Bump the java group with 5 updates

[dependabot]

Bumps the java group with 5 updates:

Package	From	To
org.springframework.boot:spring-boot-maven-plugin	3.5.7	3.5.8
org.springframework.boot:spring-boot-dependencies	3.5.7	3.5.8
org.springframework:spring-web	6.2.12	6.2.14
org.springframework.boot:spring-boot-starter-test	3.5.7	3.5.8
org.springframework.security:spring-security-test	6.5.6	6.5.7

Updates org.springframework.boot:spring-boot-maven-plugin from 3.5.7 to 3.5.8

Release notes

Sourced from org.springframework.boot:spring-boot-maven-plugin's releases.

v3.5.8

⚠️ Noteworthy changes

• This release contains a fix to get Testcontainers working with modern Docker versions. If this causes problems in your setup, you can downgrade the minimum Docker API, effectively reverting that change.

🐞 Bug Fixes

• Gradle war task does not exclude starter POMs from lib-provided #48196
• Testcontainers integration fails on Docker 29.0.0 #48192
• SslMeterBinder doesn't register metrics for dynamically added bundles if no bundles exist at bind time #48180
• Properties bound in the child management context ignore the parent's environment prefix #48176
• ssl.chain.expiry metrics doesn't update for dynamically registered SSL bundles #48153
• Auto-configuration exclusions are checked using a different class loader to the one that loads auto-configuration classes #48129
• New arm64 macbooks fail to bootBuildImage due to incorrect platform image #48127
• NullPointerException when using @ConditionalOnSingleCandidate with multiple manually registered singletons #48123
• Buildpack fails with recent Docker installs due to hardcoded version in URL #48102
• Image building may fail when specifying a platform if an image has already been built with a different platform #48098
• Undertow's ServletContext is destroy too early, making it unusable in @PreDestroy methods #48061
• PortInUseException incorrectly thrown on failure to bind port due to Netty IP misconfiguration #48058
• Auto-configured JCacheMetrics cannot be customized #48056
• WebSecurityCustomizer beans are excluded by WebMvcTest #48054
• Devtools Restarter does not work with a parameterless main method #47987
• Setting 'max-uri-tags' does not prevent unlimited meter growth on any AutoConfiguredCompositeMeterRegistry #47923
• Docker response 407 is not handled correctly resulting in no error message #47900
• spring-boot-maven-plugin process-aot goal does not find package-private main method #47780

📔 Documentation

• Revise AWS section of "Deploying to the Cloud" in reference manual #48156
• Fix typo in PortInUseException Javadoc #48133
• Correct section about required setters in "Type-safe Configuration Properties" #48130
• Document EndpointObjectMapper and management.endpoints.jackson.isolated-object-mapper #48114
• Document support for configuring servlet context init parameters using properties #48111
• Clarify how warnings about soon-to-expire SSL certificates are reported #48062
• Document how to use ContextPropagatingTaskDecorator for propagating trace context over thread boundaries #48052
• Use since attribute in configuration properties deprecation consistently #47980
• BootstrapContext#getOrElseThrow has incorrect reference to IllegalStateException #47905
• Clarify when BootstrapContext get methods may return null rather than throwing an exception or calling the fallback supplier #47898
• Document that Actuator endpoint may have at most one extension of each type #47873
• Limit Kotlin API documentation to Kotlin-specific APIs #47859
• Adapt AOTCache documentation to JEP 514 #47274

🔨 Dependency Upgrades

• Downgrade to Cassandra Driver 4.19.0 #47926
• Upgrade to AspectJ 1.9.25 #48005
• Upgrade to Caffeine 3.2.3 #48006
• Upgrade to Cassandra Driver 4.19.2 #48183
• Upgrade to DB2 JDBC 12.1.3.0 #48083
• Upgrade to Hibernate 6.6.36.Final #48148

... (truncated)

Commits

• 17f22c3 Release v3.5.8
• 4f03b44 Merge branch '3.4.x' into 3.5.x
• 3d15c13 Next development version (v3.4.13-SNAPSHOT)
• 3b539aa Merge branch '3.4.x' into 3.5.x
• ee70d55 Upgrade to Spring Framework 6.2.14
• f7b4a8b Merge branch '3.4.x' into 3.5.x
• 4a8d01d Exclude starter POMs from lib-provided when using Gradle
• 0bb0d53 Merge branch '3.4.x' into 3.5.x
• 4625534 Force Testcontainers Docker API version for Docker 29.0.0+ compatibility
• 7891ebf Merge branch '3.4.x' into 3.5.x
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-dependencies from 3.5.7 to 3.5.8

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.5.8

⚠️ Noteworthy changes

• This release contains a fix to get Testcontainers working with modern Docker versions. If this causes problems in your setup, you can downgrade the minimum Docker API, effectively reverting that change.

🐞 Bug Fixes

• Gradle war task does not exclude starter POMs from lib-provided #48196
• Testcontainers integration fails on Docker 29.0.0 #48192
• SslMeterBinder doesn't register metrics for dynamically added bundles if no bundles exist at bind time #48180
• Properties bound in the child management context ignore the parent's environment prefix #48176
• ssl.chain.expiry metrics doesn't update for dynamically registered SSL bundles #48153
• Auto-configuration exclusions are checked using a different class loader to the one that loads auto-configuration classes #48129
• New arm64 macbooks fail to bootBuildImage due to incorrect platform image #48127
• NullPointerException when using @ConditionalOnSingleCandidate with multiple manually registered singletons #48123
• Buildpack fails with recent Docker installs due to hardcoded version in URL #48102
• Image building may fail when specifying a platform if an image has already been built with a different platform #48098
• Undertow's ServletContext is destroy too early, making it unusable in @PreDestroy methods #48061
• PortInUseException incorrectly thrown on failure to bind port due to Netty IP misconfiguration #48058
• Auto-configured JCacheMetrics cannot be customized #48056
• WebSecurityCustomizer beans are excluded by WebMvcTest #48054
• Devtools Restarter does not work with a parameterless main method #47987
• Setting 'max-uri-tags' does not prevent unlimited meter growth on any AutoConfiguredCompositeMeterRegistry #47923
• Docker response 407 is not handled correctly resulting in no error message #47900
• spring-boot-maven-plugin process-aot goal does not find package-private main method #47780

📔 Documentation

• Revise AWS section of "Deploying to the Cloud" in reference manual #48156
• Fix typo in PortInUseException Javadoc #48133
• Correct section about required setters in "Type-safe Configuration Properties" #48130
• Document EndpointObjectMapper and management.endpoints.jackson.isolated-object-mapper #48114
• Document support for configuring servlet context init parameters using properties #48111
• Clarify how warnings about soon-to-expire SSL certificates are reported #48062
• Document how to use ContextPropagatingTaskDecorator for propagating trace context over thread boundaries #48052
• Use since attribute in configuration properties deprecation consistently #47980
• BootstrapContext#getOrElseThrow has incorrect reference to IllegalStateException #47905
• Clarify when BootstrapContext get methods may return null rather than throwing an exception or calling the fallback supplier #47898
• Document that Actuator endpoint may have at most one extension of each type #47873
• Limit Kotlin API documentation to Kotlin-specific APIs #47859
• Adapt AOTCache documentation to JEP 514 #47274

🔨 Dependency Upgrades

• Downgrade to Cassandra Driver 4.19.0 #47926
• Upgrade to AspectJ 1.9.25 #48005
• Upgrade to Caffeine 3.2.3 #48006
• Upgrade to Cassandra Driver 4.19.2 #48183
• Upgrade to DB2 JDBC 12.1.3.0 #48083
• Upgrade to Hibernate 6.6.36.Final #48148

... (truncated)

Commits

• 17f22c3 Release v3.5.8
• 4f03b44 Merge branch '3.4.x' into 3.5.x
• 3d15c13 Next development version (v3.4.13-SNAPSHOT)
• 3b539aa Merge branch '3.4.x' into 3.5.x
• ee70d55 Upgrade to Spring Framework 6.2.14
• f7b4a8b Merge branch '3.4.x' into 3.5.x
• 4a8d01d Exclude starter POMs from lib-provided when using Gradle
• 0bb0d53 Merge branch '3.4.x' into 3.5.x
• 4625534 Force Testcontainers Docker API version for Docker 29.0.0+ compatibility
• 7891ebf Merge branch '3.4.x' into 3.5.x
• Additional commits viewable in compare view

Updates org.springframework:spring-web from 6.2.12 to 6.2.14

Release notes

Sourced from org.springframework:spring-web's releases.

v6.2.14

⭐ New Features

• Add resetCaches() method to Caffeine/ConcurrentMapCacheManager #35841
• Fix single-check idiom in UnmodifiableMultiValueMap #35831
• Fix Spliterator characteristics in ConcurrentReferenceHashMap #35828

🐞 Bug Fixes

• MissingPathVariableException produces wrong status code in ProblemDetail #35856
• Fix getCacheNames() concurrent access in NoOpCacheManager #35844
• Annotation discovery regression for interfaces extending BeanNameAware and co. #35838
• Fix HtmlUtils unescape for supplementary chars #35832

📔 Documentation

• Fix cross-reference links in HtmlUnit sections #35857
• Remove @see Javadoc references to deprecated PropertiesBeanDefinitionReader #35854

v6.2.13

⭐ New Features

• Support response encoding in select and options JSP form tags #35783
• Preserve Connection readOnly state for DataSource with defaultReadOnly configuration #35743
• Optimize resource URL resolution in SortedResourcesFactoryBean #35687
• Relax multiple segment matching constraints in PathPattern #35686
• Support wildcard path elements at the start of path patterns #35679
• Validating byte[]s may produce OutOfMemoryError #35675
• Update in FragmentsRendering to names of static methods #33974

🐞 Bug Fixes

• ConcurrentReferenceHashMap misses dedicated computeIfAbsent, computeIfPresent, compute, merge implementations #35794
• Avoid unnecessary bridge method resolution around getMostSpecificMethod #35780
• Fix multi-release JAR issue with VirtualThreadDelegate #35773
• ContentNegotiationManager not finding media type when request includes quality parameter #35754
• Race condition in BufferingClientHttpResponseWrapper.getBody() #35745
• Deprecate setConnectTimeout on HttpComponentsClientHttpRequestFactory #35748
• Fix PathMatchingResourcePatternResolver to handle absolute paths in JAR manifests #35732
• BeanDefinitionBuilder.addAutowiredProperty causes error during AOT processing #35731
• Improve HttpServiceMethod support for Kotlin suspending functions returning Flow #35718
• Exception translation does not expose original BatchUpdateException anymore #35717
• Add hints for entities package-private methods #35711
• Fix concurrency permit leak causing deadlock in SimpleAsyncTaskExecutor #35708
• Remove jibx-marshaller element from spring-oxm.xsd #35699
• NullPointerException When Handling 407 with JdkClientHttpConnector in WebClient #35692
• Method-based Map injection fails against target Map with incomplete generics despite bean name or qualifier match #35690
• JUnit Jupiter TEST_METHOD ExtensionContextScope is not fully supported #35680
• Introduce isAutowirableConstructor(Executable, PropertyProvider) in TestConstructorUtils and deprecate existing variants #35676
• Reflection on java.sql.Types without runtime hints #35674

... (truncated)

Commits

• 1ab9f7a Release v6.2.14
• 59025c5 Lazily initialize ProblemDetail for picking up actual status code
• e5de8b9 Fix link to MockMvc test in HtmlUnit section
• e146e80 Polishing
• ff62e73 Fix cross-reference links in HtmlUnit sections
• 4e97013 Polishing
• bd10b7a Remove javadoc references to deprecated PropertiesBeanDefinitionReader
• e428817 Fix getCacheNames() concurrent access in NoOpCacheManager
• 8545a75 Add resetCaches() method to Caffeine/ConcurrentMapCacheManager
• f94645d Narrow Aware interface exclusion check to BeanFactoryAware only
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-dependencies from 3.5.7 to 3.5.8

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.5.8

⚠️ Noteworthy changes

• This release contains a fix to get Testcontainers working with modern Docker versions. If this causes problems in your setup, you can downgrade the minimum Docker API, effectively reverting that change.

🐞 Bug Fixes

• Gradle war task does not exclude starter POMs from lib-provided #48196
• Testcontainers integration fails on Docker 29.0.0 #48192
• SslMeterBinder doesn't register metrics for dynamically added bundles if no bundles exist at bind time #48180
• Properties bound in the child management context ignore the parent's environment prefix #48176
• ssl.chain.expiry metrics doesn't update for dynamically registered SSL bundles #48153
• Auto-configuration exclusions are checked using a different class loader to the one that loads auto-configuration classes #48129
• New arm64 macbooks fail to bootBuildImage due to incorrect platform image #48127
• NullPointerException when using @ConditionalOnSingleCandidate with multiple manually registered singletons #48123
• Buildpack fails with recent Docker installs due to hardcoded version in URL #48102
• Image building may fail when specifying a platform if an image has already been built with a different platform #48098
• Undertow's ServletContext is destroy too early, making it unusable in @PreDestroy methods #48061
• PortInUseException incorrectly thrown on failure to bind port due to Netty IP misconfiguration #48058
• Auto-configured JCacheMetrics cannot be customized #48056
• WebSecurityCustomizer beans are excluded by WebMvcTest #48054
• Devtools Restarter does not work with a parameterless main method #47987
• Setting 'max-uri-tags' does not prevent unlimited meter growth on any AutoConfiguredCompositeMeterRegistry #47923
• Docker response 407 is not handled correctly resulting in no error message #47900
• spring-boot-maven-plugin process-aot goal does not find package-private main method #47780

📔 Documentation

• Revise AWS section of "Deploying to the Cloud" in reference manual #48156
• Fix typo in PortInUseException Javadoc #48133
• Correct section about required setters in "Type-safe Configuration Properties" #48130
• Document EndpointObjectMapper and management.endpoints.jackson.isolated-object-mapper #48114
• Document support for configuring servlet context init parameters using properties #48111
• Clarify how warnings about soon-to-expire SSL certificates are reported #48062
• Document how to use ContextPropagatingTaskDecorator for propagating trace context over thread boundaries #48052
• Use since attribute in configuration properties deprecation consistently #47980
• BootstrapContext#getOrElseThrow has incorrect reference to IllegalStateException #47905
• Clarify when BootstrapContext get methods may return null rather than throwing an exception or calling the fallback supplier #47898
• Document that Actuator endpoint may have at most one extension of each type #47873
• Limit Kotlin API documentation to Kotlin-specific APIs #47859
• Adapt AOTCache documentation to JEP 514 #47274

🔨 Dependency Upgrades

• Downgrade to Cassandra Driver 4.19.0 #47926
• Upgrade to AspectJ 1.9.25 #48005
• Upgrade to Caffeine 3.2.3 #48006
• Upgrade to Cassandra Driver 4.19.2 #48183
• Upgrade to DB2 JDBC 12.1.3.0 #48083
• Upgrade to Hibernate 6.6.36.Final #48148

... (truncated)

Commits

• 17f22c3 Release v3.5.8
• 4f03b44 Merge branch '3.4.x' into 3.5.x
• 3d15c13 Next development version (v3.4.13-SNAPSHOT)
• 3b539aa Merge branch '3.4.x' into 3.5.x
• ee70d55 Upgrade to Spring Framework 6.2.14
• f7b4a8b Merge branch '3.4.x' into 3.5.x
• 4a8d01d Exclude starter POMs from lib-provided when using Gradle
• 0bb0d53 Merge branch '3.4.x' into 3.5.x
• 4625534 Force Testcontainers Docker API version for Docker 29.0.0+ compatibility
• 7891ebf Merge branch '3.4.x' into 3.5.x
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter-test from 3.5.7 to 3.5.8

Release notes

Sourced from org.springframework.boot:spring-boot-starter-test's releases.

v3.5.8

⚠️ Noteworthy changes

• This release contains a fix to get Testcontainers working with modern Docker versions. If this causes problems in your setup, you can downgrade the minimum Docker API, effectively reverting that change.

🐞 Bug Fixes

• Gradle war task does not exclude starter POMs from lib-provided #48196
• Testcontainers integration fails on Docker 29.0.0 #48192
• SslMeterBinder doesn't register metrics for dynamically added bundles if no bundles exist at bind time #48180
• Properties bound in the child management context ignore the parent's environment prefix #48176
• ssl.chain.expiry metrics doesn't update for dynamically registered SSL bundles #48153
• Auto-configuration exclusions are checked using a different class loader to the one that loads auto-configuration classes #48129
• New arm64 macbooks fail to bootBuildImage due to incorrect platform image #48127
• NullPointerException when using @ConditionalOnSingleCandidate with multiple manually registered singletons #48123
• Buildpack fails with recent Docker installs due to hardcoded version in URL #48102
• Image building may fail when specifying a platform if an image has already been built with a different platform #48098
• Undertow's ServletContext is destroy too early, making it unusable in @PreDestroy methods #48061
• PortInUseException incorrectly thrown on failure to bind port due to Netty IP misconfiguration #48058
• Auto-configured JCacheMetrics cannot be customized #48056
• WebSecurityCustomizer beans are excluded by WebMvcTest #48054
• Devtools Restarter does not work with a parameterless main method #47987
• Setting 'max-uri-tags' does not prevent unlimited meter growth on any AutoConfiguredCompositeMeterRegistry #47923
• Docker response 407 is not handled correctly resulting in no error message #47900
• spring-boot-maven-plugin process-aot goal does not find package-private main method #47780

📔 Documentation

• Revise AWS section of "Deploying to the Cloud" in reference manual #48156
• Fix typo in PortInUseException Javadoc #48133
• Correct section about required setters in "Type-safe Configuration Properties" #48130
• Document EndpointObjectMapper and management.endpoints.jackson.isolated-object-mapper #48114
• Document support for configuring servlet context init parameters using properties #48111
• Clarify how warnings about soon-to-expire SSL certificates are reported #48062
• Document how to use ContextPropagatingTaskDecorator for propagating trace context over thread boundaries #48052
• Use since attribute in configuration properties deprecation consistently #47980
• BootstrapContext#getOrElseThrow has incorrect reference to IllegalStateException #47905
• Clarify when BootstrapContext get methods may return null rather than throwing an exception or calling the fallback supplier #47898
• Document that Actuator endpoint may have at most one extension of each type #47873
• Limit Kotlin API documentation to Kotlin-specific APIs #47859
• Adapt AOTCache documentation to JEP 514 #47274

🔨 Dependency Upgrades

• Downgrade to Cassandra Driver 4.19.0 #47926
• Upgrade to AspectJ 1.9.25 #48005
• Upgrade to Caffeine 3.2.3 #48006
• Upgrade to Cassandra Driver 4.19.2 #48183
• Upgrade to DB2 JDBC 12.1.3.0 #48083
• Upgrade to Hibernate 6.6.36.Final #48148

... (truncated)

Commits

• 17f22c3 Release v3.5.8
• 4f03b44 Merge branch '3.4.x' into 3.5.x
• 3d15c13 Next development version (v3.4.13-SNAPSHOT)
• 3b539aa Merge branch '3.4.x' into 3.5.x
• ee70d55 Upgrade to Spring Framework 6.2.14
• f7b4a8b Merge branch '3.4.x' into 3.5.x
• 4a8d01d Exclude starter POMs from lib-provided when using Gradle
• 0bb0d53 Merge branch '3.4.x' into 3.5.x
• 4625534 Force Testcontainers Docker API version for Docker 29.0.0+ compatibility
• 7891ebf Merge branch '3.4.x' into 3.5.x
• Additional commits viewable in compare view

Updates org.springframework.security:spring-security-test from 6.5.6 to 6.5.7

Release notes

Sourced from org.springframework.security:spring-security-test's releases.

6.5.7

⭐ New Features

• Add Include-Code for the Password Storage page #18054
• Default WebAuthnConfigurer#rpName to rpId #18131
• Document effects of disabling CORS #18129

🪲 Bug Fixes

• typ values should not be case-sensitive in JwtTypeValidator #18101
• BCryptPasswordEncoderTests should password limit of 72 bytes #18136
• Fix GenerateOneTimeTokenRequestResolver ignored if username param not present #18074
• GenerateOneTimeTokenFilter should not attempt to generate a token with a null token request #18088

🔨 Dependency Upgrades

• Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 #18110
• Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 #18149
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13 #18141
• Bump org-aspectj from 1.9.24 to 1.9.25 #18142
• Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final #18111
• Update to Reactor 2024.0.12 #18181
• Update to Spring Data 2024.1.12 #18182
• Update to Spring Framework 6.2.13 #18180

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​himanshu-pareek, @​marcusdacoregio, and @​namest504

Commits

• e5a379c Release 6.5.7
• 7ad2877 Update to Spring Data 2024.1.12
• 2678925 Update to Reactor 2024.0.12
• 87472c9 Update to Spring Framework 6.2.13
• ea03670 Merge branch '6.4.x' into 6.5.x
• 0980531 Update Spring Data 2024.1.12
• 4ab9338 Update to Reactor 2024.0.12
• d2b1cb5 Update to Spring Framework 6.2.13
• 7007618 Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5
• 57c9b13 Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions