Bump the all group across 2 directories with 20 updates

[dependabot]

Bumps the all group with 13 updates in the / directory:

Package	From	To
com.google.errorprone:error_prone_annotations	2.44.0	2.46.0
org.jetbrains.kotlin:kotlin-bom	2.2.21	2.3.0
com.fasterxml.jackson:jackson-bom	2.20.1	2.21.0
org.apache.logging.log4j:log4j-bom	0.0.0-SNAPSHOT	2.25.3
org.apache.logging.log4j:log4j-core	2.25.2	2.25.3
org.springframework.boot:spring-boot-dependencies	3.5.7	4.0.2
org.springframework.boot:spring-boot-maven-plugin	3.5.7	4.0.2
org.springframework.cloud:spring-cloud-dependencies	2025.0.0	2025.1.0
org.aspectj:aspectjweaver	1.9.25	1.9.25.1
org.aspectj:aspectjrt	1.9.25	1.9.25.1
org.aspectj:aspectjtools	1.9.25	1.9.25.1
org.codehaus.mojo:aspectj-maven-plugin	1.15.0	1.16.0
io.fabric8:kubernetes-client-bom	7.4.0	7.5.2

Bumps the all group with 8 updates in the /log4j-samples-graalvm directory:

Package	From	To
org.apache.logging.log4j:log4j-bom	2.25.2	2.25.3
org.assertj:assertj-bom	3.27.6	3.27.7
org.junit:junit-bom	6.0.1	6.0.2
ch.qos.logback:logback-classic	1.5.20	1.5.26
org.json:json	20250517	20251224
net.javacrumbs.json-unit:json-unit-assertj	5.0.0	5.1.0
org.graalvm.buildtools:native-maven-plugin	0.11.2	0.11.4
org.codehaus.mojo:exec-maven-plugin	3.6.2	3.6.3

Updates com.google.errorprone:error_prone_annotations from 2.44.0 to 2.46.0

Release notes

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.46.0

Changes:

• The javac flag -XDaddTypeAnnotationsToSymbol=true is now required for Error Prone invocations on JDK 21, to enable the javac fix for JDK-8225377: type annotations are not visible to javac plugins across compilation boundaries. See google/error-prone#5426 for details.
• Remove deprecated value attribute from @IncompatibleModifiers and @RequiredModifiers (google/error-prone#2122)
• Error Prone API changes to encapsulate references to internal javac APIs for end position handling (EndPosTable, DiagnosticPosition) (google/error-prone@5440bb4, google/error-prone@06c2905, google/error-prone@f3915ec)

New checks:

• DuplicateAssertion: detect duplicated assertion lines where the argument to assertThat is pure
• IfChainToSwitch: suggest converting chains of if-statements into arrow switches
• ScannerUseDelimiter: discourage Scanner.useDelimiter("\\A")
• AddNullMarkedToClass: refactoring to add @NullMarked annotation to top level classes

Error Prone 2.45.0

Changes:

• Improved compatibility with latest JDK 26 EA builds.

New checks:

• AssertSameIncompatible: Detect calls to assertSame and similar assertions, where the calls are guaranteed to either succeed or fail.
• FormatStringShouldUsePlaceholders: Suggests using a format string instead of string concatenation operations on format methods

Closed issues: #5335

Full changelog: google/error-prone@v2.44.0...v2.45.0

Commits

• 471d512 Release Error Prone 2.46.0
• 2601319 Unignore a passing test.
• ad2ec70 simplify the wording of the MissingDefault summary
• 6c96e8e Implement a NullArgumentForNonNullParameter TODO related to JDK-8225377
• 5b768ff Require -XDaddTypeAnnotationsToSymbol=true, and remove workaround for JDK-8...
• 0e004e5 Fix a crash in DuplicateAssertion
• 8cfa4e5 Add a regression test for b/472686687
• 18a63d2 Avoid getDeclarationAndTypeAttributes in ClassAndMethod
• 14b6481 Make CacheLoaderNull check for more kinds of null returns.
• d3a8c00 Handle sealed and non-sealed in SuggestedFixes.
• Additional commits viewable in compare view

Updates org.jetbrains.kotlin:kotlin-bom from 2.2.21 to 2.3.0

Release notes

Sourced from org.jetbrains.kotlin:kotlin-bom's releases.

Kotlin 2.3.0

Changelog

Analysis API

• KT-80082 K2. False positive "Cannot resolve method" for self-bounded generic with wildcard return type in Java interop
• KT-80303 Move :native:analysis-api-klib-reader to :libraries:tools

Analysis API. Code Compilation

• KT-70860 K2 IDE / Kotlin Debugger: CCE “java.lang.String cannot be cast to java.lang.Void” on evaluating not-null variable on the line with assigning null to that var
• KT-78554 K2 IDE / Kotlin Debugger: ISE “No override for FUN IR_EXTERNAL_DECLARATION_STUB” on calling toString() for local class instance during evaluation
• KT-73201 K2 IDE: Error while evaluating expressions with local classes

Analysis API. FIR

• KT-81378 Expected expression 'FirFunctionCallImpl' to be resolved caused by suspend {}
• KT-80473 Add events for tracking LL activities
• KT-46375 Analysis API: Support cross-file class redeclaration checks using indices
• KT-80471 Analysis API: Deduplicate equivalent call candidates in resolveToCallCandidates
• KT-79653 [Analysis API] ContextCollector: BODY context of enum classes doesn't contain enum entries
• KT-75858 K2 AA: False positive 'property must be initialized' on incremental analysis with 'field' usage and semicolon in setter
• KT-80231 AnnotationArgumentsStateKeepers doesn't restore the initial annotation in some cases
• KT-80233 Pull mutation out of AnnotationArgumentsStateKeepers
• KT-71466 LLFirBuiltinsSessionFactory uses createCompositeSymbolProvider
• KT-76432 JavaClassUseSiteMemberScope: Expected FirResolvedTypeRef with ConeKotlinType but was FirUserTypeRefImpl

Analysis API. Infrastructure

• KT-80717 Support IntelliJ Bazel build in the Kotlin Coop development mode

Analysis API. Light Classes

• KT-80656 Duplicate no-args constructor in PSI
• KT-60490 Symbol Light Classes: Property accessors from a delegated interface don't present in the delegating class
• KT-79689 SymbolLightClassForClassLike.toString() causes PSI tree loading
• KT-80690 Private interface functions are not present in light classes
• KT-80256 K2: Certain actions in JPA code causes infinite PIEAE: "Element class CompositeElement of type REFERENCE_EXPRESSION (class KtNameReferenceExpressionElementType)"
• KT-79012 Add a high-level overview of light classes

Analysis API. Providers and Caches

Fixes

• KT-81476 Analysis API: AlreadyDisposedException from low-memory cache cleanup
• KT-80911 Analysis API: Execute session invalidation in a non-cancelable section
• KT-81242 Analysis API: Add UUID/lifetime properties to LL FIR session structure logging
• KT-80622 Analysis API: Visualise LL FIR session structure & weight
• KT-80904 Analysis API: "Invalid dangling file module" exception during session invalidation
• KT-78882 K2 AA: Calling containingSymbol on getProgressionLastElement causes exception

... (truncated)

Changelog

Sourced from org.jetbrains.kotlin:kotlin-bom's changelog.

2.3.0

Analysis API

• KT-80082 K2. False positive "Cannot resolve method" for self-bounded generic with wildcard return type in Java interop
• KT-80303 Move :native:analysis-api-klib-reader to :libraries:tools

Analysis API. Code Compilation

• KT-70860 K2 IDE / Kotlin Debugger: CCE “java.lang.String cannot be cast to java.lang.Void” on evaluating not-null variable on the line with assigning null to that var
• KT-78554 K2 IDE / Kotlin Debugger: ISE “No override for FUN IR_EXTERNAL_DECLARATION_STUB” on calling toString() for local class instance during evaluation
• KT-73201 K2 IDE: Error while evaluating expressions with local classes

Analysis API. FIR

• KT-81378 Expected expression 'FirFunctionCallImpl' to be resolved caused by suspend {}
• KT-80473 Add events for tracking LL activities
• KT-46375 Analysis API: Support cross-file class redeclaration checks using indices
• KT-80471 Analysis API: Deduplicate equivalent call candidates in resolveToCallCandidates
• KT-79653 [Analysis API] ContextCollector: BODY context of enum classes doesn't contain enum entries
• KT-75858 K2 AA: False positive 'property must be initialized' on incremental analysis with 'field' usage and semicolon in setter
• KT-80231 AnnotationArgumentsStateKeepers doesn't restore the initial annotation in some cases
• KT-80233 Pull mutation out of AnnotationArgumentsStateKeepers
• KT-71466 LLFirBuiltinsSessionFactory uses createCompositeSymbolProvider
• KT-76432 JavaClassUseSiteMemberScope: Expected FirResolvedTypeRef with ConeKotlinType but was FirUserTypeRefImpl

Analysis API. Infrastructure

• KT-80717 Support IntelliJ Bazel build in the Kotlin Coop development mode

Analysis API. Light Classes

• KT-80656 Duplicate no-args constructor in PSI
• KT-60490 Symbol Light Classes: Property accessors from a delegated interface don't present in the delegating class
• KT-79689 SymbolLightClassForClassLike.toString() causes PSI tree loading
• KT-80690 Private interface functions are not present in light classes
• KT-80256 K2: Certain actions in JPA code causes infinite PIEAE: "Element class CompositeElement of type REFERENCE_EXPRESSION (class KtNameReferenceExpressionElementType)"
• KT-79012 Add a high-level overview of light classes

Analysis API. Providers and Caches

Fixes

• KT-81476 Analysis API: AlreadyDisposedException from low-memory cache cleanup
• KT-80911 Analysis API: Execute session invalidation in a non-cancelable section
• KT-81242 Analysis API: Add UUID/lifetime properties to LL FIR session structure logging
• KT-80622 Analysis API: Visualise LL FIR session structure & weight
• KT-80904 Analysis API: "Invalid dangling file module" exception during session invalidation
• KT-78882 K2 AA: Calling containingSymbol on getProgressionLastElement causes exception
• KT-58325 Analysis API: Combine LLKotlinStubBasedLibrarySymbolProviders in session dependencies (optimization)

... (truncated)

Commits

• f95cb2f Add ChangeLog for 2.3.0-RC3
• 9d65a2e KT-82901: Fix issue with converting Long.MIN_VALUE to Duration
• 35a9a82 FE: Postpone DiscriminateSuspendInOverloadResolution
• e0b7eea FE: Add tests for KT-82869
• e66298c Add ChangeLog for 2.3.0-RC2
• e490802 [K/JS] Introduce a compiler argument to enable export of suspend functions
• 585094b FIR2IR: Avoid generation of incorrect suspend adapter for custom implementation
• c69adc7 FIR2IR: Rename and clarify contracts for suspicious utility function
• b4bb8bf FIR2IR: Pass original expected type to applySuspendConversionIfNeeded
• 4718830 FIR2IR: Add tests for KT-82590
• Additional commits viewable in compare view

Updates com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.21.0

Commits

• 901b398 [maven-release-plugin] prepare release jackson-bom-2.21.0
• 86a4b9f ...
• 6b5de3a Prep for 2.21 release
• 3001d78 Merge pull request #116 from FasterXML/tatu/2.21/115-fix-cyclonedx-backport-i...
• 9370292 makeAggregateBom -> makeBom
• 3e4db58 Backport #115 in 2.x for 2.21
• 0ce4467 Merge branch '2.20' into 2.x
• 0dc79f5 ...
• 6a3d76b Merge branch '2.20' into 2.x
• 1d52817 Post-release dep version bump
• Additional commits viewable in compare view

Updates org.apache.logging.log4j:log4j-bom from 0.0.0-SNAPSHOT to 2.25.3

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.25.3

This patch release addresses issues detailed in the changelog below. In particular, it includes an important fix for the host name verification in SSL/TLS configuration. This is used by Socket Appender.

Changed

• Optimize DefaultThreadContextMap.getCopy() performance by avoiding megamorphic calls in HashMap constructor (#3935, #3939)

Fixed

• Fix GraalVM metadata for nested classes to use binary names instead of canonical names (#3871, #3996)
• Fix failures caused by null SslConfiguration (#3947, #3953)
• Fix incorrect handling of the host name verification in SSL/TLS configuration, which is used by Socket Appender when SSL/TLS is enabled (#4002)

Removed

• Remove the com.github.spotbugs:spotbugs-annotations dependency (#3984, #3985)

2.25.2

This patch release addresses certain minor issues detailed in the changelog.

Fixed

• Fix potential memory leak involving LogBuilder in Log4j API to Logback bridge (#3819, #3824)
• Prevent unnecessary warnings in AbstractDriverManagerConnectionSource (#3828, #3831)
• Fix missing newlines in default logging configuration for log4j-core (#3835, #3851)
• Fix missing default Target value in Console Appender (#3852)
• Discard the sub-second part while obtaining the initial time (i.e., creation time) of a file in RollingFileManager (#3068, #3872)
• Fix Pattern Layout exception stack trace converters to no longer prepend newlines based on context (#3873, #3919)
• Fix the com.google.errorprone:error_prone_annotations dependency whose version property gets erased due to flattening (#3779, #3785, #3822, #3905)
• Fix detection of Throwable converters inside nested Pattern Layout patterns when applying alwaysWriteExceptions (#3920)
• Fix parsing and merging of literals in InstantPatternDynamicFormatter (#3930, #3932)

2.25.1

This patch release addresses a dozen bugs in version 2.25.0, in particular:

• Resolves a concurrency issue in the new unified datetime formatter.
• Fixes build failures affecting Gradle users.
• Restores backward compatibility with Spring Boot’s common logging configuration.
• Improves handling of edge cases in GraalVM support.

Fixed

• Fix detection of the Disruptor major version in environments with non-standard thread context classloader. (#3706)
• Downgrade spotbugs-annotations to resolve Gradle build failures. (#3754)
• Fix incorrect version resolution of jspecify and error_prone_annotations dependencies in published POM files. (#3758, #3779)
• Restore compatibility with Spring Boot by allowing reconfiguration using the LoggerContext.start method. (#3770)
• Allow omission of the -Alog4j.graalvm.groupId and -Alog4j.graalvm.artifactId arguments when building Log4j plugins. (#3771)
• Broaden the OSGi manifest's Import-Package constraints to support Jakarta Servlet API up to version 6. (#3787)
• Enable the resource: protocol for configuration files by default when running on GraalVM. (#3790)
• Fix timestamp formatting concurrency issue, when log4j2.enabledThreadlocals is true. (#3792)

... (truncated)

Commits

• See full diff in compare view

Updates org.apache.logging.log4j:log4j-core from 2.25.2 to 2.25.3

Updates org.springframework.boot:spring-boot-dependencies from 3.5.7 to 4.0.2

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v4.0.2

⚠️ Noteworthy Changes

• The dependency on org.eclipse.jetty.ee11:jetty-ee11-servlets has been removed from spring-boot-jetty as it was unnecessary and unused. If your application code depends on a class from jetty-ee11-servlets, declare a dependency on it in your build configuration. #48677

🐞 Bug Fixes

• No TransactionAutoConfiguration with spring-boot-starter-kafka for Spring Boot 4 #48880
• Evaluation of bean conditions unnecessarily queries the bean factory for types that are not present #48840
• When a bean condition references a type that is not present, it appears as ? in the condition evaluation report #48838
• SessionAutoConfiguration creates a DefaultCookieSerializer with a default SameSite of null instead of Lax #48830
• Setting graphql schema location to "classpath*:graphql/**/" causes failure due to incorrectly packaged test resource #48829
• Message interpolation by MVC and WebFlux's Validators does not work correctly in a native image #48828
• CloudFoundry integration fails in Servlet-based web app without a dependency on spring-boot-starter-restclient #48826
• RestTestClientAutoConfiguration and TestRestTemplateAutoConfiguration should be package-private #48820
• SSL metrics are no longer auto-configured #48819
• Actuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) #48812
• DataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image #48703
• The spring-boot-cloudfoundry module should only have an optional dependency on spring-boot-security #48685
• Application JAR created by extract command is not reproductible #48678
• AOT processing of tests should not be disabled when 'skipTests' is set #48662
• @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) is no longer applied to the management server #48653
• Fix zero-length byte buffer in InspectedContent #48650
• Can no longer override JacksonJsonHttpMessageConverter with ServerHttpMessageConvertersCustomizer #48635
• HttpServiceClientProperties incorrectly uses the @ConfigurationProperties annotation on a LinkedHashMap class #48616
• spring-boot-micrometer-tracing-opentelemetry fails if spring-boot-opentelemetry isn't there #48585
• App fails to start with starter-webmvc and starter-zipkin #48581
• Micrometer test modules should have an api dependency on micrometer-observation-test #48386

📔 Documentation

• Fix typo in REST client documentation #48907
• Remove duplicate word #48874
• Document support for configuring arguments passed to Docker Compose #48806
• The documentation related to EnvironmentPostProcessor links to deprecated interface #48803
• Update documentation for Buildpack's AOT Cache support #48769
• Correct docs to use new location for error handling configuration properties #48767
• Document spring-boot-starter-cloudfoundry on Cloud Foundry Support Page #48675
• Clarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file #48659
• Example using excludeDevtools property should document that optional dependencies should be enabled #48641
• Fix grammar and typos in the reference guide #48601
• Update Tracing section for Spring Boot 4's modularity #48576

🔨 Dependency Upgrades

• Upgrade to Classmate 1.7.3 #48783
• Upgrade to Elasticsearch Client 9.2.3 #48721
• Upgrade to Hibernate 7.2.1.Final #48857
• Upgrade to HttpClient5 5.5.2 #48784
• Upgrade to Jackson 2 Bom 2.20.2 #48910

... (truncated)

Commits

• fae3545 Release v4.0.2
• 9fde744 Merge branch '3.5.x' into 4.0.x
• 650236d Remove breaking and unnecessary Undertow TLS with RSA test
• 547bc77 Upgrade to Spring Batch 6.0.2
• 4387cbb Upgrade to Jackson Bom 3.0.4
• abec26e Polish
• f677fba Upgrade to Spring Integration 7.0.2
• 849c2ee Upgrade to Spring GraphQL 2.0.2
• facd456 Upgrade to Nullability Plugin 0.0.10
• e99c08f Merge branch '3.5.x' into 4.0.x
• Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-maven-plugin from 3.5.7 to 4.0.2

Release notes

Sourced from org.springframework.boot:spring-boot-maven-plugin's releases.

v4.0.2

⚠️ Noteworthy Changes

• The dependency on org.eclipse.jetty.ee11:jetty-ee11-servlets has been removed from spring-boot-jetty as it was unnecessary and unused. If your application code depends on a class from jetty-ee11-servlets, declare a dependency on it in your build configuration. #48677

🐞 Bug Fixes

• No TransactionAutoConfiguration with spring-boot-starter-kafka for Spring Boot 4 #48880
• Evaluation of bean conditions unnecessarily queries the bean factory for types that are not present #48840
• When a bean condition references a type that is not present, it appears as ? in the condition evaluation report #48838
• SessionAutoConfiguration creates a DefaultCookieSerializer with a default SameSite of null instead of Lax #48830
• Setting graphql schema location to "classpath*:graphql/**/" causes failure due to incorrectly packaged test resource #48829
• Message interpolation by MVC and WebFlux's Validators does not work correctly in a native image #48828
• CloudFoundry integration fails in Servlet-based web app without a dependency on spring-boot-starter-restclient #48826
• RestTestClientAutoConfiguration and TestRestTemplateAutoConfiguration should be package-private #48820
• SSL metrics are no longer auto-configured #48819
• Actuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) #48812
• DataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image #48703
• The spring-boot-cloudfoundry module should only have an optional dependency on spring-boot-security #48685
• Application JAR created by extract command is not reproductible #48678
• AOT processing of tests should not be disabled when 'skipTests' is set #48662
• @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) is no longer applied to the management server #48653
• Fix zero-length byte buffer in InspectedContent #48650
• Can no longer override JacksonJsonHttpMessageConverter with ServerHttpMessageConvertersCustomizer #48635
• HttpServiceClientProperties incorrectly uses the @ConfigurationProperties annotation on a LinkedHashMap class #48616
• spring-boot-micrometer-tracing-opentelemetry fails if spring-boot-opentelemetry isn't there #48585
• App fails to start with starter-webmvc and starter-zipkin #48581
• Micrometer test modules should have an api dependency on micrometer-observation-test #48386

📔 Documentation

• Fix typo in REST client documentation #48907
• Remove duplicate word #48874
• Document support for configuring arguments passed to Docker Compose #48806
• The documentation related to EnvironmentPostProcessor links to deprecated interface #48803
• Update documentation for Buildpack's AOT Cache support #48769
• Correct docs to use new location for error handling configuration properties #48767
• Document spring-boot-starter-cloudfoundry on Cloud Foundry Support Page #48675
• Clarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file #48659
• Example using excludeDevtools property should document that optional dependencies should be enabled #48641
• Fix grammar and typos in the reference guide #48601
• Update Tracing section for Spring Boot 4's modularity #48576

🔨 Dependency Upgrades

• Upgrade to Classmate 1.7.3 #48783
• Upgrade to Elasticsearch Client 9.2.3 #48721
• Upgrade to Hibernate 7.2.1.Final #48857
• Upgrade to HttpClient5 5.5.2 #48784
• Upgrade to Jackson 2 Bom 2.20.2 #48910

... (truncated)

Commits

• fae3545 Release v4.0.2
• 9fde744 Merge branch '3.5.x' into 4.0.x
• 650236d Remove breaking and unnecessary Undertow TLS with RSA test
• 547bc77 Upgrade to Spring Batch 6.0.2
• 4387cbb Upgrade to Jackson Bom 3.0.4
• abec26e Polish
• f677fba Upgrade to Spring Integration 7.0.2
• 849c2ee Upgrade to Spring GraphQL 2.0.2
• facd456 Upgrade to Nullability Plugin 0.0.10
• e99c08f Merge branch '3.5.x' into 4.0.x
• Additional commits viewable in compare view

Updates org.springframework.cloud:spring-cloud-dependencies from 2025.0.0 to 2025.1.0

Commits

• fad431d Update SNAPSHOT to 2025.1.0
• 922da91 Merge pull request #444 from spring-cloud/dependabot/github_actions/main/acti...
• 56207f4 Bump actions/checkout from 5 to 6
• f9e1a3a Updates GenerateReleaseTrainDocs to use property from bom for boot version.
• 36f42b2 Removes spring-cloud-starter-parent
• 250329c Bumping versions
• ef9f533 Updates boot to 4.0.0
• 3c1ebc0 Bumping versions
• 35cf36e Going back to snapshots
• bd1fc81 Update SNAPSHOT to 2025.1.0-RC1
• Additional commits viewable in compare view

Updates org.apache.logging.log4j:log4j-core from 2.25.2 to 2.25.3

Updates org.springframework.boot:spring-boot-maven-plugin from 3.5.7 to 4.0.2

Release notes

Sourced from org.springframework.boot:spring-boot-maven-plugin's releases.

v4.0.2

⚠️ Noteworthy Changes

• The dependency on org.eclipse.jetty.ee11:jetty-ee11-servlets has been removed from spring-boot-jetty as it was unnecessary and unused. If your application code depends on a class from jetty-ee11-servlets, declare a dependency on it in your build configuration. #48677

🐞 Bug Fixes

• No TransactionAutoConfiguration with spring-boot-starter-kafka for Spring Boot 4 #48880
• Evaluation of bean conditions unnecessarily queries the bean factory for types that are not present #48840
• When a bean condition references a type that is not present, it appears as ? in the condition evaluation report #48838
• SessionAutoConfiguration creates a DefaultCookieSerializer with a default SameSite of null instead of Lax #48830
• Setting graphql schema location to "classpath*:graphql/**/" causes failure due to incorrectly packaged test resource #48829
• Message interpolation by MVC and WebFlux's Validators does not work correctly in a native image #48828
• CloudFoundry integration fails in Servlet-based web app without a dependency on spring-boot-starter-restclient #48826
• RestTestClientAutoConfiguration and TestRestTemplateAutoConfiguration should be package-private #48820
• SSL metrics are no longer auto-configured #48819
• Actuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) #48812
• DataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image #48703
• The spring-boot-cloudfoundry module should only have an optional dependency on spring-boot-security #48685
• Application JAR created by extract command is not reproductible #48678
• AOT processing of tests should not be disabled when 'skipTests' is set #48662
• @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) is no longer applied to the management server #48653
• Fix zero-length byte buffer in InspectedContent #48650
• Can no longer override JacksonJsonHttpMessageConverter with ServerHttpMessageConvertersCustomizer #48635
• HttpServiceClientProperties incorrectly uses the @ConfigurationProperties annotation on a LinkedHashMap class #48616
• spring-boot-micrometer-tracing-opentelemetry fails if spring-boot-opentelemetry isn't there #48585
• App fails to start with starter-webmvc and starter-zipkin #48581
• Micrometer test modules should have an api dependency on micrometer-observation-test #48386

📔 Documentation

• Fix typo in REST client documentation #48907
• Remove duplicate word #48874
• Document support for configuring arguments passed to Docker Compose #48806
• The documentation related to EnvironmentPostProcessor links to deprecated interface #48803
• Update documentation for Buildpack's AOT Cache support #48769
• Correct docs to use new location for error handling configuration properties #48767
• Document spring-boot-starter-cloudfoundry on Cloud Foundry Support Page #48675
• Clarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file #48659
• Example using excludeDevtools property should document that optional dependencies should be enabled #48641
• Fix grammar and typos in the reference guide #48601
• Update Tracing section for Spring Boot 4's modularity #48576

🔨 Dependency Upgrades

• Upgrade to Classmate 1.7.3 #48783
• Upgrade to Elasticsearch Client 9.2.3 #48721
• Upgrade to Hibernate 7.2.1.Final #48857
• Upgrade to HttpClient5 5.5.2 #48784
• Upgrade to Jackson 2 Bom 2.20.2 #48910

... (truncated)

Commits

• fae3545 Release v4.0.2
• 9fde744 Merge branch '3.5.x' into 4.0.x
• 650236d Remove breaking and unnecessary Undertow TLS with RSA test
• 547bc77 Upgrade to Spring Batch 6.0.2
• 4387cbb Upgrade to Jackson Bom 3.0.4
• abec26e Polish
• f677fba Upgrade to Spring Integration 7.0.2
• 849c2ee Upgrade to Spring GraphQL 2.0.2
• facd456 Upgrade to Nullability Plugin 0.0.10
• e99c08f Merge branch '3.5.x' into 4.0.x
• Additional commits viewable in compare view

Updates org.aspectj:aspectjweaver from 1.9.25 to 1.9.25.1

Release notes

Sourced from org.aspectj:aspectjweaver's releases.

1.9.25.1

Full Changelog: eclipse-aspectj/aspectj@V1_9_25...V1_9_25_1

Commits

• See full diff in compare view

Updates org.aspectj:aspectjrt from 1.9.25 to 1.9.25.1

Release notes

Sourced from org.aspectj:aspectjrt's releases.

1.9.25.1

Full Changelog: eclipse-aspectj/aspectj@V1_9_25...V1_9_25_1

Commits

• See full diff in compare view

Updates org.aspectj:aspectjtools from 1.9.25 to 1.9.25.1

Release notes

Sourced from org.aspectj:aspectjtools's releases.

1.9.25.1

Full Changelog: eclipse-aspectj/aspectj@V1_9_25...V1_9_25_1

Commits

• See full diff in compare view

Updates org.aspectj:aspectjrt from 1.9.25 to 1.9.25.1

Release notes

Sourced from org.aspectj:aspectjrt's releases.

1.9.25.1

Full Changelog: eclipse-aspectj/aspectj@V1_9_25...V1_9_25_1

Commits

• See full diff in compare view

Updates org.aspectj:aspectjtools from 1.9.25 to 1.9.25.1

Release notes

Sourced from org.aspectj:aspectjtools's releases.

1.9.25.1

Full Changelog: eclipse-aspectj/aspectj@V1_9_25...V1_9_25_1

Commits

• See full diff in compare view

Updates org.codehaus.mojo:aspectj-maven-plugin from 1.15.0 to 1.16.0

Release notes

Sourced from org.codehaus.mojo:aspectj-maven-plugin's releases.

1.16.0

🚀 New features and improvements

• #243 Add Java 25 support. (#244) @​martinaldrin
• Making the plugin compatible with Maven 4 (#223) @​slachiewicz

👻 Maintenance

• Fix build with Java 24 (#225) @​slachiewicz
• Switch to Doxia 2 (#224) @​slachiewicz

📦 Dependency updates

• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.0 (#249) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 94 to 95...

  Description has been truncated