Skip to content

chore: Bundle Dependabot updates for 4.1.0#1984

Merged
NiklasHerrmann21 merged 17 commits into
mainfrom
chore/dependencies-4.1.0
Jun 24, 2026
Merged

chore: Bundle Dependabot updates for 4.1.0#1984
NiklasHerrmann21 merged 17 commits into
mainfrom
chore/dependencies-4.1.0

Conversation

@NiklasHerrmann21

Copy link
Copy Markdown
Contributor

Summary

Bundles five open Dependabot PRs against main into a single change so they can be reviewed and merged together.

Included

Deliberately not included

Fixes applied on top of the Dependabot merges

Dependabot's prod-deps PR introduced two issues that this branch fixes:

  1. Legacy-3 version indirections were textually replaced. Four ${legacy3.*} property references in spring-security-3/pom.xml, spring-security-3-starter/pom.xml, and token-client-spring-3/pom.xml were rewritten to hardcoded 4.x values. The Spring Boot 3.x compatibility modules would have built against Spring 7.x. Restored to ${legacy3.spring.boot.version} / ${legacy3.spring.core.version} / ${legacy3.spring.security.oauth2.version} / ${legacy3.reactor.version}.

  2. junit-bom import was effectless. The root-pom entry was missing <type>pom</type><scope>import</scope>, so JUnit platform/jupiter versions were silently resolved through Spring Boot's BOM. With JUnit on 6.1.0 and Spring Boot 4.1.0 still shipping 6.0.3, this caused a runtime version mismatch (jupiter.api: 6.0.3 vs jupiter.engine: 6.1.0). The import is now correctly declared and moved ahead of spring-boot-dependencies so junit-bom wins for all five JUnit artifacts.

Test plan

  • mvn clean install — all 13 modules green
  • No regressions in token-client-spring-3 / spring-security-3 legacy modules (Spring 6.x compatibility intact via restored ${legacy3.*} references)
  • No regressions in 4.x modules

dependabot Bot and others added 16 commits January 26, 2026 21:46
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.24.2 to 3.27.7.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.24.2...assertj-build-3.27.7)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.24.2 to 3.27.7.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.24.2...assertj-build-3.27.7)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.json:json](https://github.com/douglascrockford/JSON-java) from 20251224 to 20260522.
- [Release notes](https://github.com/douglascrockford/JSON-java/releases)
- [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md)
- [Commits](stleary/JSON-java@2025122...2026052)

---
updated-dependencies:
- dependency-name: org.json:json
  dependency-version: '20260522'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
…dates

Bumps the dev-deps group with 2 updates in the / directory: [io.github.hakky54:logcaptor](https://github.com/Hakky54/log-captor) and [org.springframework:spring-context](https://github.com/spring-projects/spring-framework).


Updates `io.github.hakky54:logcaptor` from 2.12.2 to 2.12.6
- [Changelog](https://github.com/Hakky54/log-captor/blob/master/CHANGELOG.MD)
- [Commits](Hakky54/log-captor@v2.12.2...v2.12.6)

Updates `org.springframework:spring-context` from 7.0.7 to 7.0.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8)

---
updated-dependencies:
- dependency-name: io.github.hakky54:logcaptor
  dependency-version: 2.12.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
- dependency-name: org.springframework:spring-context
  dependency-version: 7.0.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
…updates

Bumps the prod-deps-ver group with 25 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [org.eclipse.jetty:jetty-bom](https://github.com/jetty/jetty.project) | `12.1.9` | `12.1.10` |
| org.eclipse.jetty.ee10:jetty-ee10-servlet | `12.1.9` | `12.1.10` |
| org.eclipse.jetty.ee10:jetty-ee10-webapp | `12.1.9` | `12.1.10` |
| [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) | `7.0.5` | `7.1.0` |
| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `7.0.5` | `7.1.0` |
| [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) | `4.0.6` | `4.1.0` |
| [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `4.0.6` | `4.1.0` |
| [org.springframework.boot:spring-boot-autoconfigure](https://github.com/spring-projects/spring-boot) | `4.0.6` | `4.1.0` |
| [org.springframework.boot:spring-boot-starter-tomcat](https://github.com/spring-projects/spring-boot) | `4.0.6` | `4.1.0` |
| [org.springframework:spring-core](https://github.com/spring-projects/spring-framework) | `7.0.7` | `7.0.8` |
| [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `7.0.7` | `7.0.8` |
| [org.springframework:spring-aop](https://github.com/spring-projects/spring-framework) | `7.0.7` | `7.0.8` |
| [org.springframework:spring-beans](https://github.com/spring-projects/spring-framework) | `7.0.7` | `7.0.8` |
| [org.springframework.security:spring-security-oauth2-client](https://github.com/spring-projects/spring-security) | `7.0.5` | `7.1.0` |
| [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) | `4.9.8` | `4.10.2` |
| [io.projectreactor:reactor-core](https://github.com/reactor/reactor-core) | `3.8.2` | `3.8.6` |
| [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` |
| [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` |
| [org.junit.jupiter:junit-jupiter-params](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` |
| [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` |
| [io.projectreactor:reactor-test](https://github.com/reactor/reactor-core) | `3.8.2` | `3.8.6` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.5` | `3.5.6` |
| [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.14` | `0.8.15` |
| [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.8.3` | `4.10.2.0` |
| [org.sonatype.central:central-publishing-maven-plugin](https://github.com/sonatype/central-publishing-maven-plugin) | `0.10.0` | `0.11.0` |



Updates `org.eclipse.jetty:jetty-bom` from 12.1.9 to 12.1.10
- [Release notes](https://github.com/jetty/jetty.project/releases)
- [Commits](jetty/jetty.project@jetty-12.1.9...jetty-12.1.10)

Updates `org.eclipse.jetty.ee10:jetty-ee10-servlet` from 12.1.9 to 12.1.10

Updates `org.eclipse.jetty.ee10:jetty-ee10-webapp` from 12.1.9 to 12.1.10

Updates `org.springframework.security:spring-security-bom` from 7.0.5 to 7.1.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@7.0.5...7.1.0)

Updates `org.springframework.security:spring-security-core` from 7.0.5 to 7.1.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@7.0.5...7.1.0)

Updates `org.springframework.boot:spring-boot-dependencies` from 4.0.6 to 4.1.0
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0)

Updates `org.springframework.boot:spring-boot-starter-test` from 4.0.6 to 4.1.0
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0)

Updates `org.springframework.boot:spring-boot-autoconfigure` from 4.0.6 to 4.1.0
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0)

Updates `org.springframework.boot:spring-boot-starter-tomcat` from 4.0.6 to 4.1.0
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0)

Updates `org.springframework:spring-core` from 7.0.7 to 7.0.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8)

Updates `org.springframework:spring-web` from 7.0.7 to 7.0.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8)

Updates `org.springframework:spring-aop` from 7.0.7 to 7.0.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8)

Updates `org.springframework:spring-beans` from 7.0.7 to 7.0.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8)

Updates `org.springframework:spring-web` from 6.2.18 to 7.0.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8)

Updates `org.springframework:spring-aop` from 7.0.7 to 7.0.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8)

Updates `org.springframework:spring-beans` from 7.0.7 to 7.0.8
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8)

Updates `org.springframework.security:spring-security-oauth2-client` from 7.0.5 to 7.1.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@7.0.5...7.1.0)

Updates `com.github.spotbugs:spotbugs-annotations` from 4.9.8 to 4.10.2
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.9.8...4.10.2)

Updates `io.projectreactor:reactor-core` from 3.8.2 to 3.8.6
- [Release notes](https://github.com/reactor/reactor-core/releases)
- [Commits](reactor/reactor-core@v3.8.2...v3.8.6)

Updates `org.junit:junit-bom` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.junit.jupiter:junit-jupiter-engine` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.junit.jupiter:junit-jupiter-params` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.junit.jupiter:junit-jupiter-api` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `io.projectreactor:reactor-test` from 3.8.2 to 3.8.6
- [Release notes](https://github.com/reactor/reactor-core/releases)
- [Commits](reactor/reactor-core@v3.8.2...v3.8.6)

Updates `org.springframework.boot:spring-boot-starter-test` from 3.5.14 to 4.1.0
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0)

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.5 to 3.5.6
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.5...surefire-3.5.6)

Updates `org.jacoco:jacoco-maven-plugin` from 0.8.14 to 0.8.15
- [Release notes](https://github.com/jacoco/jacoco/releases)
- [Commits](jacoco/jacoco@v0.8.14...v0.8.15)

Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.8.3 to 4.10.2.0
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.8.3...spotbugs-maven-plugin-4.10.2.0)

Updates `org.sonatype.central:central-publishing-maven-plugin` from 0.10.0 to 0.11.0
- [Commits](https://github.com/sonatype/central-publishing-maven-plugin/commits)

Updates `org.junit.jupiter:junit-jupiter-engine` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.junit.jupiter:junit-jupiter-params` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.springframework.security:spring-security-core` from 7.0.5 to 7.1.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@7.0.5...7.1.0)

Updates `org.springframework.boot:spring-boot-autoconfigure` from 3.5.14 to 4.1.0
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0)

Updates `org.springframework.boot:spring-boot-starter-tomcat` from 3.5.14 to 4.1.0
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0)

Updates `org.junit.jupiter:junit-jupiter-api` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.eclipse.jetty.ee10:jetty-ee10-servlet` from 12.1.9 to 12.1.10

Updates `org.eclipse.jetty.ee10:jetty-ee10-webapp` from 12.1.9 to 12.1.10

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-version: 4.10.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-version: 4.10.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: io.projectreactor:reactor-core
  dependency-version: 3.8.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: io.projectreactor:reactor-test
  dependency-version: 3.8.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.eclipse.jetty.ee10:jetty-ee10-servlet
  dependency-version: 12.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.eclipse.jetty.ee10:jetty-ee10-servlet
  dependency-version: 12.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.eclipse.jetty.ee10:jetty-ee10-webapp
  dependency-version: 12.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.eclipse.jetty.ee10:jetty-ee10-webapp
  dependency-version: 12.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.eclipse.jetty:jetty-bom
  dependency-version: 12.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.jacoco:jacoco-maven-plugin
  dependency-version: 0.8.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.junit.jupiter:junit-jupiter-api
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.junit.jupiter:junit-jupiter-api
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.junit.jupiter:junit-jupiter-engine
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.junit.jupiter:junit-jupiter-engine
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.junit.jupiter:junit-jupiter-params
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.junit.jupiter:junit-jupiter-params
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.junit:junit-bom
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.sonatype.central:central-publishing-maven-plugin
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.boot:spring-boot-autoconfigure
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.boot:spring-boot-autoconfigure
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.boot:spring-boot-starter-test
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.boot:spring-boot-starter-test
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.boot:spring-boot-starter-tomcat
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.boot:spring-boot-starter-tomcat
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.security:spring-security-bom
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.security:spring-security-core
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.security:spring-security-core
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework.security:spring-security-oauth2-client
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps-ver
- dependency-name: org.springframework:spring-aop
  dependency-version: 7.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.springframework:spring-aop
  dependency-version: 7.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.springframework:spring-beans
  dependency-version: 7.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.springframework:spring-beans
  dependency-version: 7.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.springframework:spring-core
  dependency-version: 7.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
- dependency-name: org.springframework:spring-web
  dependency-version: 7.0.8
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps-ver
- dependency-name: org.springframework:spring-web
  dependency-version: 7.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps-ver
...

Signed-off-by: dependabot[bot] <support@github.com>
The prod-deps-ver Dependabot bundle (#1978) textually replaced four legacy-3
version indirections with hardcoded 4.x values:
- spring-security-3/pom.xml: spring.boot.version, spring.security.oauth2.version, reactor.version
- spring-security-3-starter/pom.xml: spring.boot.version, spring.security.oauth2.version
- token-client-spring-3/pom.xml: spring.core.version
Restore the ${legacy3.*} property references so the Spring Boot 3.x
compatibility modules build against Spring 6.x as intended.

Also fix the junit-bom import in the root pom: it lacked
<type>pom</type><scope>import</scope>, so junit-platform/jupiter versions
were silently provided by spring-boot-dependencies. Aligning the junit-bom
import (and moving it ahead of spring-boot-dependencies) keeps all JUnit 6
artifacts on the same version after the 6.0.3 -> 6.1.0 bump.
Summarise the dependency updates pulled in from the bundled Dependabot
PRs (prod-deps, dev-deps, org.json, assertj samples) and the junit-bom
import fix in the root pom.
@NiklasHerrmann21 NiklasHerrmann21 merged commit d588235 into main Jun 24, 2026
4 checks passed
@NiklasHerrmann21 NiklasHerrmann21 deleted the chore/dependencies-4.1.0 branch June 24, 2026 09:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants