #50071
  • Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic #50069
  • Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50064
  • EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50039
  • WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50017
  • Imports on a containing test class are ignored when a nested class has imports #50012
  • With spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled #49951
  • 500 response from env endpoint when supplied pattern is invalid #49946
  • Reactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver #49945
  • HTTP method is lost when configuring excludes in EndpointRequest #49943
  • Honor HttpMethod for reactive additional endpoint paths #49880
  • Docker Compose support doesn't work with apache/artemis image #49869
  • Docker Compose support doesn't work with apache/activemq image #49866
  • Spring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test #49854
  • API versioning path strategy should be applied path last as it is not meant to yield #49800

📔 Documentation

  • Update docs to encourage Java fundamentals for beginners that prefer to learn that way #50146
  • HTTP Service Interface Clients still document that API versioning can be configured via properties #50126
  • Link to the observability section of the Lettuce documentation is broken #50097
  • Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50085
  • MySamlRelyingPartyConfiguration is missing a Kotlin sample #50024
  • Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50019
  • Link to the Kubernetes documentation when discussing startup probes #50015
  • Typo in JdbcSessionAutoConfiguration Javadoc #49873
  • Clarify that configuration property default values are not available through the Environment #49851
  • Document the need for Liquibase and Flyway starters #49839
  • Kafka documentation refers to deprecated JSON serializer and deserializer classes #49826

🔨 Dependency Upgrades

... (truncated)

Commits
  • 8821ad2 Release v4.0.6
  • 9e4048a Merge branch '3.5.x' into 4.0.x
  • 20bb11c Next development version (v3.5.15-SNAPSHOT)
  • 98daa8e Merge branch '3.5.x' into 4.0.x
  • 9dc5aa2 Polish
  • 874f629 Fix default security with actuator but without health
  • e41b3bf Enable hostname verification for SSL connections to Elasticsearch
  • ef8527b Merge branch '3.5.x' into 4.0.x
  • f533a45 Do not follow symlinks when writing PID file
  • 4a7bd33 Merge branch '3.5.x' into 4.0.x
  • Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-docker-compose from 3.5.6 to 4.0.6

Release notes

Sourced from org.springframework.boot:spring-boot-docker-compose's releases.

v4.0.6

🐞 Bug Fixes

  • Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not #50188
  • Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client #50187
  • ApplicationPidFileWriter does not handle symlinks correctly #50185
  • RandomValuePropertySource is not suitable for secrets #50183
  • Cassandra auto-configuration misconfigures CqlSessionBuilder #50180
  • ApplicationTemp does not handle symlinks correctly #50178
  • Remote DevTools performs comparison incorrectly #50176
  • spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50174
  • Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50077
  • Classic starters are missing several modules #50071
  • Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic #50069
  • Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50064
  • EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50039
  • WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50017
  • Imports on a containing test class are ignored when a nested class has imports

@dependabot
Bump the maven-dependencies group across 1 directory with 27 updates
f429102 
Bumps the maven-dependencies group with 27 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [org.axonframework:axon-bom](https://github.com/AxonFramework/axon-bom) | `4.12.1` | `4.13.1` |
| [io.axoniq:axonserver-connector-java](https://github.com/AxonIQ/axonserver-connector-java) | `2025.2.0-EAP` | `2026.0.0` |
| org.axonframework:axon-server-connector | `4.12.1` | `5.0.5` |
| org.axonframework:axon-messaging | `4.12.1` | `5.1.0` |
| org.axonframework:axon-spring-boot-autoconfigure | `4.12.1` | `4.13.1` |
| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.6` | `4.0.6` |
| [org.springframework.boot:spring-boot-starter-webflux](https://github.com/spring-projects/spring-boot) | `3.5.6` | `4.0.6` |
| [org.springframework.boot:spring-boot-maven-plugin](https://github.com/spring-projects/spring-boot) | `3.5.6` | `4.0.6` |
| [org.springframework.boot:spring-boot-starter](https://github.com/spring-projects/spring-boot) | `3.5.6` | `4.0.6` |
| [org.springframework.boot:spring-boot-starter-data-jpa](https://github.com/spring-projects/spring-boot) | `3.5.6` | `4.0.6` |
| [org.springframework.boot:spring-boot-docker-compose](https://github.com/spring-projects/spring-boot) | `3.5.6` | `4.0.6` |
| [io.projectreactor:reactor-core](https://github.com/reactor/reactor-core) | `3.7.11` | `3.8.5` |
| [org.hibernate:hibernate-core](https://github.com/hibernate/hibernate-orm) | `6.2.6.Final` | `7.3.4.Final` |
| [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) | `6.0.0` | `6.0.3` |
| [org.testcontainers:junit-jupiter](https://github.com/testcontainers/testcontainers-java) | `1.21.3` | `1.21.4` |
| [org.mockito:mockito-core](https://github.com/mockito/mockito) | `5.20.0` | `5.23.0` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.4` | `3.5.5` |
| [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.14.1` | `3.15.0` |
| [org.jetbrains.kotlin:kotlin-stdlib-jdk8](https://github.com/JetBrains/kotlin) | `2.2.20` | `2.3.21` |
| [org.jetbrains.kotlin:kotlin-reflect](https://github.com/JetBrains/kotlin) | `2.2.20` | `2.3.21` |
| org.jetbrains.kotlin:kotlin-maven-allopen | `2.2.20` | `2.3.21` |
| org.jetbrains.kotlin:kotlin-maven-plugin | `2.2.20` | `2.3.21` |
| com.vaadin:vaadin-bom | `24.9.2` | `25.1.5` |
| [com.vaadin:vaadin-maven-plugin](https://github.com/vaadin/platform) | `24.9.2` | `25.1.5` |
| org.flywaydb:flyway-core | `11.13.2` | `12.6.0` |
| [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.20` | `2.21` |
| [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) | `2.8.13` | `3.0.3` |



Updates `org.axonframework:axon-bom` from 4.12.1 to 4.13.1
- [Release notes](https://github.com/AxonFramework/axon-bom/releases)
- [Commits](AxonFramework/axon-bom@axon-4.12.1...axon-4.13.1)

Updates `io.axoniq:axonserver-connector-java` from 2025.2.0-EAP to 2026.0.0
- [Release notes](https://github.com/AxonIQ/axonserver-connector-java/releases)
- [Commits](AxonIQ/axonserver-connector-java@2025.2.0-EAP...2026.0.0)

Updates `org.axonframework:axon-server-connector` from 4.12.1 to 5.0.5

Updates `org.axonframework:axon-messaging` from 4.12.1 to 5.1.0

Updates `org.axonframework:axon-spring-boot-autoconfigure` from 4.12.1 to 4.13.1

Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.springframework.boot:spring-boot-starter-webflux` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.springframework.boot:spring-boot-maven-plugin` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.springframework.boot:spring-boot-starter` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.springframework.boot:spring-boot-docker-compose` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.springframework.boot:spring-boot-starter-webflux` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `io.projectreactor:reactor-core` from 3.7.11 to 3.8.5
- [Release notes](https://github.com/reactor/reactor-core/releases)
- [Commits](reactor/reactor-core@v3.7.11...v3.8.5)

Updates `org.hibernate:hibernate-core` from 6.2.6.Final to 7.3.4.Final
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.3.4/changelog.txt)
- [Commits](hibernate/hibernate-orm@6.2.6...7.3.4)

Updates `org.junit.jupiter:junit-jupiter` from 6.0.0 to 6.0.3
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.0...r6.0.3)

Updates `org.testcontainers:junit-jupiter` from 1.21.3 to 1.21.4
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](testcontainers/testcontainers-java@1.21.3...1.21.4)

Updates `org.mockito:mockito-core` from 5.20.0 to 5.23.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v5.20.0...v5.23.0)

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.4 to 3.5.5
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.4...surefire-3.5.5)

Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.14.1 to 3.15.0
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.14.1...maven-compiler-plugin-3.15.0)

Updates `org.springframework.boot:spring-boot-maven-plugin` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.springframework.boot:spring-boot-starter` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.jetbrains.kotlin:kotlin-stdlib-jdk8` from 2.2.20 to 2.3.21
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](JetBrains/kotlin@v2.2.20...v2.3.21)

