Bump the all-maven-dependencies group across 2 directories with 5 updates by dependabot[bot] · Pull Request #633 · SAP-samples/cloud-cap-samples-java

dependabot · 2026-03-30T12:25:25Z

Bumps the all-maven-dependencies group with 5 updates in the / directory:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	`3.5.11`	`3.5.13`
com.sap.cloud.security:java-bom	`3.6.8`	`3.6.9`
com.diffplug.spotless:spotless-maven-plugin	`3.3.0`	`3.4.0`
com.sap.hcp.cf.logging:cf-java-logging-support-servlet	`4.1.0`	`4.1.1`
com.sap.hcp.cf.logging:cf-java-logging-support-logback	`4.1.0`	`4.1.1`

Bumps the all-maven-dependencies group with 5 updates in the /srv directory:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	`3.5.11`	`3.5.13`
com.sap.cloud.security:java-bom	`3.6.8`	`3.6.9`
com.diffplug.spotless:spotless-maven-plugin	`3.3.0`	`3.4.0`
com.sap.hcp.cf.logging:cf-java-logging-support-servlet	`4.1.0`	`4.1.1`
com.sap.hcp.cf.logging:cf-java-logging-support-logback	`4.1.0`	`4.1.1`

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.11 to 3.5.13

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.5.13

⚠️ Attention Required

Jackson has been upgraded to 2.21.2 in response to the Jackson team ending support for Jackson 2.19.x and 2.20.x. #49365

🐞 Bug Fixes

WebSocket messaging's task executors are only auto-configured and stompWebSocketHandlerMapping is only forced to be eager when using Jackson #49750

Metadata annotation processor ignores method-level @NestedConfigurationProperty when using constructor binding #49734

Override of property in external 'application.properties' or 'application.yaml' is ignored #49724

Some sliced tests that import TransactionAutoConfiguration do not import TransactionManagerCustomizationAutoConfiguration #49716

NativeImageResourceProvider does not find Flyway migration scripts in subdirectories #49661

@GraphQlTest does not include @ControllerAdvice #49660

📔 Documentation

Fix incorrect indefinite articles in Javadoc #49723

Add some more Kotlin examples and trivial style fixes #49710

🔨 Dependency Upgrades

Upgrade to Hibernate 6.6.45.Final #49757

Upgrade to jOOQ 3.19.31 #49758

Upgrade to Netty 4.1.132.Final #49759

Upgrade to Tomcat 10.1.53 #49760

Upgrade to Undertow 2.3.24.Final #49761

Upgrade to Zipkin Reporter 3.5.3 #49756

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Joowon-Seo, @deejay1, @dlwldnjs1009, and @ljrmorgan

v3.5.12

🐞 Bug Fixes

EndpointRequest request matcher for health groups is too complex #49648

"/cloudfoundryapplication" web path is not limited to Actuator #49645

RSocket exposes duplicate endpoint for websocket setups #49592

Fix EndpointRequest.toLinks() when base-path is '/' #49591

SpringBootContextLoader mentions class that no longer exists in message for classes or locations assertion #49518

"spring.main.cloud-platform=none" does not disable cloud features #49478

Using @AutoConfigureWebTestClient prevents separate configuration of spring.test.webtestclient.timeout from taking effect #49340

Ordering of 'spring.config.import' is inconsistent when defined in environment or system properties #49324

RouterFunctions descriptions in Actuator do not support nesting #49289

Maven plugin does not set '-parameters' option when processing AOT code #49268

SSL support with Docker Compose does not work as documented #49210

Docker fails when a 'tcp://' address ends with a slash (for example 'tcp://docker:2375/') #49055

... (truncated)

Commits

4a4c79f Release v3.5.13
696a60e Full auto-configure transaction management in slice tests
4b37ecb Upgrade to Undertow 2.3.24.Final
32a51d5 Upgrade to Tomcat 10.1.53
0934296 Upgrade to Netty 4.1.132.Final
851ddda Upgrade to jOOQ 3.19.31
ef876fe Upgrade to Hibernate 6.6.45.Final
2841d87 Upgrade to Zipkin Reporter 3.5.3
025b527 Fix WebSocketMessagingAutoConfiguration in the absence of Jackson
3282672 Make DevTools tests more tolerant to wrapped DataSource
Additional commits viewable in compare view

Updates com.sap.cloud.security:java-bom from 3.6.8 to 3.6.9

Release notes

Sourced from com.sap.cloud.security:java-bom's releases.

3.6.9

Fix token exchange logic in DefaultIdTokenExtension to correctly identify App2App tokens that require exchange (where aud contains a single audience different from azp)

Changelog

Sourced from com.sap.cloud.security:java-bom's changelog.

3.6.9

Fix token exchange logic in DefaultIdTokenExtension to correctly identify App2App tokens that require exchange (where aud contains a single audience different from azp)

Commits

2c6f46b fix: Correct token exchange logic for App2App flows in DefaultIdTokenExtensio...
See full diff in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 3.3.0 to 3.4.0

Release notes

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Maven Plugin v3.4.0

Added

Add tableTest format type for standalone .table files. (#2880)

Changes

Bump default tabletest-formatter version 1.0.1 -> 1.1.1, now works with Java 17+. (#2880)

Lib v3.3.1

Fixed

GitPrePushHookInstaller didn't work on windows, now fixed. (#2562)

Changelog

Sourced from com.diffplug.spotless:spotless-maven-plugin's changelog.

spotless-lib and spotless-lib-extra releases

If you are a Spotless user (as opposed to developer), then you are probably looking for:

https://github.com/diffplug/spotless/blob/main/plugin-gradle/CHANGES.md

https://github.com/diffplug/spotless/blob/main/plugin-maven/CHANGES.md

This document is intended for Spotless developers.

We adhere to the keepachangelog format (starting after version 1.27.0).

[Unreleased]

[4.5.0] - 2026-03-18

Added

Add tableTest format type for standalone .table files. (#2880)

Changes

Bump default tabletest-formatter version 1.0.1 -> 1.1.1, now works with Java 17+. (#2880)

[4.4.0] - 2026-03-02

Added

Add tabletest-formatter support for Java and Kotlin. (#2860)

Fixed

Fix the ability to specify a wildcard version (*) for external formatter executables, which did not work. (#2848)

[fix] ConcurrentModificationException in expandWildcardImports (#2830)

[4.3.0] - 2026-01-27

Added

Add P2Provisioner interface in lib-extra to enable build-tool-specific caching strategies for Eclipse P2 dependencies, fixing OutOfMemoryError in large multi-project builds. (#2788)

Fixed

removeSemicolons() should not be applied to multiline strings in groovy #2780 (#2792)

[4.2.0] - 2026-01-22

Added

Add a expandWildcardImports API for java (#2679)

Add the ability to specify a wildcard version (*) for external formatter executables. (#2757)

Fixed

Prevent race conditions when multiple npm-based formatters launch the server process simultaneously while sharing the same node_modules directory. (#2786)

Git ratchet no longer throws an error with Git worktrees. (#2779)

Changes

Bump default ktfmt version to latest 0.59 -> 0.61. (2804)

Bump default ktlint version to latest 1.7.1 -> 1.8.0. (2763)

Bump default gherkin-utils version to latest 9.2.0 -> 10.0.0. (#2619)

[4.1.0] - 2025-11-18

Changes

Bump default ktfmt version to latest 0.58 -> 0.59. (#2681

Bump default jackson version to latest 2.20.0 -> 2.20.1. (#2730)

Bump default cleanthat version to latest 2.23 -> 2.24. (#2620)

... (truncated)

Commits

708a1b0 Published maven/3.4.0
1cc0163 Published gradle/8.4.0
a4cd808 Published lib/4.5.0
9066bf6 Add links to the changelog.
db8dc1c Fix for illegal mutation issue with predeclareDeps (#2892)
0eb98a9 chore: Updated gradle plugin change
3f7f12e chore: Removes check for predeclare as it's not needed anymore
55c0c5c fix: IsolatedProjectTest.predeclaredIsUnsupported() is now actually supported...
47489af fix: avoid IllegalMutationException when root project uses predeclareDeps() w...
4010e8b test: Introduce a test harnessing predeclared deps
Additional commits viewable in compare view

Updates com.sap.hcp.cf.logging:cf-java-logging-support-servlet from 4.1.0 to 4.1.1

Release notes

Sourced from com.sap.hcp.cf.logging:cf-java-logging-support-servlet's releases.

4.1.1

What's Changed

This release upgrades dependencies to match Spring Boot 3.5.12 and the latest OpenTelemetry Java Agent 2.25.0. It also contains a fix for the Dynatrace token-name property.

Details

Bump ch.qos.logback:logback-classic from 1.5.23 to 1.5.24 by @dependabot[bot] in SAP/cf-java-logging-support#331

Fix Dynatrace Token-Name property by @KarstenSchnitter in SAP/cf-java-logging-support#341

Bump org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0 by @dependabot[bot] in SAP/cf-java-logging-support#333

Bump org.codehaus.mojo:buildnumber-maven-plugin from 3.2.1 to 3.3.0 by @dependabot[bot] in SAP/cf-java-logging-support#335

Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 by @dependabot[bot] in SAP/cf-java-logging-support#340

Bump mockito.version from 5.21.0 to 5.22.0 by @dependabot[bot] in SAP/cf-java-logging-support#351

Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.32 by @dependabot[bot] in SAP/cf-java-logging-support#350

Minor Version upgrade of Spring Boot to v3.5.12 by @KarstenSchnitter in SAP/cf-java-logging-support#352

Bump com.auth0:java-jwt from 4.5.0 to 4.5.1 by @dependabot[bot] in SAP/cf-java-logging-support#342

Bump io.opentelemetry.javaagent:opentelemetry-javaagent from 2.23.0 to 2.25.0 by @dependabot[bot] in SAP/cf-java-logging-support#346

Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 by @dependabot[bot] in SAP/cf-java-logging-support#348

Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources from 1.52.0-alpha to 1.54.0-alpha by @dependabot[bot] in SAP/cf-java-logging-support#349

Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in SAP/cf-java-logging-support#358

Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @dependabot[bot] in SAP/cf-java-logging-support#357

Bump mockito.version from 5.22.0 to 5.23.0 by @dependabot[bot] in SAP/cf-java-logging-support#353

Create final Release 4.1.1 by @KarstenSchnitter in SAP/cf-java-logging-support#359

Full Changelog: SAP/cf-java-logging-support@4.1.0...4.1.1

Commits

75311c5 Create Final Release 4.1.1
0d6e0c6 Remove unused constants
94bd069 Add new VALUE attribute type
21b9cbe Handle deprecation of Logback Markers
b1eed21 Bump mockito.version from 5.22.0 to 5.23.0
de42cb6 Bump org.apache.maven.plugins:maven-compiler-plugin
021a541 Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2
6a4218f Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources
d557bc8 Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 (#348)
6f0efb2 Bump io.opentelemetry.javaagent:opentelemetry-javaagent
Additional commits viewable in compare view

Updates com.sap.hcp.cf.logging:cf-java-logging-support-logback from 4.1.0 to 4.1.1

Release notes

Sourced from com.sap.hcp.cf.logging:cf-java-logging-support-logback's releases.

4.1.1

What's Changed

This release upgrades dependencies to match Spring Boot 3.5.12 and the latest OpenTelemetry Java Agent 2.25.0. It also contains a fix for the Dynatrace token-name property.

Details

Bump ch.qos.logback:logback-classic from 1.5.23 to 1.5.24 by @dependabot[bot] in SAP/cf-java-logging-support#331

Fix Dynatrace Token-Name property by @KarstenSchnitter in SAP/cf-java-logging-support#341

Bump org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0 by @dependabot[bot] in SAP/cf-java-logging-support#333

Bump org.codehaus.mojo:buildnumber-maven-plugin from 3.2.1 to 3.3.0 by @dependabot[bot] in SAP/cf-java-logging-support#335

Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 by @dependabot[bot] in SAP/cf-java-logging-support#340

Bump mockito.version from 5.21.0 to 5.22.0 by @dependabot[bot] in SAP/cf-java-logging-support#351

Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.32 by @dependabot[bot] in SAP/cf-java-logging-support#350

Minor Version upgrade of Spring Boot to v3.5.12 by @KarstenSchnitter in SAP/cf-java-logging-support#352

Bump com.auth0:java-jwt from 4.5.0 to 4.5.1 by @dependabot[bot] in SAP/cf-java-logging-support#342

Bump io.opentelemetry.javaagent:opentelemetry-javaagent from 2.23.0 to 2.25.0 by @dependabot[bot] in SAP/cf-java-logging-support#346

Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 by @dependabot[bot] in SAP/cf-java-logging-support#348

Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources from 1.52.0-alpha to 1.54.0-alpha by @dependabot[bot] in SAP/cf-java-logging-support#349

Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in SAP/cf-java-logging-support#358

Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @dependabot[bot] in SAP/cf-java-logging-support#357

Bump mockito.version from 5.22.0 to 5.23.0 by @dependabot[bot] in SAP/cf-java-logging-support#353

Create final Release 4.1.1 by @KarstenSchnitter in SAP/cf-java-logging-support#359

Full Changelog: SAP/cf-java-logging-support@4.1.0...4.1.1

Commits

75311c5 Create Final Release 4.1.1
0d6e0c6 Remove unused constants
94bd069 Add new VALUE attribute type
21b9cbe Handle deprecation of Logback Markers
b1eed21 Bump mockito.version from 5.22.0 to 5.23.0
de42cb6 Bump org.apache.maven.plugins:maven-compiler-plugin
021a541 Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2
6a4218f Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources
d557bc8 Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 (#348)
6f0efb2 Bump io.opentelemetry.javaagent:opentelemetry-javaagent
Additional commits viewable in compare view

Updates com.sap.hcp.cf.logging:cf-java-logging-support-logback from 4.1.0 to 4.1.1

Release notes

Sourced from com.sap.hcp.cf.logging:cf-java-logging-support-logback's releases.

4.1.1

What's Changed

This release upgrades dependencies to match Spring Boot 3.5.12 and the latest OpenTelemetry Java Agent 2.25.0. It also contains a fix for the Dynatrace token-name property.

Details

Bump ch.qos.logback:logback-classic from 1.5.23 to 1.5.24 by @dependabot[bot] in SAP/cf-java-logging-support#331

Fix Dynatrace Token-Name property by @KarstenSchnitter in SAP/cf-java-logging-support#341

Bump org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0 by @dependabot[bot] in SAP/cf-java-logging-support#333

Bump org.codehaus.mojo:buildnumber-maven-plugin from 3.2.1 to 3.3.0 by @dependabot[bot] in SAP/cf-java-logging-support#335

Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 by @dependabot[bot] in SAP/cf-java-logging-support#340

Bump mockito.version from 5.21.0 to 5.22.0 by @dependabot[bot] in SAP/cf-java-logging-support#351

Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.32 by @dependabot[bot] in SAP/cf-java-logging-support#350

Minor Version upgrade of Spring Boot to v3.5.12 by @KarstenSchnitter in SAP/cf-java-logging-support#352

Bump com.auth0:java-jwt from 4.5.0 to 4.5.1 by @dependabot[bot] in SAP/cf-java-logging-support#342

Bump io.opentelemetry.javaagent:opentelemetry-javaagent from 2.23.0 to 2.25.0 by @dependabot[bot] in SAP/cf-java-logging-support#346

Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 by @dependabot[bot] in SAP/cf-java-logging-support#348

Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources from 1.52.0-alpha to 1.54.0-alpha by @dependabot[bot] in SAP/cf-java-logging-support#349

Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in SAP/cf-java-logging-support#358

Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @dependabot[bot] in SAP/cf-java-logging-support#357

Bump mockito.version from 5.22.0 to 5.23.0 by @dependabot[bot] in SAP/cf-java-logging-support#353

Create final Release 4.1.1 by @KarstenSchnitter in SAP/cf-java-logging-support#359

Full Changelog: SAP/cf-java-logging-support@4.1.0...4.1.1

Commits

75311c5 Create Final Release 4.1.1
0d6e0c6 Remove unused constants
94bd069 Add new VALUE attribute type
21b9cbe Handle deprecation of Logback Markers
b1eed21 Bump mockito.version from 5.22.0 to 5.23.0
de42cb6 Bump org.apache.maven.plugins:maven-compiler-plugin
021a541 Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2
6a4218f Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources
d557bc8 Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 (#348)
6f0efb2 Bump io.opentelemetry.javaagent:opentelemetry-javaagent
Additional commits viewable in compare view

Updates com.sap.hcp.cf.logging:cf-java-logging-support-servlet from 4.1.0 to 4.1.1

Release notes

Sourced from com.sap.hcp.cf.logging:cf-java-logging-support-servlet's releases.

4.1.1

What's Changed

This release upgrades dependencies to match Spring Boot 3.5.12 and the latest OpenTelemetry Java Agent 2.25.0. It also contains a fix for the Dynatrace token-name property.

Details

Bump ch.qos.logback:logback-classic from 1.5.23 to 1.5.24 by @dependabot[bot] in SAP/cf-java-logging-support#331

Fix Dynatrace Token-Name property by @KarstenSchnitter in SAP/cf-java-logging-support#341

Bump org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0 by @dependabot[bot] in SAP/cf-java-logging-support#333

Bump org.codehaus.mojo:buildnumber-maven-plugin from 3.2.1 to 3.3.0 by @dependabot[bot] in SAP/cf-java-logging-support#335

Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 by @dependabot[bot] in SAP/cf-java-logging-support#340

Bump mockito.version from 5.21.0 to 5.22.0 by @dependabot[bot] in SAP/cf-java-logging-support#351

Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.32 by @dependabot[bot] in SAP/cf-java-logging-support#350

Minor Version upgrade of Spring Boot to v3.5.12 by @KarstenSchnitter in SAP/cf-java-logging-support#352

Bump com.auth0:java-jwt from 4.5.0 to 4.5.1 by @dependabot[bot] in SAP/cf-java-logging-support#342

Bump io.opentelemetry.javaagent:opentelemetry-javaagent from 2.23.0 to 2.25.0 by @dependabot[bot] in SAP/cf-java-logging-support#346

Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 by @dependabot[bot] in SAP/cf-java-logging-support#348

Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources from 1.52.0-alpha to 1.54.0-alpha by @dependabot[bot] in SAP/cf-java-logging-support#349

Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in SAP/cf-java-logging-support#358

Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @dependabot[bot] in SAP/cf-java-logging-support#357

Bump mockito.version from 5.22.0 to 5.23.0 by @dependabot[bot] in SAP/cf-java-logging-support#353

Create final Release 4.1.1 by @KarstenSchnitter in SAP/cf-java-logging-support#359

Full Changelog: SAP/cf-java-logging-support@4.1.0...4.1.1

Commits

75311c5 Create Final Release 4.1.1
0d6e0c6 Remove unused constants
94bd069 Add new VALUE attribute type
21b9cbe Handle deprecation of Logback Markers
b1eed21 Bump mockito.version from 5.22.0 to 5.23.0
de42cb6 Bump org.apache.maven.plugins:maven-compiler-plugin
021a541 Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2
6a4218f Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources
d557bc8 Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 (#348)
6f0efb2 Bump io.opentelemetry.javaagent:opentelemetry-javaagent
Additional commits viewable in compare view

Updates com.sap.hcp.cf.logging:cf-java-logging-support-logback from 4.1.0 to 4.1.1

Release notes

Sourced from com.sap.hcp.cf.logging:cf-java-logging-support-logback's releases.

4.1.1

What's Changed

This release upgrades dependencies to match Spring Boot 3.5.12 and the latest OpenTelemetry Java Agent 2.25.0. It also contains a fix for the Dynatrace token-name property.

Details

Bump ch.qos.logback:logback-classic from 1.5.23 to 1.5.24 by @dependabot[bot] in SAP/cf-java-logging-support#331

Fix Dynatrace Token-Name property by @KarstenSchnitter in SAP/cf-java-logging-support#341

Bump org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0 by @dependabot[bot] in SAP/cf-java-logging-support#333

Bump org.codehaus.mojo:buildnumber-maven-plugin from 3.2.1 to 3.3.0 by @dependabot[bot] in SAP/cf-java-logging-support#335

Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 by @dependabot[bot] in SAP/cf-java-logging-support#340

Bump mockito.version from 5.21.0 to 5.22.0 by @dependabot[bot] in SAP/cf-java-logging-support#351

Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.32 by @dependabot[bot] in SAP/cf-java-logging-support#350

Minor Version upgrade of Spring Boot to v3.5.12 by @KarstenSchnitter in SAP/cf-java-logging-support#352

Bump com.auth0:java-jwt from 4.5.0 to 4.5.1 by @dependabot[bot] in SAP/cf-java-logging-support#342

Bump io.opentelemetry.javaagent:opentelemetry-javaagent from 2.23.0 to 2.25.0 by @dependabot[bot] in SAP/cf-java-logging-support#346

Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 by @dependabot[bot] in SAP/cf-java-logging-support#348

Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources from 1.52.0-alpha to 1.54.0-alpha by @dependabot[bot] in SAP/cf-java-logging-support#349

Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in SAP/cf-java-logging-support#358

Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @dependabot[bot] in SAP/cf-java-logging-support#357

Bump mockito.version from 5.22.0 to 5.23.0 by @dependabot[bot] in SAP/cf-java-logging-support#353

Create final Release 4.1.1 by @KarstenSchnitter in SAP/cf-java-logging-support#359

Full Changelog: SAP/cf-java-logging-support@4.1.0...4.1.1

Commits

75311c5 Create Final Release 4.1.1
0d6e0c6 Remove unused constants
94bd069 Add new VALUE attribute type
21b9cbe Handle deprecation of Logback Markers
b1eed21 Bump mockito.version from 5.22.0 to 5.23.0
de42cb6 Bump org.apache.maven.plugins:maven-compiler-plugin
021a541 Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2
6a4218f Bump io.opentelemetry.contrib:opentelemetry-cloudfoundry-resources
d557bc8 Bump opentelemetry.sdk.version from 1.57.0 to 1.60.1 (#348)
6f0efb2 Bump io.opentelemetry.javaagent:opentelemetry-javaagent
Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.11 to 3.5.13

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.5.13

⚠️ Attention Required

Jackson has been upgraded to 2.21.2 in response to the Jackson team ending support for Jackson 2.19.x and 2.20.x. #49365

🐞 Bug Fixes

WebSocket messaging's task executors are only auto-configured and stompWebSocketHandlerMapping is only forced to be eager when using Jackson #49750

Metadata annotation processor ignores method-level @NestedConfigurationProperty when using constructor binding #49734

Override of property in external 'application.properties' or 'application.yaml' is ignored #49724

Some sliced tests that import TransactionAutoConfiguration do not import TransactionManagerCustomizationAutoConfiguration #49716

NativeImageResourceProvider does not find Flyway migration scripts in subdirectories #49661

@GraphQlTest does not include @ControllerAdvice #49660

📔 Documentation

Fix incorrect indefinite articles in Javadoc #49723

Add some more Kotlin examples and trivial style fixes #49710

🔨 Dependency Upgrades

Upgrade to Hibernate 6.6.45.Final #49757

Upgrade to jOOQ 3.19.31 #49758

Upgrade to Netty 4.1.132.Final #49759

Upgrade to Tomcat 10.1.53 #49760

Upgrade to Undertow 2.3.24.Final #49761

Upgrade to Zipkin Reporter 3.5.3 #49756

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Joowon-Seo, @deejay1, @dlwldnjs1009, and @ljrmorgan

v3.5.12

🐞 Bug Fixes

EndpointRequest request matcher for health groups is too complex #49648

"/cloudfoundryapplication" web path is not limited to Actuator #49645

RSocket exposes duplicate endpoint for websocket setups #49592

Fix EndpointRequest.toLinks() when base-path is '/' #49591

SpringBootContextLoader mentions class that no longer exists in message for classes or locations assertion #49518

"spring.main.cloud-platform=none" does not disable cloud features #49478

Using @AutoConfigureWebTestClient prevents separate configuration of spring.test.webtestclient.timeout from taking effect #49340

Ordering of 'spring.config.import' is inconsistent when defined in environment or system properties #49324

RouterFunctions descriptions in Actuator do not support nesting #49289

Maven plugin does not set '-parameters' option when processing AOT code #49268

SSL support with Docker Compose does not work as documented #49210

Docker fails when a 'tcp://' address ends with a slash (for example 'tcp://docker:2375/') #49055

... (truncated)

Commits

4a4c79f Release v3.5.13
696a60e Full auto-configure transaction management in slice tests
4b37ecb Upgrade to Undertow 2.3.24.Final
32a51d5 Upgrade to Tomcat 10.1.53
0934296 Upgrade to Netty 4.1.132.Final
851ddda Upgrade to jOOQ 3.19.31
ef876fe Upgrade to Hibernate 6.6.45.Final
2841d87 Upgrade to Zipkin Reporter 3.5.3
025b527 Fix WebSocketMessagingAutoConfiguration in the absence of Jackson
3282672 Make DevTools tests more tolerant to wrapped DataSource
Additional commits viewable in compare view

Updates com.sap.cloud.security:java-bom from 3.6.8 to 3.6.9

Release notes

Sourced from com.sap.cloud.security:java-bom's releases.

3.6.9

Fix token exchange logic in DefaultIdTokenExtension to correctly identify App2App tokens that require exchange (where aud contains a single audience different from azp)

Changelog

Sourced from com.sap.cloud.security:java-bom's changelog.

3.6.9

Fix token exchange logic in DefaultIdTokenExtension to correctly identify App2App tokens that require exchange (where aud contains a single audience different from azp)

Commits

2c6f46b fix: Correct token exchange logic for App2App flows in DefaultIdTokenExtensio...
See full diff in compare view

Updates com.diffplug.spotless:spotless-maven-plugin from 3.3.0 to 3.4.0

Release notes

Sourced from com.diffplug.spotless:spotless-maven-plugin's releases.

Maven Plugin v3.4.0

Added

Add tableTest format type for standalone .table files. (#2880)

Changes

Bump default tabletest-formatter version 1.0.1 -> 1.1.1, now works with Java 17+. (#2880)

Lib v3.3.1

Fixed

GitPrePushHookInstaller didn't work on windows, now fixed. (#2562)

Changelog

Sourced from com.diffplug.spotless:spotless-maven-plugin's changelog.

spotless-lib and spotless-lib-extra releases

If you are a Spotless user (as opposed to developer), then you are probably looking for:

https://github.com/diffplug/spotless/blob/main/plugin-gradle/CHANGES.md

https://github.com/diffplug/spotless/blob/main/plugin-maven/CHANGES.md

This document is intended for Spotless developers.

We adhere to the keepachangelog format (starting after version 1.27.0).

[Unreleased]

[4.5.0] - 2026-03-18

Added

Add tableTest format type for standalone .table files. (#2880)

Changes

Bump default tabletest-formatter version 1.0.1 -> 1.1.1, now works with Java 17+. (#2880)

[4.4.0] - 2026-03-02

Added

Add tabletest-formatter support for Java and Kotlin. (#2860)

Fixed

Fix the ability to specify a wildcard version (*) for external formatter exec...
Description has been truncated

…ates Bumps the all-maven-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.11` | `3.5.13` | | [com.sap.cloud.security:java-bom](https://github.com/SAP/cloud-security-xsuaa-integration) | `3.6.8` | `3.6.9` | | [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) | `3.3.0` | `3.4.0` | | [com.sap.hcp.cf.logging:cf-java-logging-support-servlet](https://github.com/SAP/cf-java-logging-support) | `4.1.0` | `4.1.1` | | [com.sap.hcp.cf.logging:cf-java-logging-support-logback](https://github.com/SAP/cf-java-logging-support) | `4.1.0` | `4.1.1` | Bumps the all-maven-dependencies group with 5 updates in the /srv directory: | Package | From | To | | --- | --- | --- | | [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.11` | `3.5.13` | | [com.sap.cloud.security:java-bom](https://github.com/SAP/cloud-security-xsuaa-integration) | `3.6.8` | `3.6.9` | | [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) | `3.3.0` | `3.4.0` | | [com.sap.hcp.cf.logging:cf-java-logging-support-servlet](https://github.com/SAP/cf-java-logging-support) | `4.1.0` | `4.1.1` | | [com.sap.hcp.cf.logging:cf-java-logging-support-logback](https://github.com/SAP/cf-java-logging-support) | `4.1.0` | `4.1.1` | Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.11 to 3.5.13 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.11...v3.5.13) Updates `com.sap.cloud.security:java-bom` from 3.6.8 to 3.6.9 - [Release notes](https://github.com/SAP/cloud-security-xsuaa-integration/releases) - [Changelog](https://github.com/SAP/cloud-security-services-integration-library/blob/main/CHANGELOG.md) - [Commits](SAP/cloud-security-services-integration-library@3.6.8...3.6.9) Updates `com.diffplug.spotless:spotless-maven-plugin` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/diffplug/spotless/releases) - [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md) - [Commits](diffplug/spotless@lib/3.3.0...maven/3.4.0) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-servlet` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-logback` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-logback` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-servlet` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-logback` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.11 to 3.5.13 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.11...v3.5.13) Updates `com.sap.cloud.security:java-bom` from 3.6.8 to 3.6.9 - [Release notes](https://github.com/SAP/cloud-security-xsuaa-integration/releases) - [Changelog](https://github.com/SAP/cloud-security-services-integration-library/blob/main/CHANGELOG.md) - [Commits](SAP/cloud-security-services-integration-library@3.6.8...3.6.9) Updates `com.diffplug.spotless:spotless-maven-plugin` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/diffplug/spotless/releases) - [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md) - [Commits](diffplug/spotless@lib/3.3.0...maven/3.4.0) Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.11 to 3.5.13 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.11...v3.5.13) Updates `com.sap.cloud.security:java-bom` from 3.6.8 to 3.6.9 - [Release notes](https://github.com/SAP/cloud-security-xsuaa-integration/releases) - [Changelog](https://github.com/SAP/cloud-security-services-integration-library/blob/main/CHANGELOG.md) - [Commits](SAP/cloud-security-services-integration-library@3.6.8...3.6.9) Updates `com.diffplug.spotless:spotless-maven-plugin` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/diffplug/spotless/releases) - [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md) - [Commits](diffplug/spotless@lib/3.3.0...maven/3.4.0) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-servlet` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-logback` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-logback` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-servlet` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `com.sap.hcp.cf.logging:cf-java-logging-support-logback` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/SAP/cf-java-logging-support/releases) - [Commits](SAP/cf-java-logging-support@4.1.0...4.1.1) Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.11 to 3.5.13 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.11...v3.5.13) Updates `com.sap.cloud.security:java-bom` from 3.6.8 to 3.6.9 - [Release notes](https://github.com/SAP/cloud-security-xsuaa-integration/releases) - [Changelog](https://github.com/SAP/cloud-security-services-integration-library/blob/main/CHANGELOG.md) - [Commits](SAP/cloud-security-services-integration-library@3.6.8...3.6.9) Updates `com.diffplug.spotless:spotless-maven-plugin` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/diffplug/spotless/releases) - [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md) - [Commits](diffplug/spotless@lib/3.3.0...maven/3.4.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-version: 3.5.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.cloud.security:java-bom dependency-version: 3.6.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.diffplug.spotless:spotless-maven-plugin dependency-version: 3.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-servlet dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-logback dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-logback dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-servlet dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-logback dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-version: 3.5.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.cloud.security:java-bom dependency-version: 3.6.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.diffplug.spotless:spotless-maven-plugin dependency-version: 3.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-maven-dependencies - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-version: 3.5.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.cloud.security:java-bom dependency-version: 3.6.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.diffplug.spotless:spotless-maven-plugin dependency-version: 3.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-servlet dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-logback dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-logback dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-servlet dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.hcp.cf.logging:cf-java-logging-support-logback dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-version: 3.5.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.sap.cloud.security:java-bom dependency-version: 3.6.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-maven-dependencies - dependency-name: com.diffplug.spotless:spotless-maven-plugin dependency-version: 3.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-maven-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Mar 30, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all-maven-dependencies group across 2 directories with 5 updates#633

Bump the all-maven-dependencies group across 2 directories with 5 updates#633
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/all-maven-dependencies-b3e36eab1d

dependabot bot commented on behalf of github Mar 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Mar 30, 2026

v3.5.13

⚠️ Attention Required

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

❤️ Contributors

v3.5.12

🐞 Bug Fixes

3.6.9

3.6.9

Maven Plugin v3.4.0

Added

Changes

Lib v3.3.1

Fixed

spotless-lib and spotless-lib-extra releases

[Unreleased]

[4.5.0] - 2026-03-18

Added

Changes

[4.4.0] - 2026-03-02

Added

Fixed

[4.3.0] - 2026-01-27

Added

Fixed

[4.2.0] - 2026-01-22

Added

Fixed

Changes

[4.1.0] - 2025-11-18

Changes

4.1.1

What's Changed

Details

4.1.1

What's Changed

Details

4.1.1

What's Changed

Details

4.1.1

What's Changed

Details

4.1.1

What's Changed

Details

v3.5.13

⚠️ Attention Required

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

❤️ Contributors

v3.5.12

🐞 Bug Fixes

3.6.9

3.6.9

Maven Plugin v3.4.0

Added

Changes

Lib v3.3.1

Fixed

spotless-lib and spotless-lib-extra releases

[Unreleased]

[4.5.0] - 2026-03-18

Added

Changes

[4.4.0] - 2026-03-02

Added

Fixed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!