Skip to content

chore(deps): bump the low-risk group with 4 updates#352

Merged
RichardSlater merged 1 commit intomainfrom
dependabot/maven/low-risk-e5fe03bcf5
Mar 23, 2026
Merged

chore(deps): bump the low-risk group with 4 updates#352
RichardSlater merged 1 commit intomainfrom
dependabot/maven/low-risk-e5fe03bcf5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2026

Bumps the low-risk group with 4 updates: com.fasterxml.jackson:jackson-bom, org.springframework.boot:spring-boot-dependencies, org.pitest:pitest-parent and org.pitest:pitest-maven.

Updates com.fasterxml.jackson:jackson-bom from 2.21.1 to 2.21.2

Commits
  • 10e12a5 [maven-release-plugin] prepare release jackson-bom-2.21.2
  • d754903 Prep for 2.21.2 release
  • 63e1b3b Post-release dep version bump
  • 716ab0d [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view

Updates org.springframework.boot:spring-boot-dependencies from 3.5.11 to 3.5.12

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.5.12

🐞 Bug Fixes

  • EndpointRequest request matcher for health groups is too complex #49648
  • "/cloudfoundryapplication" web path is not limited to Actuator #49645
  • RSocket exposes duplicate endpoint for websocket setups #49592
  • Fix EndpointRequest.toLinks() when base-path is '/' #49591
  • SpringBootContextLoader mentions class that no longer exists in message for classes or locations assertion #49518
  • "spring.main.cloud-platform=none" does not disable cloud features #49478
  • Using @AutoConfigureWebTestClient prevents separate configuration of spring.test.webtestclient.timeout from taking effect #49340
  • Ordering of 'spring.config.import' is inconsistent when defined in environment or system properties #49324
  • RouterFunctions descriptions in Actuator do not support nesting #49289
  • Maven plugin does not set '-parameters' option when processing AOT code #49268
  • SSL support with Docker Compose does not work as documented #49210
  • Docker fails when a 'tcp://' address ends with a slash (for example 'tcp://docker:2375/') #49055

📔 Documentation

  • List all supported colors when describing color-coded log output #49561
  • Clarify that running is the only supported input state when triggering a Quartz job through the Actuator endpoint #49506
  • Tutorial in the reference guide has outdated instructions #49411
  • Javadoc of JettyHttpClientBuilder refers to the wrong type #49364
  • Example spring-devtools.properties file is shown in the wrong format #49357
  • Mention using org.springframework.boot.aot Gradle plugin directly for AOT processing with the JVM #49307
  • Update CLI's INSTALL.txt to reflect Groovy no longer being bundled #49297
  • JDK requirement for the CLI still refers to Java 8 #49290
  • Java and Kotlin samples of an environment post processor are inconsistent #49282
  • Document additional repositories required for shibboleth.net #49260
  • Clarify inferred relationships between OAuth 2 registrations and providers #49240

🔨 Dependency Upgrades

  • Upgrade to DB2 JDBC 12.1.4.0 #49544
  • Upgrade to Hibernate 6.6.44.Final #49457
  • Upgrade to Jakarta XML WS 4.0.3 #49458
  • Upgrade to JBoss Logging 3.6.3.Final #49630
  • Upgrade to Jetty 12.0.33 #49459
  • Upgrade to Kafka 3.9.2 #49460
  • Upgrade to Lombok 1.18.44 #49574
  • Upgrade to Maven Failsafe Plugin 3.5.5 #49461
  • Upgrade to Maven Shade Plugin 3.6.2 #49462
  • Upgrade to Maven Surefire Plugin 3.5.5 #49463
  • Upgrade to Micrometer 1.15.10 #49403
  • Upgrade to Micrometer Tracing 1.5.10 #49404
  • Upgrade to Pulsar 4.0.9 #49464
  • Upgrade to Reactor Bom 2024.0.16 #49405
  • Upgrade to Spring Batch 5.2.5 #49406
  • Upgrade to Spring Data Bom 2025.0.10 #49407
  • Upgrade to Spring Framework 6.2.17 #49408
  • Upgrade to Spring HATEOAS 2.5.2 #49586

... (truncated)

Commits
  • 285b074 Release v3.5.12
  • 6620dea Polishing
  • dd54841 Upgrade to Spring Batch 5.2.5
  • 1f2ea4a Revisit EndpointRequest matcher for additional paths
  • 01fbede Handle all requests in CloudFoundry mapping
  • dc54595 Merge pull request #49622 from dependabot[bot]
  • 9bc3768 Bump @​springio/asciidoctor-extensions in /antora
  • 6915834 Upgrade to Spring WS 4.1.3
  • a5db799 Upgrade to Spring Integration 6.5.8
  • 5ee4ffe Upgrade to JBoss Logging 3.6.3.Final
  • Additional commits viewable in compare view

Updates org.pitest:pitest-parent from 1.22.1 to 1.23.0

Release notes

Sourced from org.pitest:pitest-parent's releases.

1.23.0

  • #1455 move default history analysis to plugin
  • #1457 introduce new parameter for configuration directory
  • #1458 speculative measures to kill stubborn child processes
Commits
  • 7122150 Merge pull request #1458 from hcoles/feature/harder_shutdown
  • 614db4b rudely kill process from within shutdown hook
  • 39fa8c6 destroy child processes forcibly
  • 39f808e Merge pull request #1457 from hcoles/feature/config_dir
  • 61abe1e make config directory available to commandline and gradle
  • aedafe2 introduce new parameter for configuration directory
  • a98ee27 Merge pull request #1455 from hcoles/feature/move_incremental_analysis
  • 1b87fdd remove default history analysis
  • 15c8a25 Merge pull request #1453 from mlachenmayr-celonis/feat/token-permissions
  • dd74a3d EP-87 add token permissions to workflows
  • See full diff in compare view

Updates org.pitest:pitest-maven from 1.22.1 to 1.23.0

Release notes

Sourced from org.pitest:pitest-maven's releases.

1.23.0

  • #1455 move default history analysis to plugin
  • #1457 introduce new parameter for configuration directory
  • #1458 speculative measures to kill stubborn child processes
Commits
  • 7122150 Merge pull request #1458 from hcoles/feature/harder_shutdown
  • 614db4b rudely kill process from within shutdown hook
  • 39fa8c6 destroy child processes forcibly
  • 39f808e Merge pull request #1457 from hcoles/feature/config_dir
  • 61abe1e make config directory available to commandline and gradle
  • aedafe2 introduce new parameter for configuration directory
  • a98ee27 Merge pull request #1455 from hcoles/feature/move_incremental_analysis
  • 1b87fdd remove default history analysis
  • 15c8a25 Merge pull request #1453 from mlachenmayr-celonis/feat/token-permissions
  • dd74a3d EP-87 add token permissions to workflows
  • See full diff in compare view

Updates org.pitest:pitest-maven from 1.22.1 to 1.23.0

Release notes

Sourced from org.pitest:pitest-maven's releases.

1.23.0

  • #1455 move default history analysis to plugin
  • #1457 introduce new parameter for configuration directory
  • #1458 speculative measures to kill stubborn child processes
Commits
  • 7122150 Merge pull request #1458 from hcoles/feature/harder_shutdown
  • 614db4b rudely kill process from within shutdown hook
  • 39fa8c6 destroy child processes forcibly
  • 39f808e Merge pull request #1457 from hcoles/feature/config_dir
  • 61abe1e make config directory available to commandline and gradle
  • aedafe2 introduce new parameter for configuration directory
  • a98ee27 Merge pull request #1455 from hcoles/feature/move_incremental_analysis
  • 1b87fdd remove default history analysis
  • 15c8a25 Merge pull request #1453 from mlachenmayr-celonis/feat/token-permissions
  • dd74a3d EP-87 add token permissions to workflows
  • See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
org.springframework.boot:spring-boot-dependencies [>= 4.a0, < 5]

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the low-risk group with 4 updates
98a2f81 
Bumps the low-risk group with 4 updates: [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom), [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot), [org.pitest:pitest-parent](https://github.com/hcoles/pitest) and [org.pitest:pitest-maven](https://github.com/hcoles/pitest).


Updates `com.fasterxml.jackson:jackson-bom` from 2.21.1 to 2.21.2
- [Commits](FasterXML/jackson-bom@jackson-bom-2.21.1...jackson-bom-2.21.2)

Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.11 to 3.5.12
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.11...v3.5.12)

Updates `org.pitest:pitest-parent` from 1.22.1 to 1.23.0
- [Release notes](https://github.com/hcoles/pitest/releases)
- [Commits](hcoles/pitest@1.22.1...1.23.0)

Updates `org.pitest:pitest-maven` from 1.22.1 to 1.23.0
- [Release notes](https://github.com/hcoles/pitest/releases)
- [Commits](hcoles/pitest@1.22.1...1.23.0)

Updates `org.pitest:pitest-maven` from 1.22.1 to 1.23.0
- [Release notes](https://github.com/hcoles/pitest/releases)
- [Commits](hcoles/pitest@1.22.1...1.23.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.21.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 3.5.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.pitest:pitest-parent
  dependency-version: 1.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.pitest:pitest-maven
  dependency-version: 1.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.pitest:pitest-maven
  dependency-version: 1.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
...

Signed-off-by: dependabot[bot] <support@github.com>
Copilot AI review requested due to automatic review settings March 23, 2026 09:08
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Mar 23, 2026
@dependabot dependabot bot review requested due to automatic review settings March 23, 2026 09:08
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Mar 23, 2026
@RichardSlater
Copy link
Copy Markdown
Contributor

RichardSlater commented Mar 23, 2026

/azp run

@azure-pipelines
Copy link
Copy Markdown

azure-pipelines bot commented Mar 23, 2026

Azure Pipelines successfully started running 1 pipeline(s).

RichardSlater
RichardSlater approved these changes Mar 23, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@RichardSlater RichardSlater left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor version bumps, standard pre-approved change.

@RichardSlater RichardSlater enabled auto-merge (squash) March 23, 2026 09:34
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Mar 23, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@RichardSlater RichardSlater merged commit 1917c9f into main Mar 23, 2026
2 checks passed
@RichardSlater RichardSlater deleted the dependabot/maven/low-risk-e5fe03bcf5 branch March 23, 2026 09:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@RichardSlater RichardSlater RichardSlater approved these changes

Assignees

@RichardSlater RichardSlater

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RichardSlater