Update all non-major dependencies #12

Merged

ci merged 1 commit from renovate/all-minor-patch into main

2026-04-24 04:11:46 +02:00

ci commented

2026-04-24 04:05:30 +02:00

Member

This PR contains the following updates:

Package	Type	Update	Change
org.projectlombok:lombok (source)		patch	`1.18.44` → `1.18.46`
org.projectlombok:lombok (source)	provided	patch	`1.18.44` → `1.18.46`
org.springframework.boot:spring-boot-starter-data-jpa (source)	optional	patch	`4.0.5` → `4.0.6`

Release Notes

projectlombok/lombok (org.projectlombok:lombok)

`v1.18.46`

Compare Source

spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-data-jpa)

`v4.0.6`

Compare Source

🐞 Bug Fixes

Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not #50188
Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client #50187
ApplicationPidFileWriter does not handle symlinks correctly #50185
RandomValuePropertySource is not suitable for secrets #50183
Cassandra auto-configuration misconfigures CqlSessionBuilder #50180
ApplicationTemp does not handle symlinks correctly #50178
Remote DevTools performs comparison incorrectly #50176
spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50174
Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50077
Classic starters are missing several modules #50071
Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic #50069
Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50064
EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50039
WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50017
Imports on a containing test class are ignored when a nested class has imports #50012
With spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled #49951
500 response from env endpoint when supplied pattern is invalid #49946
Reactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver #49945
HTTP method is lost when configuring excludes in EndpointRequest #49943
Honor HttpMethod for reactive additional endpoint paths #49880
Docker Compose support doesn't work with apache/artemis image #49869
Docker Compose support doesn't work with apache/activemq image #49866
Spring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test #49854
API versioning path strategy should be applied path last as it is not meant to yield #49800

📔 Documentation

Update docs to encourage Java fundamentals for beginners that prefer to learn that way #50146
HTTP Service Interface Clients still document that API versioning can be configured via properties #50126
Link to the observability section of the Lettuce documentation is broken #50097
Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50085
MySamlRelyingPartyConfiguration is missing a Kotlin sample #50024
Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50019
Link to the Kubernetes documentation when discussing startup probes #50015
Typo in JdbcSessionAutoConfiguration Javadoc #49873
Clarify that configuration property default values are not available through the Environment #49851
Document the need for Liquibase and Flyway starters #49839
Kafka documentation refers to deprecated JSON serializer and deserializer classes #49826

🔨 Dependency Upgrades

Upgrade to Elasticsearch Client 9.2.8 #50027
Upgrade to Groovy 5.0.5 #49911
Upgrade to Hibernate 7.2.12.Final #50134
Upgrade to Jackson Bom 3.1.2 #50051
Upgrade to Jaxen 2.0.1 #50104
Upgrade to Jaybird 6.0.5 #49914
Upgrade to Jetty 12.1.8 #49915
Upgrade to jOOQ 3.19.32 #50105
Upgrade to Log4j2 2.25.4 #49916
Upgrade to Lombok 1.18.46 #50150
Upgrade to MariaDB 3.5.8 #49917
Upgrade to Micrometer 1.16.5 #49972
Upgrade to Micrometer Tracing 1.6.5 #49973
Upgrade to MongoDB 5.6.5 #50028
Upgrade to MySQL 9.7.0 #50159
Upgrade to Neo4j Java Driver 6.0.5 #50075
Upgrade to Reactor Bom 2025.0.5 #49974
Upgrade to Spring AMQP 4.0.3 #49975
Upgrade to Spring Data Bom 2025.1.5 #49976
Upgrade to Spring Framework 7.0.7 #49977
Upgrade to Spring GraphQL 2.0.3 #49978
Upgrade to Spring Kafka 4.0.5 #49979
Upgrade to Spring LDAP 4.0.3 #49980
Upgrade to Spring Pulsar 2.0.5 #49981
Upgrade to Spring Security 7.0.5 #49982
Upgrade to Spring Session 4.0.3 #49983
Upgrade to Testcontainers 2.0.5 #50135
Upgrade to Thymeleaf 3.1.5.RELEASE #50152
Upgrade to Thymeleaf Extras SpringSecurity 3.1.5.RELEASE #50153
Upgrade to Tomcat 11.0.21 #49918

❤️ Contributors

Thank you to all the contributors who worked on this release:

@GollapudiSrikanth, @MohammedGhallab, @bachhs, @dlwldnjs1009, @edwardsre, @kodama-kcc, @kwondh5217, @ppapaj, @quaff, @refeccd, @scordio, and @xxxxxxjun

Configuration

📅 Schedule: (UTC)

Branch creation
- At any time (no schedule defined)
Automerge
- At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [org.projectlombok:lombok](https://projectlombok.org) ([source](https://github.com/projectlombok/lombok)) | | patch | `1.18.44` → `1.18.46` | | [org.projectlombok:lombok](https://projectlombok.org) ([source](https://github.com/projectlombok/lombok)) | provided | patch | `1.18.44` → `1.18.46` | | [org.springframework.boot:spring-boot-starter-data-jpa](https://spring.io/projects/spring-boot) ([source](https://github.com/spring-projects/spring-boot)) | optional | patch | `4.0.5` → `4.0.6` | --- ### Release Notes <details> <summary>projectlombok/lombok (org.projectlombok:lombok)</summary> ### [`v1.18.46`](https://github.com/projectlombok/lombok/compare/v1.18.44...v1.18.46) [Compare Source](https://github.com/projectlombok/lombok/compare/v1.18.44...v1.18.46) </details> <details> <summary>spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-data-jpa)</summary> ### [`v4.0.6`](https://github.com/spring-projects/spring-boot/releases/tag/v4.0.6) [Compare Source](https://github.com/spring-projects/spring-boot/compare/v4.0.5...v4.0.6) #### :lady\_beetle: Bug Fixes - Default security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not [#50188](https://github.com/spring-projects/spring-boot/issues/50188) - Elasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client [#50187](https://github.com/spring-projects/spring-boot/issues/50187) - ApplicationPidFileWriter does not handle symlinks correctly [#50185](https://github.com/spring-projects/spring-boot/issues/50185) - RandomValuePropertySource is not suitable for secrets [#50183](https://github.com/spring-projects/spring-boot/issues/50183) - Cassandra auto-configuration misconfigures CqlSessionBuilder [#50180](https://github.com/spring-projects/spring-boot/issues/50180) - ApplicationTemp does not handle symlinks correctly [#50178](https://github.com/spring-projects/spring-boot/issues/50178) - Remote DevTools performs comparison incorrectly [#50176](https://github.com/spring-projects/spring-boot/issues/50176) - spring.rabbitmq.ssl.verify-hostname is applied inconsistently [#50174](https://github.com/spring-projects/spring-boot/issues/50174) - Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter [#50077](https://github.com/spring-projects/spring-boot/issues/50077) - Classic starters are missing several modules [#50071](https://github.com/spring-projects/spring-boot/issues/50071) - Module spring-boot-resttestclient is missing from spring-boot-starter-test-classic [#50069](https://github.com/spring-projects/spring-boot/pull/50069) - Annotations like `@Ssl` don't work on `@Bean` methods when using `@ServiceConnection` [#50064](https://github.com/spring-projects/spring-boot/issues/50064) - EnversRevisionRepositoriesRegistrar should reuse `@EnableEnversRepositories` rather than configuring the JPA counterpart [#50039](https://github.com/spring-projects/spring-boot/issues/50039) - WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links [#50017](https://github.com/spring-projects/spring-boot/issues/50017) - Imports on a containing test class are ignored when a nested class has imports [#50012](https://github.com/spring-projects/spring-boot/issues/50012) - With spring.jackson.use-jackson2-defaults set to true, FAIL\_ON\_UNKNOWN\_PROPERTIES is enabled [#49951](https://github.com/spring-projects/spring-boot/issues/49951) - 500 response from env endpoint when supplied pattern is invalid [#49946](https://github.com/spring-projects/spring-boot/issues/49946) - Reactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver [#49945](https://github.com/spring-projects/spring-boot/issues/49945) - HTTP method is lost when configuring excludes in EndpointRequest [#49943](https://github.com/spring-projects/spring-boot/issues/49943) - Honor HttpMethod for reactive additional endpoint paths [#49880](https://github.com/spring-projects/spring-boot/issues/49880) - Docker Compose support doesn't work with apache/artemis image [#49869](https://github.com/spring-projects/spring-boot/issues/49869) - Docker Compose support doesn't work with apache/activemq image [#49866](https://github.com/spring-projects/spring-boot/issues/49866) - Spring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test [#49854](https://github.com/spring-projects/spring-boot/issues/49854) - API versioning path strategy should be applied path last as it is not meant to yield [#49800](https://github.com/spring-projects/spring-boot/issues/49800) #### :notebook\_with\_decorative\_cover: Documentation - Update docs to encourage Java fundamentals for beginners that prefer to learn that way [#50146](https://github.com/spring-projects/spring-boot/issues/50146) - HTTP Service Interface Clients still document that API versioning can be configured via properties [#50126](https://github.com/spring-projects/spring-boot/issues/50126) - Link to the observability section of the Lettuce documentation is broken [#50097](https://github.com/spring-projects/spring-boot/issues/50097) - Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location [#50085](https://github.com/spring-projects/spring-boot/issues/50085) - MySamlRelyingPartyConfiguration is missing a Kotlin sample [#50024](https://github.com/spring-projects/spring-boot/issues/50024) - Incorrect default value for management.httpexchanges.recording.include in configuration metadata [#50019](https://github.com/spring-projects/spring-boot/issues/50019) - Link to the Kubernetes documentation when discussing startup probes [#50015](https://github.com/spring-projects/spring-boot/issues/50015) - Typo in JdbcSessionAutoConfiguration Javadoc [#49873](https://github.com/spring-projects/spring-boot/pull/49873) - Clarify that configuration property default values are not available through the Environment [#49851](https://github.com/spring-projects/spring-boot/issues/49851) - Document the need for Liquibase and Flyway starters [#49839](https://github.com/spring-projects/spring-boot/pull/49839) - Kafka documentation refers to deprecated JSON serializer and deserializer classes [#49826](https://github.com/spring-projects/spring-boot/pull/49826) #### :hammer: Dependency Upgrades - Upgrade to Elasticsearch Client 9.2.8 [#50027](https://github.com/spring-projects/spring-boot/issues/50027) - Upgrade to Groovy 5.0.5 [#49911](https://github.com/spring-projects/spring-boot/issues/49911) - Upgrade to Hibernate 7.2.12.Final [#50134](https://github.com/spring-projects/spring-boot/issues/50134) - Upgrade to Jackson Bom 3.1.2 [#50051](https://github.com/spring-projects/spring-boot/issues/50051) - Upgrade to [Jaxen 2.0.1](https://github.com/jaxen-xpath/jaxen/releases/tag/v2.0.1) [#50104](https://github.com/spring-projects/spring-boot/issues/50104) - Upgrade to [Jaybird 6.0.5](https://github.com/FirebirdSQL/jaybird/releases/tag/v6.0.5) [#49914](https://github.com/spring-projects/spring-boot/issues/49914) - Upgrade to [Jetty 12.1.8](https://github.com/jetty/jetty.project/releases/tag/jetty-12.1.8) [#49915](https://github.com/spring-projects/spring-boot/issues/49915) - Upgrade to [jOOQ 3.19.32](https://github.com/jOOQ/jOOQ/releases/tag/version-3.19.32) [#50105](https://github.com/spring-projects/spring-boot/issues/50105) - Upgrade to [Log4j2 2.25.4](https://github.com/apache/logging-log4j2/releases/tag/rel%2F2.25.4) [#49916](https://github.com/spring-projects/spring-boot/issues/49916) - Upgrade to Lombok 1.18.46 [#50150](https://github.com/spring-projects/spring-boot/issues/50150) - Upgrade to [MariaDB 3.5.8](https://mariadb.com/kb/en/mariadb-connector-j-3-5-8-release-notes) [#49917](https://github.com/spring-projects/spring-boot/issues/49917) - Upgrade to [Micrometer 1.16.5](https://github.com/micrometer-metrics/micrometer/releases/tag/v1.16.5) [#49972](https://github.com/spring-projects/spring-boot/issues/49972) - Upgrade to [Micrometer Tracing 1.6.5](https://github.com/micrometer-metrics/tracing/releases/tag/v1.6.5) [#49973](https://github.com/spring-projects/spring-boot/issues/49973) - Upgrade to [MongoDB 5.6.5](https://github.com/mongodb/mongo-java-driver/releases/tag/r5.6.5) [#50028](https://github.com/spring-projects/spring-boot/issues/50028) - Upgrade to [MySQL 9.7.0](https://dev.mysql.com/doc/relnotes/connector-j/en/news-9-7-0.html) [#50159](https://github.com/spring-projects/spring-boot/issues/50159) - Upgrade to Neo4j Java Driver 6.0.5 [#50075](https://github.com/spring-projects/spring-boot/issues/50075) - Upgrade to [Reactor Bom 2025.0.5](https://github.com/reactor/reactor/releases/tag/2025.0.5) [#49974](https://github.com/spring-projects/spring-boot/issues/49974) - Upgrade to [Spring AMQP 4.0.3](https://github.com/spring-projects/spring-amqp/releases/tag/v4.0.3) [#49975](https://github.com/spring-projects/spring-boot/issues/49975) - Upgrade to [Spring Data Bom 2025.1.5](https://github.com/spring-projects/spring-data-bom/releases/tag/2025.1.5) [#49976](https://github.com/spring-projects/spring-boot/issues/49976) - Upgrade to [Spring Framework 7.0.7](https://github.com/spring-projects/spring-framework/releases/tag/v7.0.7) [#49977](https://github.com/spring-projects/spring-boot/issues/49977) - Upgrade to [Spring GraphQL 2.0.3](https://github.com/spring-projects/spring-graphql/releases/tag/v2.0.3) [#49978](https://github.com/spring-projects/spring-boot/issues/49978) - Upgrade to [Spring Kafka 4.0.5](https://github.com/spring-projects/spring-kafka/releases/tag/v4.0.5) [#49979](https://github.com/spring-projects/spring-boot/issues/49979) - Upgrade to [Spring LDAP 4.0.3](https://github.com/spring-projects/spring-ldap/releases/tag/4.0.3) [#49980](https://github.com/spring-projects/spring-boot/issues/49980) - Upgrade to [Spring Pulsar 2.0.5](https://github.com/spring-projects/spring-pulsar/releases/tag/v2.0.5) [#49981](https://github.com/spring-projects/spring-boot/issues/49981) - Upgrade to [Spring Security 7.0.5](https://github.com/spring-projects/spring-security/releases/tag/7.0.5) [#49982](https://github.com/spring-projects/spring-boot/issues/49982) - Upgrade to [Spring Session 4.0.3](https://github.com/spring-projects/spring-session/releases/tag/4.0.3) [#49983](https://github.com/spring-projects/spring-boot/issues/49983) - Upgrade to [Testcontainers 2.0.5](https://github.com/testcontainers/testcontainers-java/releases/tag/2.0.5) [#50135](https://github.com/spring-projects/spring-boot/issues/50135) - Upgrade to Thymeleaf 3.1.5.RELEASE [#50152](https://github.com/spring-projects/spring-boot/issues/50152) - Upgrade to Thymeleaf Extras SpringSecurity 3.1.5.RELEASE [#50153](https://github.com/spring-projects/spring-boot/issues/50153) - Upgrade to [Tomcat 11.0.21](https://tomcat.apache.org/tomcat-11.0-doc/changelog.html) [#49918](https://github.com/spring-projects/spring-boot/issues/49918) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@GollapudiSrikanth](https://github.com/GollapudiSrikanth), [@MohammedGhallab](https://github.com/MohammedGhallab), [@bachhs](https://github.com/bachhs), [@dlwldnjs1009](https://github.com/dlwldnjs1009), [@edwardsre](https://github.com/edwardsre), [@kodama-kcc](https://github.com/kodama-kcc), [@kwondh5217](https://github.com/kwondh5217), [@ppapaj](https://github.com/ppapaj), [@quaff](https://github.com/quaff), [@refeccd](https://github.com/refeccd), [@scordio](https://github.com/scordio), and [@xxxxxxjun](https://github.com/xxxxxxjun) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).

ci added 1 commit

2026-04-24 04:05:31 +02:00

Update all non-major dependencies

Verify Build / verify (pull_request) Successful in 2m54s

Details

c19fe132c1

ci scheduled this pull request to auto merge when all checks succeed

2026-04-24 04:05:31 +02:00