Bump the java group with 6 updates #2409

dependabot · 2025-10-20T08:31:28Z

Bumps the java group with 6 updates:

Package	From	To
ch.qos.logback:logback-core	`1.5.19`	`1.5.20`
ch.qos.logback:logback-classic	`1.5.19`	`1.5.20`
org.springframework:spring-web	`6.2.11`	`6.2.12`
io.swagger.core.v3:swagger-annotations-jakarta	`2.2.38`	`2.2.39`
org.apache.activemq:artemis-jms-server	`2.42.0`	`2.43.0`
com.hazelcast:hazelcast-spring	`5.5.0`	`5.6.0`

Updates ch.qos.logback:logback-core from 1.5.19 to 1.5.20

Commits

930fb15 prepare release 1.5.20
0b4432a provide an alternative to Janino based conditional configuration processing -...
258558f provide an alternative to Janino based conditional configuration processing -...
ee77a70 provide an alternative to Janino based conditional configuration processing -...
5ca7ce8 provide an alternative to Janino based conditional configuration processing -...
728803f fix typo
aa5eeb1 start work on version 1.5.20-SNAPSHOT
See full diff in compare view

Updates ch.qos.logback:logback-classic from 1.5.19 to 1.5.20

Commits

930fb15 prepare release 1.5.20
0b4432a provide an alternative to Janino based conditional configuration processing -...
258558f provide an alternative to Janino based conditional configuration processing -...
ee77a70 provide an alternative to Janino based conditional configuration processing -...
5ca7ce8 provide an alternative to Janino based conditional configuration processing -...
728803f fix typo
aa5eeb1 start work on version 1.5.20-SNAPSHOT
See full diff in compare view

Updates org.springframework:spring-web from 6.2.11 to 6.2.12

Release notes

Sourced from org.springframework:spring-web's releases.

v6.2.12

⭐ New Features

Add "forEachByte" variant to DataBuffer for efficient traversing #35623

Nested transaction support via savepoints is broken in HSQLDB database [followup] #35618

Improve exception handling in ConfigurationClassBeanDefinitionReader #35631

Add MySQL/MariaDB to TableMetaDataProviderFactory for correct generated-keys support #35593

Optimize state management in StompSubProtocolHandler #35591

ServletServerHttpRequest.getRemoteAddress() may perform DNS lookup #35589

Emit log message when multiple primary beans are detected #35550

Duplicate key error is mapped to TransientDataAccessException by SQLStateSQLExceptionTranslator for BatchUpdateException #35547

Remove redundant object allocation in cglib proxy method calls #35543

Remove deprecation on CandidateComponentsIndex and CandidateComponentsIndexLoader #35472

Processing response with no Content-Length header and no body raises EOFException #35361

🐞 Bug Fixes

DefaultListableBeanFactory::getBeanNamesForType does not always return all bean names #35634

Consider defaultCandidate for scoped proxies #35627

Release data buffer in AbstractCharSequenceDecoder even when String creation fails #35625

PathMatchingResourcePatternResolver is not able to resolve file in SpringBoot Packaged JAR #35617

Prevent NoClassDefFoundError when Jetty Reactive HttpClient is not available #35608

Performance regression with Property Placeholder Resolution #35594

Retain order of produces media types in @ExceptionHandler #35587

Nested transaction support via savepoints is broken in HSQLDB database #35564

SpEL expression parser uses more CPU after upgrade to 6.2.9 #35556

Thread race during FactoryBean instantiations starting with 6.2 due to lenient locks #35545

Update parsed path handling in UrlHandlerFilter #35538

ResourceHttpMessageWriter.write has unexpected error handling for invalid range requests (offset > content length) #35536

AbstractTestNGSpringContextTests is not thread-safe regarding tracked exceptions #35528

UrlHandlerFilter breaks RequestDispatcher.forward() on Tomcat #35509

AbstractMockHttpServletRequestBuilder#buildRequest is not idempotent #35493

Add support for JvmDefault (default in Kotlin 2.2.20+) #35487

InstanceSupplierCodeGenerator fails to detect deprecated type on package private factory method #35486

Fix synchronization in ResponseBodyEmitter #35466

useCaches option in PathMatchingResourcePatternResolver not applied in special case #35465

Deadlock during context initialization due to EntityManager lock #35398

📔 Documentation

Improve guidance in WebFlux on how to join inbound and outbound streams in WebSocketHandler #35572

Fix idref example in reference manual #35560

Fix URI Patterns docs in WebMVC and WebFlux Request Mapping #35551

Allow event listener method declared with multiple event classes to take a single parameter that is assignable from all of those event classes #35506

Improve Task Javadoc about Runnable wrapping #35394

🔨 Dependency Upgrades

Upgrade to Micrometer 1.14.12 #35640

Upgrade to Reactor 2024.0.11 #35638

... (truncated)

Commits

e354390 Release v6.2.12
c53132e Polishing
03c3ec1 Fall back on remoteHost if remoteAddress is null
c88bfc5 Refactor state management in StompSubProtocolHandler
a96558c Revise commit 01acb805018da643a3c4320ff0e032aa998beda8
1612b7c Remove test prefixes
01acb80 Improve exception handling in ConfigurationClassBeanDefinitionReader
f4438ce Upgrade to Reactor 2024.0.11 and Micrometer 1.14.12
5033b9d Reset by-type cache for Object after registering a new singleton
d733023 Consistently apply fallback attribute to proxy definition as well
Additional commits viewable in compare view

Updates io.swagger.core.v3:swagger-annotations-jakarta from 2.2.38 to 2.2.39

Updates org.apache.activemq:artemis-jms-server from 2.42.0 to 2.43.0

Updates com.hazelcast:hazelcast-spring from 5.5.0 to 5.6.0

Release notes

Sourced from com.hazelcast:hazelcast-spring's releases.

v5.6.0

For the full release notes for this release, see https://docs.hazelcast.com/hazelcast/5.6/release-notes/5-6-0.

Commits

a9ce2a0 Upgrade version to 5.6.0
0c74a48 Fix Maven Central Publisher javadoc validation errors [REL-722][5.6.0] (#5436)
6dca350 Fix PartitionContainerImpl [5.6.0] (#5232)
23b166f Bump spring.boot.version to 3.5.6 to address CVE-2025-41249 [5.6.0] (#5...
1813672 Fix com.hazelcast.internal.dynamicconfig.DynamicConfigTest [5.6.0] (#5222)
1cc9f20 Explicit throw if ExplicitSuspicionOp received without master set [5.6.0] (#5...
f42fea2 Migrate to new Maven Central repositories [5.6.0] (#5205)
63fd7e3 Comment Spring Boot version usage in tests [5.6.0] (#5168)
ec455c4 Add missing postProcessBeanFactory for Spring 5 compatibility [5.6.0] (#5184)
9b8b92d Fix com.hazelcast.internal.diagnostics.DiagnosticsAutoOffTests.testAutoOff_do...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the java group with 6 updates: | Package | From | To | | --- | --- | --- | | [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) | `1.5.19` | `1.5.20` | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.19` | `1.5.20` | | [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `6.2.11` | `6.2.12` | | io.swagger.core.v3:swagger-annotations-jakarta | `2.2.38` | `2.2.39` | | org.apache.activemq:artemis-jms-server | `2.42.0` | `2.43.0` | | [com.hazelcast:hazelcast-spring](https://github.com/hazelcast/hazelcast) | `5.5.0` | `5.6.0` | Updates `ch.qos.logback:logback-core` from 1.5.19 to 1.5.20 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.19...v_1.5.20) Updates `ch.qos.logback:logback-classic` from 1.5.19 to 1.5.20 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.19...v_1.5.20) Updates `org.springframework:spring-web` from 6.2.11 to 6.2.12 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v6.2.11...v6.2.12) Updates `io.swagger.core.v3:swagger-annotations-jakarta` from 2.2.38 to 2.2.39 Updates `org.apache.activemq:artemis-jms-server` from 2.42.0 to 2.43.0 Updates `com.hazelcast:hazelcast-spring` from 5.5.0 to 5.6.0 - [Release notes](https://github.com/hazelcast/hazelcast/releases) - [Commits](hazelcast/hazelcast@v5.5.0...v5.6.0) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-core dependency-version: 1.5.20 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: java - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.20 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: java - dependency-name: org.springframework:spring-web dependency-version: 6.2.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: java - dependency-name: io.swagger.core.v3:swagger-annotations-jakarta dependency-version: 2.2.39 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: java - dependency-name: org.apache.activemq:artemis-jms-server dependency-version: 2.43.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: java - dependency-name: com.hazelcast:hazelcast-spring dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: java ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 20, 2025

alegauss merged commit 6e233ef into 2025.3 Oct 20, 2025
3 of 4 checks passed

dependabot bot deleted the dependabot/maven/2025.3/java-feb74d2c9c branch October 20, 2025 13:04

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Bump the java group with 6 updates #2409

Bump the java group with 6 updates #2409

Uh oh!

dependabot bot commented on behalf of github Oct 20, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Bump the java group with 6 updates #2409

Bump the java group with 6 updates #2409

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 20, 2025

v6.2.12

⭐ New Features

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

v5.6.0

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant