chore(deps): bump the maven-dependencies group with 21 updates

[dependabot]

Bumps the maven-dependencies group with 21 updates:

Package	From	To
org.hibernate.orm:hibernate-core	7.3.1.Final	7.3.2.Final
com.mysql:mysql-connector-j	9.6.0	9.7.0
commons-io:commons-io	2.21.0	2.22.0
org.javassist:javassist	3.30.2-GA	3.31.0-GA
com.google.code.gson:gson	2.13.2	2.14.0
org.springframework.boot:spring-boot-configuration-processor	3.5.13	3.5.14
org.springframework.boot:spring-boot-starter	3.5.13	3.5.14
org.springframework.boot:spring-boot-autoconfigure-processor	3.5.13	3.5.14
org.springframework.boot:spring-boot-starter-data-jpa	3.5.13	3.5.14
org.springframework.boot:spring-boot-actuator	3.5.13	3.5.14
org.springframework.boot:spring-boot-starter-test	3.5.13	3.5.14
org.springframework.boot:spring-boot-starter-validation	3.5.13	3.5.14
org.springframework.boot:spring-boot-docker-compose	3.5.13	3.5.14
org.springframework.boot:spring-boot-testcontainers	3.5.13	3.5.14
org.springframework.boot:spring-boot-starter-web	3.5.13	3.5.14
org.springframework.security:spring-security-bom	6.5.9	6.5.10
org.testcontainers:testcontainers-bom	2.0.4	2.0.5
org.openrewrite.recipe:rewrite-migrate-java	3.32.1	3.33.1
org.openrewrite:rewrite-test	8.79.5	8.80.1
org.projectlombok:lombok	1.18.44	1.18.46
org.springframework.boot:spring-boot-dependencies	3.5.13	3.5.14

Updates org.hibernate.orm:hibernate-core from 7.3.1.Final to 7.3.2.Final

Release notes

Sourced from org.hibernate.orm:hibernate-core's releases.

Release 7.3.2

Hibernate ORM 7.3.2.Final released

Today, we published a new release of Hibernate ORM 7.3: 7.3.2.Final.

You can find the full list of 7.3.2.Final changes here.

What's new

• See the website for requirements and compatibilities.
• See the What's New guide for details about new features and capabilities.
• See the Migration Guide for details about migration.

Conclusion

For additional details, see:

• the release page
• the Migration Guide
• the Introduction Guide
• the User Guide
• the API docs

See also the following resources related to supported APIs:

• the compatibility policy
• the incubating API report (@Incubating)
• the deprecated API report (@Deprecated + @Remove)
• the internal API report (internal packages, @Internal)

Visit the website for details on getting in touch with us.

Changelog

Sourced from org.hibernate.orm:hibernate-core's changelog.

Changes in 7.3.2.Final (April 20, 2026)

https://hibernate.atlassian.net/projects/HHH/versions/38725

** Bug * HHH-20321 import.sql not executed when there are no @​Entity classes * HHH-20320 detached versioned entity parameter triggers auto-flush transient check * HHH-20317 Envers does not reflect @​DiscriminatorOptions for history entities * HHH-20313 Criteria query comparing double path to integer expression containing integer parameter fails

** Task * HHH-20334 Upgrade to Log4j 2.25.4

Commits

• 926b61c [Jenkins release job] Preparing release 7.3.2.Final
• 70453b0 [Jenkins release job] changelog.txt updated by release build 7.3.2.Final
• 25d93fc HHH-20313 Fix JPA Criteria parameter type inference TCK failure
• 4f734ec HHH-20317 fix: Envers does not reflect @​DiscriminatorOptions for history enti...
• 7e04d5f Allow running the TCK manually
• aae3d0f Add BytecodeEnhancedTestEngine support for JUnit 5.13 and older for JPA
• c0b7799 Update to Jakarta Persistence TCK version 3.2.1
• 6c72319 HHH-20321 Remove pointless schema management in TransactionCommitFailureTest
• 56cf9a1 HHH-20321 Schema actions skipped when Metadata has no contributors
• 0c4f489 HHH-20334 Upgrade to Log4j 2.25.4
• Additional commits viewable in compare view

Updates com.mysql:mysql-connector-j from 9.6.0 to 9.7.0

Changelog

Sourced from com.mysql:mysql-connector-j's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/en/

Version 9.7.0

• Fix for Bug#119863 (Bug#38951042), Inaccurate decoding of negative TIME durations in Binary Protocol (Cursor Mode).

• WL#17215, Implement JDBC 4.3/4.5 Statement/Connection.enquote* methods.

• Fix for Bug#119245 (Bug#38599240), Select into fix breaks queries with 'into' in them. (reopened)

• Fix for Bug#119659 (Bug#38916595), BinaryResultsetReader fails to consume EOF packet after column definitions when EOF is not deprecated.

Version 9.6.0

• Fix for Bug#118002 (Bug#37843004), The setFetchSize() method in the Statement class may have a potential bug.

• Fix for Bug#113130 (Bug#36043125), getGeneratedKeys() returns a zero resultset with non-key-generating statements.

• Fix for Bug#113336 (Bug#36080226), Inconsistent getUpdateCount() Behavior with allowMultiQueries.

• Fix for Bug#118234 (Bug#37975837), A potential bugs in Mysql Connector/J.

• Fix for Bug#113413 (Bug#36107426), Connection.changeUser cannot be done after DriverManager.loginTimeout elapses. Thanks to Kazuhisa Kawashima for his contribution.

• Fix for Bug#119271 (Bug#38599496), Connector/J fails to accept legacy value zeroDateTimeBehavior=convertToNull on multi-host URLs (failover).

• Fix for Bug#119245 (Bug#38599240), Select into fix breaks queries with 'into' in them.

Version 9.5.0

• Fix for Bug#72036 (Bug#18403804), XA isSameRM() shouldn't take database into account.

• Fix for Bug#62693 (Bug#16722068), XAConnection savepoint capability.

• Fix for Bug#81128 (Bug#23146631), Master host list overwritten by slave list when loadBalanceConnectionGroup used.

• Fix for Bug#19887224, RUNNING THE TEST SUITE WITH SOCKSPROXY* PROPERTIES HANGS IN TEST TESTBUG56429.

• Fix for Bug#98699 (Bug#30932850), Allow empty keyStore file for keyStoreTypes that do not require files. Thanks to Kolbe Kegel for his contribution.

• Fix for Bug#118938 (Bug#38396227), DatabaseMetaDataInformationSchema#getSchemas has a bug.

• Fix for Bug#99292 (Bug#31195955), Contribution: Support Windows time zone 'Coordinated Universal Time'. Thanks to Frédéric Barrière for his contribution.

• Fix for Bug#107094 (Bug#34104230), NullPointerException when calling equals with null on MultiHostConnectionProxy.

... (truncated)

Commits

• 0aade1f Fix for Bug#119863 (Bug#38951042), Inaccurate decoding of negative TIME durat...
• b6d5baa Update for GPL license book.
• a7cc5a9 Fix for DateTimeTest failures after some of the work done for WL#16669 in MyS...
• 6a0c818 WL#17215, Implement JDBC 4.3/4.5 Statement/Connection.enquote* methods.
• 5f96e85 Fix for Bug#119245 (Bug#38599240), Select into fix breaks queries with 'into'...
• 8d779fc Fix for Bug#119659 (Bug#38916595), BinaryResultsetReader fails to consume EOF...
• 1391179 Copyright header year bump.
• 5c764b4 Post-release version bump.
• See full diff in compare view

Updates commons-io:commons-io from 2.21.0 to 2.22.0

Updates org.javassist:javassist from 3.30.2-GA to 3.31.0-GA

Release notes

Sourced from org.javassist:javassist's releases.

Javassist 3.31.0-GA

What's Changed

• improve pom by @​oldratlee in jboss-javassist/javassist#477
• support bootstrap method coping when using code coping by @​likey3 in jboss-javassist/javassist#480
• Line numbers support by @​kuznet1 in jboss-javassist/javassist#484
• [bugfix]fix TransformCallToStatic with invokeinterface or invokedynamic by @​catsalty in jboss-javassist/javassist#486
• reduced InnerClasses propagation by @​jbellenger in jboss-javassist/javassist#491
• Fix wrong line numbers in some cases by @​kuznet1 in jboss-javassist/javassist#492
• ignoring unnecessarily generated surefire report by @​Talank in jboss-javassist/javassist#506
• Add Record and PermittedSubclasses (sealed) Attributes by @​Asbestosstar in jboss-javassist/javassist#495

New Contributors

• @​likey3 made their first contribution in jboss-javassist/javassist#480
• @​kuznet1 made their first contribution in jboss-javassist/javassist#484
• @​jbellenger made their first contribution in jboss-javassist/javassist#491
• @​Talank made their first contribution in jboss-javassist/javassist#506
• @​Asbestosstar made their first contribution in jboss-javassist/javassist#495

Full Changelog: jboss-javassist/javassist@rel_3_30_2_ga...rel_3_31_0_ga

Changelog

Sourced from org.javassist:javassist's changelog.

Changes

version 3.31.0 on April 20, 2026

• GitHub PR #480, #484, #486, #491, #492, #495, #506

version 3.30.2 on December 25, 2023

• GitHub PR #473, 475, 476

version 3.30.1 on December 17, 2023

• GitHub Issue #471

version 3.30 on December 17, 2023

• GitHub PR #434, 448, 463 (Issue #462), 466, 467, 468, 469, 470,

version 3.29.2 on September 14, 2022

• GitHub Issue #427.

version 3.29.1 on August 11, 2022

• GitHub Issue #423.

• Readme.html was deleted (GitHub Issue #414).

version 3.29 on May 13, 2022

• GitHub Issue #378, PR #278, #299, #382, #383, #390, #391, #395, #399, #409.

version 3.28 on May 8, 2021

• GitHub Issue #305, #328, #339, #350, #357, and PR #363.

version 3.27 on March 19, 2020

• GitHub Issue #271 (PR #279), #280 (PR #281), #282, and PR #294.

version 3.26 on October 3, 2019

• GitHub Issue #270 (PR #272), #265 (PR #267), #271, #222, and #275.

version 3.25 on April 16, 2019

• GitHub Issue #72 (PR #231), #241, #242 (PR #243), PR #244, #246 (PR #247), PR #250, #252 (PR #253), PR #254.

version 3.24.1 on December 9, 2018

... (truncated)

Commits

• See full diff in compare view

Updates com.google.code.gson:gson from 2.13.2 to 2.14.0

Release notes

Sourced from com.google.code.gson:gson's releases.

Gson 2.14.0

What's Changed

• Add type adapters for java.time classes by @​eamonnmcmanus in google/gson#2948

  When the java.time API is available, Gson automatically can read and write instances of classes like Instant and Duration. The format it uses essentially freezes the JSON representation that ReflectiveTypeAdapterFactory established by default, based on the private fields of java.time classes. That's not a great representation, but it is understandable. Changing it to anything else would break compatibility with systems that are expecting the current format.

  With this change, Gson no longer tries to access private fields of these classes using reflection. So it is no longer necessary to run with --add-opens for these classes on recent JDKs.

• Remove com.google.gson.graph by @​eamonnmcmanus in google/gson#2990.

  This package was not part of any released artifact and depended on Gson internals in potentially problematic ways.

• Validate that strings being parsed as integers consist of ASCII characters by @​eamonnmcmanus in google/gson#2995

  Previously, strings could contain non-ASCII Unicode digits and still be parsed as integers. That's inconsistent with how JSON numbers are treated.

• Fix duplicate key detection when first value is null by @​andrewstellman in google/gson#3006

  This could potentially break code that was relying on the incorrect behaviour. For example, this JSON string was previously accepted but will no longer be: {"foo": null, "foo": bar}.

• Remove Serializable from internal Type implementation classes. by @​eamonnmcmanus in google/gson#3011

  The nested classes ParameterizedTypeImpl, GenericArrayTypeImpl, and WildcardTypeImpl in GsonTypes are implementations of the corresponding types (without Impl) in java.lang.reflect. For some reason, they were serializable, even though the java.lang.reflect implementations are not. Having unnecessarily serializable classes could conceivably have been a security problem if they were part of a larger exploit using serialization. (We do not consider this a likely scenario and do not suggest that you need to update Gson just to get this change.)

• Add LegacyProtoTypeAdapterFactory. by @​eamonnmcmanus in google/gson#3014

  This is not part of any released artifact, but may be of use when trying to fix code that is currently accessing the internals of protobuf classes via reflection.

• Make AppendableWriter do flush and close if delegation object supports by @​MukjepScarlet in google/gson#2925

Other less visible changes

• Add default capacity to EnumTypeAdapter maps by @​MukjepScarlet in google/gson#2959
• refactor: move derived adapters from Gson to TypeAdapters by @​MukjepScarlet in google/gson#2951
• Optimize new Gson() by @​MukjepScarlet in google/gson#2864

New Contributors

• @​ThirdGoddess made their first contribution in google/gson#2944
• @​lmj798 made their first contribution in google/gson#2988
• @​Eng-YasminKotb made their first contribution in google/gson#3005
• @​andrewstellman made their first contribution in google/gson#3006

Full Changelog: google/gson@gson-parent-2.13.2...gson-parent-2.14.0

Commits

• 3ff35d6 [maven-release-plugin] prepare release gson-parent-2.14.0
• a3024fd Bump the maven group with 13 updates (#3002)
• 5689ffe Bump the github-actions group across 1 directory with 3 updates (#3018)
• 48db33c Add LegacyProtoTypeAdapterFactory. (#3014)
• 53d703e Update outdated comment regarding serializable types (#3012)
• 0189b72 Remove Serializable from internal Type implementation classes. (#3011)
• f4d371d Fix duplicate key detection when first value is null (#3006)
• 27d9ba1 Fix typo in README (JPMS dependencies section) (#3005)
• 1fa9b7a Validate that strings being parsed as integers consist of ASCII characters (#...
• b7d5954 Add iterator fail-fast tests for LinkedTreeMap.clear() (#2992)
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-configuration-processor from 3.5.13 to 3.5.14

Release notes

Sourced from org.springframework.boot:spring-boot-configuration-processor's releases.

v3.5.14

🐞 Bug Fixes

• ApplicationPidFileWriter does not handle symlinks correctly #50173
• RandomValuePropertySource is not suitable for secrets #50172
• Cassandra auto-configuration misconfigures CqlSessionBuilder #50171
• ApplicationTemp does not handle symlinks correctly #50170
• Remote DevTools performs comparison incorrectly #50169
• spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50168
• EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50035
• Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50033
• Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50021
• WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50008
• 500 response from env endpoint when supplied pattern is invalid #49942
• HTTP method is lost when configuring excludes in EndpointRequest #49885
• Docker Compose support doesn't work with apache/artemis image #49865
• Honor HttpMethod for reactive additional endpoint paths #49864
• Docker Compose support doesn't work with apache/activemq image #49863
• Imports on a containing test class are ignored when a nested class has imports #49860

📔 Documentation

• Link to the observability section of the Lettuce documentation is broken #50092
• Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50083
• MySamlRelyingPartyConfiguration is missing a Kotlin sample #50023
• Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50010
• Link to the Kubernetes documentation when discussing startup probes #50007
• Update docs to encourage Java fundamentals for beginners that prefer to learn that way #49895
• Clarify that configuration property default values are not available through the Environment #49835

🔨 Dependency Upgrades

• Upgrade to Groovy 4.0.31 #49905
• Upgrade to Hibernate 6.6.49.Final #50140
• Upgrade to Jaxen 2.0.1 #50109
• Upgrade to Jaybird 6.0.5 #49907
• Upgrade to Jetty 12.0.34 #49908
• Upgrade to jOOQ 3.19.32 #50110
• Upgrade to Lombok 1.18.46 #50148
• Upgrade to MariaDB 3.5.8 #49909
• Upgrade to Micrometer 1.15.11 #49961
• Upgrade to Micrometer Tracing 1.5.11 #49962
• Upgrade to MySQL 9.7.0 #50161
• Upgrade to Neo4j Java Driver 5.28.13 #50074
• Upgrade to Reactor Bom 2024.0.17 #49963
• Upgrade to Spring AMQP 3.2.10 #49964
• Upgrade to Spring Authorization Server 1.5.7 #49965
• Upgrade to Spring Data Bom 2025.0.11 #49966
• Upgrade to Spring Framework 6.2.18 #49967
• Upgrade to Spring Kafka 3.3.15 #50129

... (truncated)

Commits

• 7d7b3ac Release v3.5.14
• 9dc5aa2 Polish
• f533a45 Do not follow symlinks when writing PID file
• f3b8eb0 Use SecureRandom in RandomValuePropertySource
• e22083a Enable hostname verification for SSL connections to Cassandra
• 5ceb1a2 Improve ApplicationTemp's temporary directory creation
• 4b0862c Use constant-time comparison for remote DevTools secret
• e4febe2 Apply verify-hostname consistently
• 2c2ffe5 Fix Windows test failure
• 0046a44 Protect against corrupt buildpack archives
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter from 3.5.13 to 3.5.14

Release notes

Sourced from org.springframework.boot:spring-boot-starter's releases.

v3.5.14

🐞 Bug Fixes

• ApplicationPidFileWriter does not handle symlinks correctly #50173
• RandomValuePropertySource is not suitable for secrets #50172
• Cassandra auto-configuration misconfigures CqlSessionBuilder #50171
• ApplicationTemp does not handle symlinks correctly #50170
• Remote DevTools performs comparison incorrectly #50169
• spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50168
• EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50035
• Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50033
• Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50021
• WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50008
• 500 response from env endpoint when supplied pattern is invalid #49942
• HTTP method is lost when configuring excludes in EndpointRequest #49885
• Docker Compose support doesn't work with apache/artemis image #49865
• Honor HttpMethod for reactive additional endpoint paths #49864
• Docker Compose support doesn't work with apache/activemq image #49863
• Imports on a containing test class are ignored when a nested class has imports #49860

📔 Documentation

• Link to the observability section of the Lettuce documentation is broken #50092
• Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50083
• MySamlRelyingPartyConfiguration is missing a Kotlin sample #50023
• Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50010
• Link to the Kubernetes documentation when discussing startup probes #50007
• Update docs to encourage Java fundamentals for beginners that prefer to learn that way #49895
• Clarify that configuration property default values are not available through the Environment #49835

🔨 Dependency Upgrades

• Upgrade to Groovy 4.0.31 #49905
• Upgrade to Hibernate 6.6.49.Final #50140
• Upgrade to Jaxen 2.0.1 #50109
• Upgrade to Jaybird 6.0.5 #49907
• Upgrade to Jetty 12.0.34 #49908
• Upgrade to jOOQ 3.19.32 #50110
• Upgrade to Lombok 1.18.46 #50148
• Upgrade to MariaDB 3.5.8 #49909
• Upgrade to Micrometer 1.15.11 #49961
• Upgrade to Micrometer Tracing 1.5.11 #49962
• Upgrade to MySQL 9.7.0 #50161
• Upgrade to Neo4j Java Driver 5.28.13 #50074
• Upgrade to Reactor Bom 2024.0.17 #49963
• Upgrade to Spring AMQP 3.2.10 #49964
• Upgrade to Spring Authorization Server 1.5.7 #49965
• Upgrade to Spring Data Bom 2025.0.11 #49966
• Upgrade to Spring Framework 6.2.18 #49967
• Upgrade to Spring Kafka 3.3.15 #50129

... (truncated)

Commits

• 7d7b3ac Release v3.5.14
• 9dc5aa2 Polish
• f533a45 Do not follow symlinks when writing PID file
• f3b8eb0 Use SecureRandom in RandomValuePropertySource
• e22083a Enable hostname verification for SSL connections to Cassandra
• 5ceb1a2 Improve ApplicationTemp's temporary directory creation
• 4b0862c Use constant-time comparison for remote DevTools secret
• e4febe2 Apply verify-hostname consistently
• 2c2ffe5 Fix Windows test failure
• 0046a44 Protect against corrupt buildpack archives
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-autoconfigure-processor from 3.5.13 to 3.5.14

Release notes

Sourced from org.springframework.boot:spring-boot-autoconfigure-processor's releases.

v3.5.14

🐞 Bug Fixes

• ApplicationPidFileWriter does not handle symlinks correctly #50173
• RandomValuePropertySource is not suitable for secrets #50172
• Cassandra auto-configuration misconfigures CqlSessionBuilder #50171
• ApplicationTemp does not handle symlinks correctly #50170
• Remote DevTools performs comparison incorrectly #50169
• spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50168
• EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50035
• Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50033
• Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50021
• WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50008
• 500 response from env endpoint when supplied pattern is invalid #49942
• HTTP method is lost when configuring excludes in EndpointRequest #49885
• Docker Compose support doesn't work with apache/artemis image #49865
• Honor HttpMethod for reactive additional endpoint paths #49864
• Docker Compose support doesn't work with apache/activemq image #49863
• Imports on a containing test class are ignored when a nested class has imports #49860

📔 Documentation

• Link to the observability section of the Lettuce documentation is broken #50092
• Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50083
• MySamlRelyingPartyConfiguration is missing a Kotlin sample #50023
• Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50010
• Link to the Kubernetes documentation when discussing startup probes #50007
• Update docs to encourage Java fundamentals for beginners that prefer to learn that way #49895
• Clarify that configuration property default values are not available through the Environment #49835

🔨 Dependency Upgrades

• Upgrade to Groovy 4.0.31 #49905
• Upgrade to Hibernate 6.6.49.Final #50140
• Upgrade to Jaxen 2.0.1 #50109
• Upgrade to Jaybird 6.0.5 #49907
• Upgrade to Jetty 12.0.34 #49908
• Upgrade to jOOQ 3.19.32 #50110
• Upgrade to Lombok 1.18.46 #50148
• Upgrade to MariaDB 3.5.8 #49909
• Upgrade to Micrometer 1.15.11 #49961
• Upgrade to Micrometer Tracing 1.5.11 #49962
• Upgrade to MySQL 9.7.0 #50161
• Upgrade to Neo4j Java Driver 5.28.13 #50074
• Upgrade to Reactor Bom 2024.0.17 #49963
• Upgrade to Spring AMQP 3.2.10 #49964
• Upgrade to Spring Authorization Server 1.5.7 #49965
• Upgrade to Spring Data Bom 2025.0.11 #49966
• Upgrade to Spring Framework 6.2.18 #49967
• Upgrade to Spring Kafka 3.3.15 #50129

... (truncated)

Commits

• 7d7b3ac Release v3.5.14
• 9dc5aa2 Polish
• f533a45 Do not follow symlinks when writing PID file
• f3b8eb0 Use SecureRandom in RandomValuePropertySource
• e22083a Enable hostname verification for SSL connections to Cassandra
• 5ceb1a2 Improve ApplicationTemp's temporary directory creation
• 4b0862c Use constant-time comparison for remote DevTools secret
• e4febe2 Apply verify-hostname consistently
• 2c2ffe5 Fix Windows test failure
• 0046a44 Protect against corrupt buildpack archives
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter-data-jpa from 3.5.13 to 3.5.14

Release notes

Sourced from org.springframework.boot:spring-boot-starter-data-jpa's releases.

v3.5.14

🐞 Bug Fixes

• ApplicationPidFileWriter does not handle symlinks correctly #50173
• RandomValuePropertySource is not suitable for secrets #50172
• Cassandra auto-configuration misconfigures CqlSessionBuilder #50171
• ApplicationTemp does not handle symlinks correctly #50170
• Remote DevTools performs comparison incorrectly #50169
• spring.rabbitmq.ssl.verify-hostname is applied inconsistently #50168
• EnversRevisionRepositoriesRegistrar should reuse @EnableEnversRepositories rather than configuring the JPA counterpart #50035
• Annotations like @Ssl don't work on @Bean methods when using @ServiceConnection #50033
• Whole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter #50021
• WebFlux Cloud Foundry links endpoint includes query string from received request in resolved links #50008
• 500 response from env endpoint when supplied pattern is invalid #49942
• HTTP method is lost when configuring excludes in EndpointRequest #49885
• Docker Compose support doesn't work with apache/artemis image #49865
• Honor HttpMethod for reactive additional endpoint paths #49864
• Docker Compose support doesn't work with apache/activemq image #49863
• Imports on a containing test class are ignored when a nested class has imports #49860

📔 Documentation

• Link to the observability section of the Lettuce documentation is broken #50092
• Javadoc for StaticResourceLocation.FAVICON doesn't describe icons location #50083
• MySamlRelyingPartyConfiguration is missing a Kotlin sample #50023
• Incorrect default value for management.httpexchanges.recording.include in configuration metadata #50010
• Link to the Kubernetes documentation when discussing startup probes #50007
• Update docs to encourage Java fundamentals for beginners that prefer to learn that way #49895
• Clarify that configuration property default values are not available through the Environment #49835

🔨 Dependency Upgrades

Description has been truncated

[smcvb]

Looks good to me 👍

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud