Skip to content

Bump the maven group across 1 directory with 2 updates#180

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/maven/maven-e61ff0fe07
Sep 8, 2025
Merged

Bump the maven group across 1 directory with 2 updates#180
github-actions[bot] merged 1 commit intomainfrom
dependabot/maven/maven-e61ff0fe07

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Sep 8, 2025

Bumps the maven group with 2 updates in the / directory: org.projectlombok:lombok and org.springframework.boot:spring-boot-dependencies.

Updates org.projectlombok:lombok from 1.18.38 to 1.18.40

Changelog

Sourced from org.projectlombok:lombok's changelog.

v1.18.40 (September 4th, 2025)

  • PLATFORM: JDK25 support added #3859.
  • BUGFIX: Recent versions of eclipse (or the eclipse-based java lang server for VSCode) caused java.lang.IllegalArgumentException: Document does not match the AST. [Issue #3886](projectlombok/lombok#3886).
  • PERFORMANCE: @ExtensionMethod is now significantly faster [Issue #3866](projectlombok/lombok#3866).
  • BUGFIX: the command line config tool would emit incorrect output for nullity annotations. [Issue #3931](projectlombok/lombok#3931).
  • FEATURE: @Jacksonized @Accessors(fluent=true) automatically creates the relevant annotations such that Jackson correctly identifies fluent accessors. [Issue #3265](projectlombok/lombok#3265), [Issue #3270](projectlombok/lombok#3270).
  • IMPROBABLE BREAKING CHANGE: From versions 1.18.16 to 1.18.38, lombok automatically copies certain Jackson annotations (e.g., @JsonProperty) from fields to the corresponding accessors (getters/setters). However, it turned out to be harmful in certain situations. Thus, Lombok does not automatically copy those annotations any more. You can restore the old behavior using the config key lombok.copyJacksonAnnotationsToAccessors = true.
Commits
  • 0187946 [release] pre-release version bump for v1.18.40
  • 3c0b6a8 [changelog] Replace PRs with issues, add #3866 fi and #3931 fix.
  • 4ae2db7 Merge pull request #3889 from Rawi01/extensionmethod-name-check
  • 7eee00a [fixes #3931] Proper output for config tool addNullAnnotations
  • 3392bb9 [fixes #3866] Check extension method name before resolving types
  • 87e8af4 [comment] Added explanation: We skip ecj check on `NonNullOnRecordExistingCon...
  • 1255ae0 [optimisation] Avoid making a pointless arraylist in 90% of cases.
  • 7aa264e Merge pull request #3888 from Rawi01/eclipse-record-refactoring
  • fb4651b [changelog] Logged: JDK25 support.
  • 6648115 Merge branch 'jdk25'
  • Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-dependencies from 3.5.4 to 3.5.5

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.5.5

🐞 Bug Fixes

  • Hazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error #46909
  • Performance critical tracing code has high overhead due to the use of the Stream API #46844
  • SpringLiquibaseCustomizer is exposed outside its defined visibility scope #46758
  • Race condition in OutputCapture can result in stale data #46721
  • Auto-configured WebClient no longer uses context's ReactorResourceFactory #46673
  • Default value not detected for a field annoted with @Name #46666
  • Missing metadata when using @Name with a constructor-bound property #46663
  • Missing property for Spring Authorization Server's PAR endpoint #46641
  • Property name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location #46636
  • Memory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true #46634
  • Auto-configured MockMvc ignores @FilterRegistration annotation #46605
  • Failure to discover default value for a primitive should not lead to document its default value #46561

📔 Documentation

  • Kotlin samples for configuration metadata are in the wrong package #46857
  • Observability examples in the reference guide are missing the Kotlin version #46798
  • Align method descriptions for SslOptions getCiphers and getEnabledProtocols with @returns #46769
  • Tracing samples in the reference guide are missing the Kotlin version #46767
  • Improve Virtual Threads section to mention the changes in Java 24 #46610
  • spring.test.webtestclient.timeout is not documented #46588
  • spring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules #46585
  • Adapt deprecation level for management.health.influxdb.enabled #46580
  • spring.test.mockmvc properties are not documented #46578

🔨 Dependency Upgrades

  • Upgrade to Angus Mail 2.0.4 #46725
  • Upgrade to AssertJ 3.27.4 #46726
  • Upgrade to Byte Buddy 1.17.7 #46883
  • Upgrade to Couchbase Client 3.8.3 #46794
  • Upgrade to Elasticsearch Client 8.18.5 #46830
  • Upgrade to Hibernate 6.6.26.Final #46884
  • Upgrade to Hibernate Validator 8.0.3.Final #46728
  • Upgrade to HikariCP 6.3.2 #46729
  • Upgrade to Jersey 3.1.11 #46730
  • Upgrade to Jetty 12.0.25 #46831
  • Upgrade to Jetty Reactive HTTPClient 4.0.11 #46885
  • Upgrade to jOOQ 3.19.25 #46808
  • Upgrade to MariaDB 3.5.5 #46779
  • Upgrade to Maven Javadoc Plugin 3.11.3 #46886
  • Upgrade to Micrometer 1.15.3 #46701
  • Upgrade to Micrometer Tracing 1.5.3 #46702
  • Upgrade to MySQL 9.4.0 #46732
  • Upgrade to Netty 4.1.124.Final #46832
  • Upgrade to Pulsar 4.0.6 #46733
  • Upgrade to Reactor Bom 2024.0.9 #46703

... (truncated)

Commits
  • 3537d25 Release v3.5.5
  • a22e28e Merge branch '3.4.x' into 3.5.x
  • 4cb8c8a Next development version (v3.4.10-SNAPSHOT)
  • 9d205e2 Merge branch '3.4.x' into 3.5.x
  • 47b0632 Merge pull request #46927 from izeye
  • 8b71458 Adapt checkstyle rules for 3.4.x
  • fb99bad Remove redundant suppressions from Checkstyle configuration
  • 8af836a Upgrade to Spring RESTDocs 3.0.5
  • ae6c6a5 Merge branch '3.4.x' into 3.5.x
  • b6bae9f Upgrade to Spring RESTDocs 3.0.5
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the maven group across 1 directory with 2 updates
231860d 
Bumps the maven group with 2 updates in the / directory: [org.projectlombok:lombok](https://github.com/projectlombok/lombok) and [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot).


Updates `org.projectlombok:lombok` from 1.18.38 to 1.18.40
- [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown)
- [Commits](projectlombok/lombok@v1.18.38...v1.18.40)

Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.4 to 3.5.5
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.4...v3.5.5)

---
updated-dependencies:
- dependency-name: org.projectlombok:lombok
  dependency-version: 1.18.40
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 3.5.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Sep 8, 2025
@github-actions github-actions Bot merged commit e41c14b into main Sep 8, 2025
2 of 4 checks passed
@dependabot dependabot Bot deleted the dependabot/maven/maven-e61ff0fe07 branch September 8, 2025 18:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants