fix(deps): update all dependencies

renovate-bot commented

2026-03-13 01:07:05 +00:00

Member

This PR contains the following updates:

Package	Change	Age	Confidence
org.springframework.boot:spring-boot-dependencies (source)	`4.0.3` → `4.0.5`
de.loosetie.logging:lt-logging-parent	`1.0.9` → `1.0.10`

Release Notes

spring-projects/spring-boot (org.springframework.boot:spring-boot-dependencies)

`v4.0.5`

Compare Source

🐞 Bug Fixes

Test starter for Spring Integration does not include Spring Integration test module #49784
Some sliced tests that import TransactionAutoConfiguration do not import TransactionManagerCustomizationAutoConfiguration #49782
WebSocket messaging's task executors are only auto-configured and stompWebSocketHandlerMapping is only forced to be eager when using Jackson #49753
WebSocket app fails to start when Jackson is on the classpath but there's no JsonMapper bean #49749
Metadata annotation processor ignores method-level @NestedConfigurationProperty when using constructor binding #49738
Override of property in external 'application.properties' or 'application.yaml' is ignored #49731
NativeImageResourceProvider does not find Flyway migration scripts in subdirectories #49706
Add @ConditionalOnWebApplication to NettyReactiveWebServerAutoConfiguration #49695
@GraphQlTest does not include @ControllerAdvice #49672

📔 Documentation

Fix incorrect indefinite articles in Javadoc #49727
Add some more Kotlin examples and trivial style fixes #49714
Overhaul Spring Session documentation following modularization #49704

🔨 Dependency Upgrades

Upgrade to Brave 6.3.1 #49763
Upgrade to Jackson 2 Bom 2.21.2 #49764
Upgrade to jOOQ 3.19.31 #49765
Upgrade to Netty 4.2.12.Final #49794
Upgrade to Tomcat 11.0.20 #49767
Upgrade to Zipkin Reporter 3.5.3 #49762

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Joowon-Seo, @deejay1, @dlwldnjs1009, @kwondh5217, @ljrmorgan, and @quaff

`v4.0.4`

Compare Source

⚠️ Attention Required

OpenTelemetry's ZipkinSpanExporter has been deprecated and its support will be removed in Spring Boot 4.2. #49453
Jackson 2 has been upgraded to 2.21.1 in response to the Jackson team ending support for Jackson 2.20.x. #49389
Jackson has been upgraded to 3.1.0 in response to the Jackson team ending support for Jackson 3.0.x. #49383
The default value for server.tomcat.max-part-count has been increased from 10 to 50. This aligns it with Tomcat's own default and the default in Spring Boot 3.x. #49311

🐞 Bug Fixes

EndpointRequest request matcher for health groups is too complex #49649
"/cloudfoundryapplication" web path is not limited to Actuator #49646
Fix EndpointRequest.toLinks() when base-path is '/' #49617
Docker fails when a 'tcp://' address ends with a slash (for example 'tcp://docker:2375/') #49596
RSocket exposes duplicate endpoint for websocket setups #49593
Failure analysis for a missing mail sender is misleading #49582
SpringBootContextLoader mentions class that no longer exists in message for classes or locations assertion #49535
Ordering of 'spring.config.import' is inconsistent when defined in environment or system properties #49482
"spring.main.cloud-platform=none" does not disable cloud features #49479
SSL support with Docker Compose does not work as documented #49385
Auto-configuration overrides authorization server configuration applied by Customizer beans #49367
Using @AutoConfigureWebTestClient prevents separate configuration of spring.test.webtestclient.timeout from taking effect #49344
NoSuchMethodException when forcing the use of Log4J2LoggingSystem using org.springframework.boot.logging.LoggingSystem system property #49343
RouterFunctions descriptions in Actuator do not support nesting #49302
Maven plugin does not set '-parameters' option when processing AOT code #49295
HTTP Service Interface Client doesn't work in a native image due to missing property binding #49274
ErrorPageRegistrarBeanPostProcessor is not auto-configured in war deployments and the ErrorPageCustomizer is not applied #49176
Missing starter for spring-boot-restdocs #48289

📔 Documentation

Document support for Java 26 #49604
List all supported colors when describing color-coded log output #49562
Improve EndpointRequest matcher documentation #49520
Clarify that running is the only supported input state when triggering a Quartz job through the Actuator endpoint #49514
Document security considerations for forwarded headers in cloud deployments #49507
Tutorial in the reference guide has outdated instructions #49429
Document additional repositories required for shibboleth.net #49392
Javadoc of JettyHttpClientBuilder refers to the wrong type #49387
Example spring-devtools.properties file is shown in the wrong format #49362
Clarify inferred relationships between OAuth 2 registrations and providers #49327
Mention using org.springframework.boot.aot Gradle plugin directly for AOT processing with the JVM #49321
Remove superfluous semi-colon from read timeout configuration example for HTTP service interface clients #49306
Update CLI's INSTALL.txt to reflect Groovy no longer being bundled #49298
JDK requirement for the CLI still refers to Java 8 #49293
Java and Kotlin samples of an environment post processor are inconsistent #49287

🔨 Dependency Upgrades

Upgrade to Commons Logging 1.3.6 #49545
Upgrade to DB2 JDBC 12.1.4.0 #49546
Upgrade to Elasticsearch Client 9.2.6 #49421
Upgrade to Hibernate 7.2.7.Final #49608
Upgrade to Jakarta XML WS 4.0.3 #49469
Upgrade to JBoss Logging 3.6.3.Final #49632
Upgrade to Jetty 12.1.7 #49470
Upgrade to Kafka 4.1.2 #49627
Upgrade to Liquibase 5.0.2 #49471
Upgrade to Lombok 1.18.44 #49575
Upgrade to Maven Failsafe Plugin 3.5.5 #49472
Upgrade to Maven Shade Plugin 3.6.2 #49473
Upgrade to Maven Surefire Plugin 3.5.5 #49474
Upgrade to Micrometer 1.16.4 #49413
Upgrade to Micrometer Tracing 1.6.4 #49414
Upgrade to MongoDB 5.6.4 #49422
Upgrade to Native Build Tools Plugin 0.11.5 #49475
Upgrade to Neo4j Java Driver 6.0.3 #49431
Upgrade to Pulsar 4.1.3 #49476
Upgrade to Reactor Bom 2025.0.4 #49415
Upgrade to Spring Batch 6.0.3 #49416
Upgrade to Spring Data Bom 2025.1.4 #49417
Upgrade to Spring Framework 7.0.6 #49418
Upgrade to Spring HATEOAS 3.0.3 #49587
Upgrade to Spring Integration 7.0.4 #49529
Upgrade to Spring Kafka 4.0.4 #49419
Upgrade to Spring Pulsar 2.0.4 #49420
Upgrade to Spring Security 7.0.4 #49530
Upgrade to Spring WS 5.0.1 #49531
Upgrade to Testcontainers 2.0.4 #49655

❤️ Contributors

Thank you to all the contributors who worked on this release:

@FBibonne, @answndud, @bbbbooo, @chandanv89, @giyeon95, @itsmevichu, @jayychoi, @l2yujw, @ngocnhan-tran1996, @qnnn, @quaff, and @sbrannen

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [org.springframework.boot:spring-boot-dependencies](https://spring.io/projects/spring-boot) ([source](https://github.com/spring-projects/spring-boot)) | `4.0.3` → `4.0.5` | ![age](https://developer.mend.io/api/mc/badges/age/maven/org.springframework.boot:spring-boot-dependencies/4.0.5?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.springframework.boot:spring-boot-dependencies/4.0.3/4.0.5?slim=true) | | [de.loosetie.logging:lt-logging-parent](https://loosetie.de) | `1.0.9` → `1.0.10` | ![age](https://developer.mend.io/api/mc/badges/age/maven/de.loosetie.logging:lt-logging-parent/1.0.10?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/de.loosetie.logging:lt-logging-parent/1.0.9/1.0.10?slim=true) | --- ### Release Notes <details> <summary>spring-projects/spring-boot (org.springframework.boot:spring-boot-dependencies)</summary> ### [`v4.0.5`](https://github.com/spring-projects/spring-boot/releases/tag/v4.0.5) [Compare Source](https://github.com/spring-projects/spring-boot/compare/v4.0.4...v4.0.5) #### :lady\_beetle: Bug Fixes - Test starter for Spring Integration does not include Spring Integration test module [#49784](https://github.com/spring-projects/spring-boot/issues/49784) - Some sliced tests that import TransactionAutoConfiguration do not import TransactionManagerCustomizationAutoConfiguration [#49782](https://github.com/spring-projects/spring-boot/issues/49782) - WebSocket messaging's task executors are only auto-configured and stompWebSocketHandlerMapping is only forced to be eager when using Jackson [#49753](https://github.com/spring-projects/spring-boot/issues/49753) - WebSocket app fails to start when Jackson is on the classpath but there's no JsonMapper bean [#49749](https://github.com/spring-projects/spring-boot/issues/49749) - Metadata annotation processor ignores method-level `@NestedConfigurationProperty` when using constructor binding [#49738](https://github.com/spring-projects/spring-boot/issues/49738) - Override of property in external 'application.properties' or 'application.yaml' is ignored [#49731](https://github.com/spring-projects/spring-boot/issues/49731) - NativeImageResourceProvider does not find Flyway migration scripts in subdirectories [#49706](https://github.com/spring-projects/spring-boot/issues/49706) - Add `@ConditionalOnWebApplication` to NettyReactiveWebServerAutoConfiguration [#49695](https://github.com/spring-projects/spring-boot/pull/49695) - `@GraphQlTest` does not include `@ControllerAdvice` [#49672](https://github.com/spring-projects/spring-boot/issues/49672) #### :notebook\_with\_decorative\_cover: Documentation - Fix incorrect indefinite articles in Javadoc [#49727](https://github.com/spring-projects/spring-boot/issues/49727) - Add some more Kotlin examples and trivial style fixes [#49714](https://github.com/spring-projects/spring-boot/issues/49714) - Overhaul Spring Session documentation following modularization [#49704](https://github.com/spring-projects/spring-boot/issues/49704) #### :hammer: Dependency Upgrades - Upgrade to Brave 6.3.1 [#49763](https://github.com/spring-projects/spring-boot/issues/49763) - Upgrade to Jackson 2 Bom 2.21.2 [#49764](https://github.com/spring-projects/spring-boot/issues/49764) - Upgrade to jOOQ 3.19.31 [#49765](https://github.com/spring-projects/spring-boot/issues/49765) - Upgrade to Netty 4.2.12.Final [#49794](https://github.com/spring-projects/spring-boot/issues/49794) - Upgrade to Tomcat 11.0.20 [#49767](https://github.com/spring-projects/spring-boot/issues/49767) - Upgrade to Zipkin Reporter 3.5.3 [#49762](https://github.com/spring-projects/spring-boot/issues/49762) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@Joowon-Seo](https://github.com/Joowon-Seo), [@deejay1](https://github.com/deejay1), [@dlwldnjs1009](https://github.com/dlwldnjs1009), [@kwondh5217](https://github.com/kwondh5217), [@ljrmorgan](https://github.com/ljrmorgan), and [@quaff](https://github.com/quaff) ### [`v4.0.4`](https://github.com/spring-projects/spring-boot/releases/tag/v4.0.4) [Compare Source](https://github.com/spring-projects/spring-boot/compare/v4.0.3...v4.0.4) #### :warning: Attention Required - OpenTelemetry's ZipkinSpanExporter has been deprecated and its support will be removed in Spring Boot 4.2. [#49453](https://github.com/spring-projects/spring-boot/issues/49453) - Jackson 2 has been upgraded to 2.21.1 in response to the Jackson team ending support for Jackson 2.20.x. [#49389](https://github.com/spring-projects/spring-boot/issues/49389) - Jackson has been upgraded to 3.1.0 in response to the Jackson team ending support for Jackson 3.0.x. [#49383](https://github.com/spring-projects/spring-boot/issues/49383) - The default value for `server.tomcat.max-part-count` has been increased from 10 to 50. This aligns it with Tomcat's own default and the default in Spring Boot 3.x. [#49311](https://github.com/spring-projects/spring-boot/issues/49311) #### :lady\_beetle: Bug Fixes - EndpointRequest request matcher for health groups is too complex [#49649](https://github.com/spring-projects/spring-boot/issues/49649) - "/cloudfoundryapplication" web path is not limited to Actuator [#49646](https://github.com/spring-projects/spring-boot/issues/49646) - Fix EndpointRequest.toLinks() when base-path is '/' [#49617](https://github.com/spring-projects/spring-boot/issues/49617) - Docker fails when a 'tcp\://' address ends with a slash (for example 'tcp\://docker:2375/') [#49596](https://github.com/spring-projects/spring-boot/issues/49596) - RSocket exposes duplicate endpoint for websocket setups [#49593](https://github.com/spring-projects/spring-boot/issues/49593) - Failure analysis for a missing mail sender is misleading [#49582](https://github.com/spring-projects/spring-boot/pull/49582) - SpringBootContextLoader mentions class that no longer exists in message for classes or locations assertion [#49535](https://github.com/spring-projects/spring-boot/issues/49535) - Ordering of 'spring.config.import' is inconsistent when defined in environment or system properties [#49482](https://github.com/spring-projects/spring-boot/issues/49482) - "spring.main.cloud-platform=none" does not disable cloud features [#49479](https://github.com/spring-projects/spring-boot/issues/49479) - SSL support with Docker Compose does not work as documented [#49385](https://github.com/spring-projects/spring-boot/issues/49385) - Auto-configuration overrides authorization server configuration applied by Customizer<HttpSecurity> beans [#49367](https://github.com/spring-projects/spring-boot/issues/49367) - Using `@AutoConfigureWebTestClient` prevents separate configuration of spring.test.webtestclient.timeout from taking effect [#49344](https://github.com/spring-projects/spring-boot/issues/49344) - NoSuchMethodException when forcing the use of Log4J2LoggingSystem using org.springframework.boot.logging.LoggingSystem system property [#49343](https://github.com/spring-projects/spring-boot/pull/49343) - RouterFunctions descriptions in Actuator do not support nesting [#49302](https://github.com/spring-projects/spring-boot/issues/49302) - Maven plugin does not set '-parameters' option when processing AOT code [#49295](https://github.com/spring-projects/spring-boot/issues/49295) - HTTP Service Interface Client doesn't work in a native image due to missing property binding [#49274](https://github.com/spring-projects/spring-boot/issues/49274) - ErrorPageRegistrarBeanPostProcessor is not auto-configured in war deployments and the ErrorPageCustomizer is not applied [#49176](https://github.com/spring-projects/spring-boot/pull/49176) - Missing starter for spring-boot-restdocs [#48289](https://github.com/spring-projects/spring-boot/issues/48289) #### :notebook\_with\_decorative\_cover: Documentation - Document support for Java 26 [#49604](https://github.com/spring-projects/spring-boot/issues/49604) - List all supported colors when describing color-coded log output [#49562](https://github.com/spring-projects/spring-boot/issues/49562) - Improve EndpointRequest matcher documentation [#49520](https://github.com/spring-projects/spring-boot/issues/49520) - Clarify that running is the only supported input state when triggering a Quartz job through the Actuator endpoint [#49514](https://github.com/spring-projects/spring-boot/issues/49514) - Document security considerations for forwarded headers in cloud deployments [#49507](https://github.com/spring-projects/spring-boot/issues/49507) - Tutorial in the reference guide has outdated instructions [#49429](https://github.com/spring-projects/spring-boot/issues/49429) - Document additional repositories required for shibboleth.net [#49392](https://github.com/spring-projects/spring-boot/issues/49392) - Javadoc of JettyHttpClientBuilder refers to the wrong type [#49387](https://github.com/spring-projects/spring-boot/issues/49387) - Example spring-devtools.properties file is shown in the wrong format [#49362](https://github.com/spring-projects/spring-boot/issues/49362) - Clarify inferred relationships between OAuth 2 registrations and providers [#49327](https://github.com/spring-projects/spring-boot/issues/49327) - Mention using org.springframework.boot.aot Gradle plugin directly for AOT processing with the JVM [#49321](https://github.com/spring-projects/spring-boot/issues/49321) - Remove superfluous semi-colon from read timeout configuration example for HTTP service interface clients [#49306](https://github.com/spring-projects/spring-boot/pull/49306) - Update CLI's INSTALL.txt to reflect Groovy no longer being bundled [#49298](https://github.com/spring-projects/spring-boot/issues/49298) - JDK requirement for the CLI still refers to Java 8 [#49293](https://github.com/spring-projects/spring-boot/issues/49293) - Java and Kotlin samples of an environment post processor are inconsistent [#49287](https://github.com/spring-projects/spring-boot/issues/49287) #### :hammer: Dependency Upgrades - Upgrade to Commons Logging 1.3.6 [#49545](https://github.com/spring-projects/spring-boot/issues/49545) - Upgrade to DB2 JDBC 12.1.4.0 [#49546](https://github.com/spring-projects/spring-boot/issues/49546) - Upgrade to Elasticsearch Client 9.2.6 [#49421](https://github.com/spring-projects/spring-boot/issues/49421) - Upgrade to Hibernate 7.2.7.Final [#49608](https://github.com/spring-projects/spring-boot/issues/49608) - Upgrade to Jakarta XML WS 4.0.3 [#49469](https://github.com/spring-projects/spring-boot/issues/49469) - Upgrade to JBoss Logging 3.6.3.Final [#49632](https://github.com/spring-projects/spring-boot/issues/49632) - Upgrade to Jetty 12.1.7 [#49470](https://github.com/spring-projects/spring-boot/issues/49470) - Upgrade to Kafka 4.1.2 [#49627](https://github.com/spring-projects/spring-boot/issues/49627) - Upgrade to Liquibase 5.0.2 [#49471](https://github.com/spring-projects/spring-boot/issues/49471) - Upgrade to Lombok 1.18.44 [#49575](https://github.com/spring-projects/spring-boot/issues/49575) - Upgrade to Maven Failsafe Plugin 3.5.5 [#49472](https://github.com/spring-projects/spring-boot/issues/49472) - Upgrade to Maven Shade Plugin 3.6.2 [#49473](https://github.com/spring-projects/spring-boot/issues/49473) - Upgrade to Maven Surefire Plugin 3.5.5 [#49474](https://github.com/spring-projects/spring-boot/issues/49474) - Upgrade to Micrometer 1.16.4 [#49413](https://github.com/spring-projects/spring-boot/issues/49413) - Upgrade to Micrometer Tracing 1.6.4 [#49414](https://github.com/spring-projects/spring-boot/issues/49414) - Upgrade to MongoDB 5.6.4 [#49422](https://github.com/spring-projects/spring-boot/issues/49422) - Upgrade to Native Build Tools Plugin 0.11.5 [#49475](https://github.com/spring-projects/spring-boot/issues/49475) - Upgrade to Neo4j Java Driver 6.0.3 [#49431](https://github.com/spring-projects/spring-boot/issues/49431) - Upgrade to Pulsar 4.1.3 [#49476](https://github.com/spring-projects/spring-boot/issues/49476) - Upgrade to Reactor Bom 2025.0.4 [#49415](https://github.com/spring-projects/spring-boot/issues/49415) - Upgrade to Spring Batch 6.0.3 [#49416](https://github.com/spring-projects/spring-boot/issues/49416) - Upgrade to Spring Data Bom 2025.1.4 [#49417](https://github.com/spring-projects/spring-boot/issues/49417) - Upgrade to Spring Framework 7.0.6 [#49418](https://github.com/spring-projects/spring-boot/issues/49418) - Upgrade to Spring HATEOAS 3.0.3 [#49587](https://github.com/spring-projects/spring-boot/issues/49587) - Upgrade to Spring Integration 7.0.4 [#49529](https://github.com/spring-projects/spring-boot/issues/49529) - Upgrade to Spring Kafka 4.0.4 [#49419](https://github.com/spring-projects/spring-boot/issues/49419) - Upgrade to Spring Pulsar 2.0.4 [#49420](https://github.com/spring-projects/spring-boot/issues/49420) - Upgrade to Spring Security 7.0.4 [#49530](https://github.com/spring-projects/spring-boot/issues/49530) - Upgrade to Spring WS 5.0.1 [#49531](https://github.com/spring-projects/spring-boot/issues/49531) - Upgrade to Testcontainers 2.0.4 [#49655](https://github.com/spring-projects/spring-boot/issues/49655) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@FBibonne](https://github.com/FBibonne), [@answndud](https://github.com/answndud), [@bbbbooo](https://github.com/bbbbooo), [@chandanv89](https://github.com/chandanv89), [@giyeon95](https://github.com/giyeon95), [@itsmevichu](https://github.com/itsmevichu), [@jayychoi](https://github.com/jayychoi), [@l2yujw](https://github.com/l2yujw), [@ngocnhan-tran1996](https://github.com/ngocnhan-tran1996), [@qnnn](https://github.com/qnnn), [@quaff](https://github.com/quaff), and [@sbrannen](https://github.com/sbrannen) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

renovate-bot added 1 commit

2026-03-13 01:07:05 +00:00

fix(deps): update dependency de.loosetie.logging:lt-logging-parent to v1.0.10

/ release (pull_request) Failing after 32s

Details

d30cb93ec9

renovate-bot scheduled this pull request to auto merge when all checks succeed

2026-03-13 01:07:06 +00:00

renovate-bot changed title from ~~fix(deps): update dependency de.loosetie.logging:lt-logging-parent to v1.0.10~~ to fix(deps): update all dependencies

2026-03-20 01:08:19 +00:00

renovate-bot force-pushed renovate/all from d30cb93ec9

/ release (pull_request) Failing after 32s

Details

to bbf31acb26

/ release (pull_request) Failing after 32s

Details

2026-03-20 01:08:20 +00:00

Compare

renovate-bot force-pushed renovate/all from bbf31acb26

/ release (pull_request) Failing after 32s

Details

to b924c673fc

/ release (pull_request) Failing after 30s

Details

2026-03-27 01:07:48 +00:00

Compare

/ release (pull_request) Failing after 30s

Details

This pull request doesn't have enough approvals yet. 0 of 1 approvals granted.

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin renovate/all:renovate/all

git switch renovate/all

Rows
Columns

fix(deps): update all dependencies #8

Release Notes

v4.0.5

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

❤️ Contributors

v4.0.4

⚠️ Attention Required

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

❤️ Contributors

Configuration

Checkout

`v4.0.5`

`v4.0.4`