chore: Bundle Dependabot updates for 4.1.0#1984
Merged
Merged
Conversation
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.24.2 to 3.27.7. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.24.2...assertj-build-3.27.7) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-version: 3.27.7 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.24.2 to 3.27.7. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.24.2...assertj-build-3.27.7) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-version: 3.27.7 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
…-ias/org.assertj-assertj-core-3.27.7
…/org.assertj-assertj-core-3.27.7
…/org.assertj-assertj-core-3.27.7
…-ias/org.assertj-assertj-core-3.27.7
…/org.assertj-assertj-core-3.27.7
Bumps [org.json:json](https://github.com/douglascrockford/JSON-java) from 20251224 to 20260522. - [Release notes](https://github.com/douglascrockford/JSON-java/releases) - [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md) - [Commits](stleary/JSON-java@2025122...2026052) --- updated-dependencies: - dependency-name: org.json:json dependency-version: '20260522' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…dates Bumps the dev-deps group with 2 updates in the / directory: [io.github.hakky54:logcaptor](https://github.com/Hakky54/log-captor) and [org.springframework:spring-context](https://github.com/spring-projects/spring-framework). Updates `io.github.hakky54:logcaptor` from 2.12.2 to 2.12.6 - [Changelog](https://github.com/Hakky54/log-captor/blob/master/CHANGELOG.MD) - [Commits](Hakky54/log-captor@v2.12.2...v2.12.6) Updates `org.springframework:spring-context` from 7.0.7 to 7.0.8 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8) --- updated-dependencies: - dependency-name: io.github.hakky54:logcaptor dependency-version: 2.12.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: org.springframework:spring-context dependency-version: 7.0.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps ... Signed-off-by: dependabot[bot] <support@github.com>
…updates Bumps the prod-deps-ver group with 25 updates in the / directory: | Package | From | To | | --- | --- | --- | | [org.eclipse.jetty:jetty-bom](https://github.com/jetty/jetty.project) | `12.1.9` | `12.1.10` | | org.eclipse.jetty.ee10:jetty-ee10-servlet | `12.1.9` | `12.1.10` | | org.eclipse.jetty.ee10:jetty-ee10-webapp | `12.1.9` | `12.1.10` | | [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) | `7.0.5` | `7.1.0` | | [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `7.0.5` | `7.1.0` | | [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) | `4.0.6` | `4.1.0` | | [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `4.0.6` | `4.1.0` | | [org.springframework.boot:spring-boot-autoconfigure](https://github.com/spring-projects/spring-boot) | `4.0.6` | `4.1.0` | | [org.springframework.boot:spring-boot-starter-tomcat](https://github.com/spring-projects/spring-boot) | `4.0.6` | `4.1.0` | | [org.springframework:spring-core](https://github.com/spring-projects/spring-framework) | `7.0.7` | `7.0.8` | | [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `7.0.7` | `7.0.8` | | [org.springframework:spring-aop](https://github.com/spring-projects/spring-framework) | `7.0.7` | `7.0.8` | | [org.springframework:spring-beans](https://github.com/spring-projects/spring-framework) | `7.0.7` | `7.0.8` | | [org.springframework.security:spring-security-oauth2-client](https://github.com/spring-projects/spring-security) | `7.0.5` | `7.1.0` | | [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) | `4.9.8` | `4.10.2` | | [io.projectreactor:reactor-core](https://github.com/reactor/reactor-core) | `3.8.2` | `3.8.6` | | [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` | | [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` | | [org.junit.jupiter:junit-jupiter-params](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` | | [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` | | [io.projectreactor:reactor-test](https://github.com/reactor/reactor-core) | `3.8.2` | `3.8.6` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.5` | `3.5.6` | | [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.14` | `0.8.15` | | [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.8.3` | `4.10.2.0` | | [org.sonatype.central:central-publishing-maven-plugin](https://github.com/sonatype/central-publishing-maven-plugin) | `0.10.0` | `0.11.0` | Updates `org.eclipse.jetty:jetty-bom` from 12.1.9 to 12.1.10 - [Release notes](https://github.com/jetty/jetty.project/releases) - [Commits](jetty/jetty.project@jetty-12.1.9...jetty-12.1.10) Updates `org.eclipse.jetty.ee10:jetty-ee10-servlet` from 12.1.9 to 12.1.10 Updates `org.eclipse.jetty.ee10:jetty-ee10-webapp` from 12.1.9 to 12.1.10 Updates `org.springframework.security:spring-security-bom` from 7.0.5 to 7.1.0 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.5...7.1.0) Updates `org.springframework.security:spring-security-core` from 7.0.5 to 7.1.0 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.5...7.1.0) Updates `org.springframework.boot:spring-boot-dependencies` from 4.0.6 to 4.1.0 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0) Updates `org.springframework.boot:spring-boot-starter-test` from 4.0.6 to 4.1.0 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0) Updates `org.springframework.boot:spring-boot-autoconfigure` from 4.0.6 to 4.1.0 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0) Updates `org.springframework.boot:spring-boot-starter-tomcat` from 4.0.6 to 4.1.0 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0) Updates `org.springframework:spring-core` from 7.0.7 to 7.0.8 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8) Updates `org.springframework:spring-web` from 7.0.7 to 7.0.8 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8) Updates `org.springframework:spring-aop` from 7.0.7 to 7.0.8 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8) Updates `org.springframework:spring-beans` from 7.0.7 to 7.0.8 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8) Updates `org.springframework:spring-web` from 6.2.18 to 7.0.8 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8) Updates `org.springframework:spring-aop` from 7.0.7 to 7.0.8 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8) Updates `org.springframework:spring-beans` from 7.0.7 to 7.0.8 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v7.0.7...v7.0.8) Updates `org.springframework.security:spring-security-oauth2-client` from 7.0.5 to 7.1.0 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.5...7.1.0) Updates `com.github.spotbugs:spotbugs-annotations` from 4.9.8 to 4.10.2 - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.9.8...4.10.2) Updates `io.projectreactor:reactor-core` from 3.8.2 to 3.8.6 - [Release notes](https://github.com/reactor/reactor-core/releases) - [Commits](reactor/reactor-core@v3.8.2...v3.8.6) Updates `org.junit:junit-bom` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `org.junit.jupiter:junit-jupiter-engine` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `org.junit.jupiter:junit-jupiter-params` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `org.junit.jupiter:junit-jupiter-api` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `io.projectreactor:reactor-test` from 3.8.2 to 3.8.6 - [Release notes](https://github.com/reactor/reactor-core/releases) - [Commits](reactor/reactor-core@v3.8.2...v3.8.6) Updates `org.springframework.boot:spring-boot-starter-test` from 3.5.14 to 4.1.0 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.5 to 3.5.6 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.5...surefire-3.5.6) Updates `org.jacoco:jacoco-maven-plugin` from 0.8.14 to 0.8.15 - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](jacoco/jacoco@v0.8.14...v0.8.15) Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.8.3 to 4.10.2.0 - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.8.3...spotbugs-maven-plugin-4.10.2.0) Updates `org.sonatype.central:central-publishing-maven-plugin` from 0.10.0 to 0.11.0 - [Commits](https://github.com/sonatype/central-publishing-maven-plugin/commits) Updates `org.junit.jupiter:junit-jupiter-engine` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `org.junit.jupiter:junit-jupiter-params` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `org.springframework.security:spring-security-core` from 7.0.5 to 7.1.0 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.5...7.1.0) Updates `org.springframework.boot:spring-boot-autoconfigure` from 3.5.14 to 4.1.0 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0) Updates `org.springframework.boot:spring-boot-starter-tomcat` from 3.5.14 to 4.1.0 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.6...v4.1.0) Updates `org.junit.jupiter:junit-jupiter-api` from 6.0.3 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.3...r6.1.0) Updates `org.eclipse.jetty.ee10:jetty-ee10-servlet` from 12.1.9 to 12.1.10 Updates `org.eclipse.jetty.ee10:jetty-ee10-webapp` from 12.1.9 to 12.1.10 --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-annotations dependency-version: 4.10.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-version: 4.10.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: io.projectreactor:reactor-core dependency-version: 3.8.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: io.projectreactor:reactor-test dependency-version: 3.8.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-servlet dependency-version: 12.1.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-servlet dependency-version: 12.1.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-webapp dependency-version: 12.1.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.eclipse.jetty.ee10:jetty-ee10-webapp dependency-version: 12.1.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.eclipse.jetty:jetty-bom dependency-version: 12.1.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.jacoco:jacoco-maven-plugin dependency-version: 0.8.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.junit:junit-bom dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.sonatype.central:central-publishing-maven-plugin dependency-version: 0.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework.boot:spring-boot-autoconfigure dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-deps-ver - dependency-name: org.springframework.boot:spring-boot-autoconfigure dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework.boot:spring-boot-starter-test dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-deps-ver - dependency-name: org.springframework.boot:spring-boot-starter-test dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework.boot:spring-boot-starter-tomcat dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-deps-ver - dependency-name: org.springframework.boot:spring-boot-starter-tomcat dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework.security:spring-security-core dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework.security:spring-security-core dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework.security:spring-security-oauth2-client dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps-ver - dependency-name: org.springframework:spring-aop dependency-version: 7.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.springframework:spring-aop dependency-version: 7.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.springframework:spring-beans dependency-version: 7.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.springframework:spring-beans dependency-version: 7.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.springframework:spring-core dependency-version: 7.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver - dependency-name: org.springframework:spring-web dependency-version: 7.0.8 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-deps-ver - dependency-name: org.springframework:spring-web dependency-version: 7.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps-ver ... Signed-off-by: dependabot[bot] <support@github.com>
# Conflicts: # pom.xml
The prod-deps-ver Dependabot bundle (#1978) textually replaced four legacy-3 version indirections with hardcoded 4.x values: - spring-security-3/pom.xml: spring.boot.version, spring.security.oauth2.version, reactor.version - spring-security-3-starter/pom.xml: spring.boot.version, spring.security.oauth2.version - token-client-spring-3/pom.xml: spring.core.version Restore the ${legacy3.*} property references so the Spring Boot 3.x compatibility modules build against Spring 6.x as intended. Also fix the junit-bom import in the root pom: it lacked <type>pom</type><scope>import</scope>, so junit-platform/jupiter versions were silently provided by spring-boot-dependencies. Aligning the junit-bom import (and moving it ahead of spring-boot-dependencies) keeps all JUnit 6 artifacts on the same version after the 6.0.3 -> 6.1.0 bump.
This was referenced Jun 23, 2026
Summarise the dependency updates pulled in from the bundled Dependabot PRs (prod-deps, dev-deps, org.json, assertj samples) and the junit-bom import fix in the root pom.
kuntzed
approved these changes
Jun 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bundles five open Dependabot PRs against
maininto a single change so they can be reviewed and merged together.Included
samples/java-security-usagesamples/java-security-usage-iasDeliberately not included
Fixes applied on top of the Dependabot merges
Dependabot's prod-deps PR introduced two issues that this branch fixes:
Legacy-3 version indirections were textually replaced. Four
${legacy3.*}property references inspring-security-3/pom.xml,spring-security-3-starter/pom.xml, andtoken-client-spring-3/pom.xmlwere rewritten to hardcoded 4.x values. The Spring Boot 3.x compatibility modules would have built against Spring 7.x. Restored to${legacy3.spring.boot.version}/${legacy3.spring.core.version}/${legacy3.spring.security.oauth2.version}/${legacy3.reactor.version}.junit-bomimport was effectless. The root-pom entry was missing<type>pom</type><scope>import</scope>, so JUnit platform/jupiter versions were silently resolved through Spring Boot's BOM. With JUnit on6.1.0and Spring Boot 4.1.0 still shipping6.0.3, this caused a runtime version mismatch (jupiter.api: 6.0.3vsjupiter.engine: 6.1.0). The import is now correctly declared and moved ahead ofspring-boot-dependenciesso junit-bom wins for all five JUnit artifacts.Test plan
mvn clean install— all 13 modules greentoken-client-spring-3/spring-security-3legacy modules (Spring 6.x compatibility intact via restored${legacy3.*}references)