Updates `org.jetbrains.kotlin:kotlin-reflect` from 2.2.20 to 2.3.21
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](JetBrains/kotlin@v2.2.20...v2.3.21)

Updates `org.jetbrains.kotlin:kotlin-maven-allopen` from 2.2.20 to 2.3.21

Updates `org.jetbrains.kotlin:kotlin-reflect` from 2.2.20 to 2.3.21
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](JetBrains/kotlin@v2.2.20...v2.3.21)

Updates `org.jetbrains.kotlin:kotlin-maven-allopen` from 2.2.20 to 2.3.21

Updates `org.jetbrains.kotlin:kotlin-maven-plugin` from 2.2.20 to 2.3.21

Updates `com.vaadin:vaadin-bom` from 24.9.2 to 25.1.5

Updates `com.vaadin:vaadin-maven-plugin` from 24.9.2 to 25.1.5
- [Release notes](https://github.com/vaadin/platform/releases)
- [Commits](vaadin/platform@24.9.2...25.1.5)

Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.flywaydb:flyway-core` from 11.13.2 to 12.6.0

Updates `com.vaadin:vaadin-maven-plugin` from 24.9.2 to 25.1.5
- [Release notes](https://github.com/vaadin/platform/releases)
- [Commits](vaadin/platform@24.9.2...25.1.5)

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.20 to 2.21
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `org.springframework.boot:spring-boot-docker-compose` from 3.5.6 to 4.0.6
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.6...v4.0.6)

Updates `org.springdoc:springdoc-openapi-starter-webmvc-ui` from 2.8.13 to 3.0.3
- [Release notes](https://github.com/springdoc/springdoc-openapi/releases)
- [Changelog](https://github.com/springdoc/springdoc-openapi/blob/v3.0.3/CHANGELOG.md)
- [Commits](springdoc/springdoc-openapi@v2.8.13...v3.0.3)

---
updated-dependencies:
- dependency-name: org.axonframework:axon-bom
  dependency-version: 4.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: io.axoniq:axonserver-connector-java
  dependency-version: 2026.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.axonframework:axon-server-connector
  dependency-version: 5.0.5
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.axonframework:axon-messaging
  dependency-version: 5.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.axonframework:axon-spring-boot-autoconfigure
  dependency-version: 4.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-starter-webflux
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-maven-plugin
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-starter
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-starter-data-jpa
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-docker-compose
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-starter-webflux
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: io.projectreactor:reactor-core
  dependency-version: 3.8.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.hibernate:hibernate-core
  dependency-version: 7.3.4.Final
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: org.testcontainers:junit-jupiter
  dependency-version: 1.21.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: org.mockito:mockito-core
  dependency-version: 5.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-version: 3.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-maven-plugin
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-starter
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.jetbrains.kotlin:kotlin-stdlib-jdk8
  dependency-version: 2.3.21
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.jetbrains.kotlin:kotlin-reflect
  dependency-version: 2.3.21
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.jetbrains.kotlin:kotlin-maven-allopen
  dependency-version: 2.3.21
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.jetbrains.kotlin:kotlin-reflect
  dependency-version: 2.3.21
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.jetbrains.kotlin:kotlin-maven-allopen
  dependency-version: 2.3.21
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.jetbrains.kotlin:kotlin-maven-plugin
  dependency-version: 2.3.21
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: com.vaadin:vaadin-bom
  dependency-version: 25.1.5
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: com.vaadin:vaadin-maven-plugin
  dependency-version: 25.1.5
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-starter-data-jpa
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.flywaydb:flyway-core
  dependency-version: 12.6.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: com.vaadin:vaadin-maven-plugin
  dependency-version: 25.1.5
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-version: '2.21'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.springframework.boot:spring-boot-docker-compose
  dependency-version: 4.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
- dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui
  dependency-version: 3.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: maven-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from smcvb as a code owner May 10, 2026 05:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@smcvb smcvb Awaiting requested review from smcvb smcvb is a code owner

Assignees

No one assigned

Labels

Priority 1: Must Type: Dependency Upgrade

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants