{"id":43179,"name":"com.fasterxml.jackson.core:jackson-databind","ecosystem":"gradle","repository_url":"https://github.com/FasterXML/jackson-databind","issues_count":15,"created_at":"2025-06-17T01:45:56.136Z","updated_at":"2025-06-17T01:45:56.136Z","purl":"pkg:maven/com.fasterxml.jackson.core:jackson-databind","metadata":{"id":4762525,"name":"com.fasterxml.jackson.core:jackson-databind","ecosystem":"maven","description":"General data-binding functionality for Jackson: works on core streaming API","homepage":"https://github.com/FasterXML/jackson","licenses":"The Apache Software License, Version 2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/FasterXML/jackson-databind","keywords_array":[],"namespace":"com.fasterxml.jackson.core","versions_count":209,"first_release_published_at":"2012-02-19T08:05:22.000Z","latest_release_published_at":"2025-06-14T01:13:55.000Z","latest_release_number":"2.19.1","last_synced_at":"2025-06-14T01:31:17.940Z","created_at":"2022-07-26T04:07:55.792Z","updated_at":"2025-06-14T01:31:18.908Z","registry_url":"https://central.sonatype.com/artifact/com.fasterxml.jackson.core/jackson-databind/","install_command":null,"documentation_url":"https://appdoc.app/artifact/com.fasterxml.jackson.core/jackson-databind/","metadata":{},"repo_metadata":{"uuid":"3038937","full_name":"FasterXML/jackson-databind","owner":"FasterXML","description":"General data-binding package for Jackson (2.x): works on streaming API (core) implementation(s)","archived":false,"fork":false,"pushed_at":"2023-03-14T03:53:17.000Z","size":76873,"stargazers_count":3234,"open_issues_count":467,"forks_count":1274,"subscribers_count":166,"default_branch":"2.15","last_synced_at":"2023-03-14T05:10:14.916Z","etag":null,"topics":["hacktoberfest","jackson","jackson-databind","json"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"logo_url":null,"metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null},"funding":{"tidelift":"maven/com.fasterxml.jackson.core:jackson-databind","github":"cowtowncoder"}},"created_at":"2011-12-23T07:17:41.000Z","updated_at":"2023-03-13T07:42:01.000Z","dependencies_parsed_at":"2023-01-16T18:30:50.391Z","dependency_job_id":null,"html_url":"https://github.com/FasterXML/jackson-databind","commit_stats":null,"repository_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FasterXML%2Fjackson-databind","tags_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FasterXML%2Fjackson-databind/tags","manifests_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FasterXML%2Fjackson-databind/manifests","owner_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FasterXML","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":108921946,"host_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names"},"owner_record":{"login":"FasterXML","name":"FasterXML, LLC","uuid":"382692","kind":"organization","description":null,"email":"info@fasterxml.com","website":"http://fasterxml.com","location":"Seattle, WA","twitter":null,"company":null,"avatar_url":"https://avatars.githubusercontent.com/u/382692?v=4","repositories_count":59,"last_synced_at":"2023-02-20T10:48:03.431Z","metadata":{"has_sponsors_listing":false},"owner_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FasterXML"},"tags":[{"name":"jackson-databind-2.7.9.2","sha":"9e170e1a28221cf273e8a63e01f1731a9fcd11bc","kind":"tag","published_at":"2017-12-20T03:24:32.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.9.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.9.2"},{"name":"jackson-databind-2.9.3","sha":"d4f5fc1b1e53774b85188da1b4ebd5ed09ff6aa5","kind":"tag","published_at":"2017-12-09T03:04:27.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.9.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.9.3"},{"name":"jackson-databind-2.9.2","sha":"eb137011061187975deedbf56342224e5fce7f5e","kind":"tag","published_at":"2017-10-14T03:28:24.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.9.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.9.2"},{"name":"jackson-databind-2.9.1","sha":"db38beac4658c7f7e197ca8fc2d2e681907d911e","kind":"tag","published_at":"2017-09-08T01:09:04.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.9.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.9.1"},{"name":"jackson-databind-2.8.10","sha":"0b6e589c1c0ee20854ac0efeafacbf2782fc9f1c","kind":"tag","published_at":"2017-08-24T04:26:49.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.10","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.10"},{"name":"jackson-databind-2.9.0","sha":"e969f0a31b781f5dfb74e16ddd5ee4b4fa36e8d8","kind":"tag","published_at":"2017-07-30T04:21:11.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.9.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.9.0"},{"name":"jackson-databind-2.6.7.1","sha":"f7abd682a7b2f8145ecff1c4e205073949f1e623","kind":"tag","published_at":"2017-07-11T04:11:01.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.7.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.7.1"},{"name":"jackson-databind-2.9.0.pr4","sha":"822ca4a7db3c3653cea1d0b493e4dfc53d56e15a","kind":"tag","published_at":"2017-06-17T01:19:35.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.9.0.pr4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.9.0.pr4"},{"name":"jackson-databind-2.8.9","sha":"c45ed8c4cbf6c29317bf4cf562558884fa698eec","kind":"tag","published_at":"2017-06-12T00:52:44.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.9","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.9"},{"name":"jackson-databind-2.9.0.pr3","sha":"7541ac546f49d61182d0262df7ca617ef3063bf1","kind":"tag","published_at":"2017-04-25T05:46:00.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.9.0.pr3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.9.0.pr3"},{"name":"jackson-databind-2.8.8.1","sha":"bb89b518edcc29b6d4ba2a12f5d215abd2bf20e1","kind":"tag","published_at":"2017-04-19T15:33:39.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.8.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.8.1"},{"name":"jackson-databind-2.7.9.1","sha":"8419c81fad9c7b884b6a02de7b5f1ce5700cbf32","kind":"tag","published_at":"2017-04-18T05:10:57.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.9.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.9.1"},{"name":"jackson-databind-2.8.8","sha":"2f93aedf142c98484e0627815e833dc680b88de1","kind":"tag","published_at":"2017-04-05T03:27:53.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.8","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.8"},{"name":"jackson-databind-2.9.0.pr2","sha":"418ee6e0a91401365982794cc9b18a55b26655e5","kind":"tag","published_at":"2017-03-22T03:27:28.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.9.0.pr2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.9.0.pr2"},{"name":"jackson-databind-2.9.0.pr1","sha":"d90fe4c654d1c1d54e24b15deae3ad0443b0f8f6","kind":"tag","published_at":"2017-03-02T18:44:40.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.9.0.pr1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.9.0.pr1"},{"name":"jackson-databind-2.8.7","sha":"b30845f718d50e1fe74d8d040d2a2ef08118371d","kind":"tag","published_at":"2017-02-21T01:06:10.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.7","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.7"},{"name":"jackson-databind-2.7.9","sha":"904b087a7d1075b65cfa30ea1e10ddc49f68d4fb","kind":"tag","published_at":"2017-02-04T19:21:14.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.9","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.9"},{"name":"jackson-databind-2.8.6","sha":"9dbe3d2dbe218d96a20681ef1d6c7ee78b065dcf","kind":"tag","published_at":"2017-01-12T04:39:11.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.6","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.6"},{"name":"jackson-databind-2.8.5","sha":"a9c018137ef2e7be5dad0f10d319475f16e976e8","kind":"tag","published_at":"2016-11-14T06:13:03.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.5","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.5"},{"name":"jackson-databind-2.8.4","sha":"e913b10a67910ee5084cba9c226816c728a1f376","kind":"tag","published_at":"2016-10-14T03:50:59.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.4"},{"name":"jackson-databind-2.7.8","sha":"753f460191133f5623ee3e24eac0dea6f20406ff","kind":"tag","published_at":"2016-09-26T14:50:00.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.8","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.8"},{"name":"jackson-databind-2.8.3","sha":"46ea49151b44cad33a8021ed2e8ce655089b2235","kind":"tag","published_at":"2016-09-18T01:29:37.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.3"},{"name":"jackson-databind-2.8.2","sha":"761d563caacd5affbc6dddf137332e96da6b9ab6","kind":"tag","published_at":"2016-08-30T00:43:14.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.2"},{"name":"jackson-databind-2.7.7","sha":"9fc02765ca4338d6ffe4334421cdc5034ecf9959","kind":"tag","published_at":"2016-08-26T21:52:59.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.7","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.7"},{"name":"jackson-databind-2.7.6","sha":"cca37af655ae31317b0aa8663f0dcddb3473bbcc","kind":"tag","published_at":"2016-07-23T02:36:54.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.6","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.6"},{"name":"jackson-databind-2.8.1","sha":"111e86d18cf460fff06292c3eb2c140475dd9308","kind":"tag","published_at":"2016-07-19T23:23:07.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.1"},{"name":"jackson-databind-2.8.0","sha":"81929fad84189ce59ef82e7a6d0df795eb0c7cdb","kind":"tag","published_at":"2016-07-04T05:49:20.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.8.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.8.0"},{"name":"jackson-databind-2.7.5","sha":"096314fb2f5ee0d69d207783710156d680fc96ff","kind":"tag","published_at":"2016-06-11T02:12:30.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.5","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.5"},{"name":"jackson-databind-2.6.7","sha":"4ef3de0d1b393f2e4dbe655b4684c0b31e96a5b1","kind":"tag","published_at":"2016-06-05T21:08:16.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.7","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.7"},{"name":"jackson-databind-2.7.4","sha":"ed6c4262324e0024f3d016b11307e4821b758f37","kind":"tag","published_at":"2016-04-29T15:45:13.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.4"},{"name":"jackson-databind-2.6.6","sha":"6c76749cad9d3e414e187d5d5880fa015fbf8bf7","kind":"tag","published_at":"2016-04-05T01:22:29.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.6","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.6"},{"name":"jackson-databind-2.7.3","sha":"ec8db26e537c32ec6b1f5535c48116cd54ea6c70","kind":"tag","published_at":"2016-03-16T01:26:28.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.3"},{"name":"jackson-databind-2.7.2","sha":"4069c66ca378cce5f78193057640d08029ffeba4","kind":"tag","published_at":"2016-02-27T04:35:41.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.2"},{"name":"jackson-databind-2.7.1-1","sha":"7be8815590d097f32eadaef017b6de2ebb2030b1","kind":"tag","published_at":"2016-02-04T00:30:41.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.1-1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.1-1"},{"name":"jackson-databind-2.7.1","sha":"ce9dc07af83f77568a613fd45a86f58c93ba1a02","kind":"tag","published_at":"2016-02-02T06:14:40.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.1"},{"name":"jackson-databind-2.6.5","sha":"55980bc9133c2d9e2a7a36b08a4392a31be17320","kind":"tag","published_at":"2016-01-19T04:54:02.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.5","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.5"},{"name":"jackson-databind-2.7.0","sha":"50791cc7856376949287e0be3e96147665ab8f68","kind":"tag","published_at":"2016-01-10T06:08:19.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.0"},{"name":"jackson-databind-2.7.0-rc3","sha":"97b469461c495ca3a85dfcac423ea1866c7ddb09","kind":"tag","published_at":"2016-01-06T06:22:42.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.0-rc3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.0-rc3"},{"name":"jackson-databind-2.7.0-rc2","sha":"4a066c67a771934496bc7020fbb18b32307f829c","kind":"tag","published_at":"2015-12-12T01:57:49.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.0-rc2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.0-rc2"},{"name":"jackson-databind-2.5.5","sha":"1e3d3ca4e74bbdd0240e14e71655fdb400bb51a3","kind":"tag","published_at":"2015-12-08T02:41:49.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.5.5","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.5.5"},{"name":"jackson-databind-2.6.4","sha":"1160115bf551da1a50081d701c716a5150cd87d2","kind":"tag","published_at":"2015-12-08T02:31:20.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.4"},{"name":"jackson-databind-2.7.0-rc1","sha":"02450fc97b9d3c7ce1f5256181abbaaa463005a4","kind":"tag","published_at":"2015-11-26T21:34:55.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.7.0-rc1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.7.0-rc1"},{"name":"jackson-databind-2.6.3","sha":"547ba8e7d2c1ed686b095c5253f96b038d39f87b","kind":"tag","published_at":"2015-10-12T18:30:25.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.3"},{"name":"jackson-databind-2.6.2","sha":"3739d9dfbf24b6822b90274ba346ad209eb289fd","kind":"tag","published_at":"2015-09-15T04:59:38.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.2"},{"name":"jackson-databind-2.6.1","sha":"060726b011b008496cd8bb0997ee94a6b73530d1","kind":"tag","published_at":"2015-08-10T05:25:49.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.1"},{"name":"jackson-databind-2.6.0","sha":"21f90cf247018c1286cc20544029782450dc270a","kind":"tag","published_at":"2015-07-19T18:37:46.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.0"},{"name":"jackson-databind-2.6.0-rc4","sha":"521515d6fb96f68e2049d8bedbfb2117770bfcc0","kind":"tag","published_at":"2015-07-11T03:42:03.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.0-rc4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.0-rc4"},{"name":"2.6.0-rc3b","sha":"485d444d9d26c2e1a12ad0697ce79066cdb5b8b3","kind":"tag","published_at":"2015-06-25T03:28:54.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/2.6.0-rc3b","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/2.6.0-rc3b"},{"name":"jackson-databind-2.5.4","sha":"f693ae583c7777478872da59ff473e58fda3434f","kind":"tag","published_at":"2015-06-10T01:42:29.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.5.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.5.4"},{"name":"jackson-databind-2.4.6.1","sha":"e21d7a73d57de235ee4d3718f9f9dede87715e72","kind":"tag","published_at":"2015-06-10T00:38:23.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.6.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.6.1"},{"name":"jackson-databind-2.6.0-rc2","sha":"b9a552cf9c89aaa8dc26895cb2ef72b738301870","kind":"tag","published_at":"2015-06-09T01:42:49.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.0-rc2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.0-rc2"},{"name":"jackson-databind-2.6.0-rc1","sha":"5286441eecb890778d7c524482bd41d583452d92","kind":"tag","published_at":"2015-05-19T03:15:08.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.6.0-rc1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.6.0-rc1"},{"name":"jackson-databind-2.5.3","sha":"a29cb29501ac6b3e6c8ca6fed876a4d7d52a7faa","kind":"tag","published_at":"2015-04-24T17:23:25.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.5.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.5.3"},{"name":"jackson-databind-2.4.6","sha":"ed7b0c3ac0b163c3cf9d71a5af10bc396655c233","kind":"tag","published_at":"2015-04-24T01:40:58.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.6","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.6"},{"name":"jackson-databind-2.5.2","sha":"636018b11cf7c23cc9647f0c11aaca1ba11a1935","kind":"tag","published_at":"2015-03-29T23:50:52.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.5.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.5.2"},{"name":"jackson-databind-2.4.5.1","sha":"19ac8a4aff21d5f2f57765b684675f21786771d3","kind":"tag","published_at":"2015-03-27T02:57:27.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.5.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.5.1"},{"name":"jackson-databind-2.5.1","sha":"bc5b910e790e5cbf460a60751127b647656e0cb7","kind":"tag","published_at":"2015-02-07T00:09:20.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.5.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.5.1"},{"name":"jackson-databind-2.3.5","sha":"c971ef156e231aea59ab3a1561761cef89bd9fd1","kind":"tag","published_at":"2015-01-14T06:27:42.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.3.5","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.3.5"},{"name":"jackson-databind-2.4.5","sha":"fe0462745d12cb6ca135a2d1bda26e1c68d6b687","kind":"tag","published_at":"2015-01-14T04:24:05.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.5","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.5"},{"name":"jackson-databind-2.5.0","sha":"9efc4abb22c664c492271bc9907bbfbf4f70889c","kind":"tag","published_at":"2015-01-02T01:44:08.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.5.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.5.0"},{"name":"jackson-databind-2.5.0-rc1","sha":"cd4381f08082b66115a7dbc39dae33a30ceb150a","kind":"tag","published_at":"2014-12-20T01:50:37.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.5.0-rc1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.5.0-rc1"},{"name":"jackson-databind-2.4.4","sha":"ecfe3f46aff79f6f51600841920010200b923d83","kind":"tag","published_at":"2014-11-25T02:26:47.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.4"},{"name":"jackson-databind-2.4.3","sha":"1f5dc0a4f67598266cd77f389ee808e15990477a","kind":"tag","published_at":"2014-10-03T06:23:10.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.3"},{"name":"jackson-databind-2.4.2","sha":"824bd1e3ca9d69e6490d9ce99e541663ceb3664b","kind":"tag","published_at":"2014-08-14T04:22:02.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.2"},{"name":"jackson-databind-2.3.4","sha":"27a2dcecebcb2b6a26868e4c321434643a601a19","kind":"tag","published_at":"2014-07-17T22:46:41.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.3.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.3.4"},{"name":"jackson-databind-2.4.1.3","sha":"1e6c8b0a442a124e6bbcc9267463a58f48c7876f","kind":"tag","published_at":"2014-07-15T05:31:48.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.1.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.1.3"},{"name":"jackson-databind-2.4.1.2","sha":"735b88abc3dea908bc59f7373f22d58a6cbb6d35","kind":"tag","published_at":"2014-07-12T22:26:10.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.1.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.1.2"},{"name":"jackson-databind-2.4.1.1","sha":"cbd3f169e8e32d130ac64c8853310577e766713c","kind":"tag","published_at":"2014-06-18T22:30:11.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.1.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.1.1"},{"name":"jackson-databind-2.4.1","sha":"7a095bcc66b228ea48e37c57eafd7d78ce5c090c","kind":"tag","published_at":"2014-06-18T02:10:46.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.1"},{"name":"jackson-databind-2.2.4","sha":"9dea88f68707f358f7b27cce97381b00112eb343","kind":"tag","published_at":"2014-06-11T00:29:12.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.2.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.2.4"},{"name":"jackson-databind-2.4.0","sha":"a5807c566af27b184731dd4eb7dfcc420962db32","kind":"tag","published_at":"2014-06-03T00:49:06.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.0"},{"name":"jackson-databind-2.4.0-rc3","sha":"1790b1b43c2575033ecca0817e2aae5fb607f3ce","kind":"tag","published_at":"2014-05-08T21:13:28.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.0-rc3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.0-rc3"},{"name":"jackson-databind-2.4.0-rc2","sha":"c48dd6fcdea43aefafa813979afb0c4835532db8","kind":"tag","published_at":"2014-04-30T15:31:10.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.0-rc2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.0-rc2"},{"name":"jackson-databind-2.4.0-rc1","sha":"75b97b8519f0d50c62523ad85170d80a197a2c86","kind":"tag","published_at":"2014-04-26T19:28:20.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.4.0-rc1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.4.0-rc1"},{"name":"jackson-databind-2.3.3","sha":"f685aac3469bc32db751990c40884f9370b904cc","kind":"tag","published_at":"2014-04-10T16:53:48.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.3.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.3.3"},{"name":"jackson-databind-2.3.2","sha":"2a2932873c70758628f445f53b11077650ac9e6d","kind":"tag","published_at":"2014-03-02T03:11:26.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.3.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.3.2"},{"name":"jackson-databind-2.3.1","sha":"8ec79ecf31523184c0062e1c69f6ca8da13009bf","kind":"tag","published_at":"2013-12-28T02:23:18.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.3.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.3.1"},{"name":"jackson-databind-2.3.0","sha":"0db57763dd4fca9a8adad1bbf2e96969df11abee","kind":"tag","published_at":"2013-11-14T05:19:56.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.3.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.3.0"},{"name":"jackson-databind-2.3.0-rc1","sha":"e2d273ec394f02a0e8d5d962f7d45821cc44aaef","kind":"tag","published_at":"2013-10-26T02:59:58.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.3.0-rc1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.3.0-rc1"},{"name":"jackson-databind-2.2.3","sha":"22a9ec205e4f400a4adfde76db75fe3c6c33f794","kind":"tag","published_at":"2013-08-23T03:22:41.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.2.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.2.3"},{"name":"jackson-databind-2.2.2","sha":"b8d01a7df1c1f3c682200fdefe99f5a7291f729d","kind":"tag","published_at":"2013-05-27T05:22:09.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.2.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.2.2"},{"name":"jackson-databind-2.2.1","sha":"1cb7e91cc8114b7ea2b584707cd021f44aeea5e3","kind":"tag","published_at":"2013-05-04T01:16:46.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.2.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.2.1"},{"name":"jackson-databind-2.1.5","sha":"4652fb9ec3c45a232a65272e0f50b324bcd24249","kind":"tag","published_at":"2013-05-03T03:08:15.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.1.5","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.1.5"},{"name":"2.2.0c","sha":"c63a436a43333cb4a0c385e6fab2401d77e69378","kind":"tag","published_at":"2013-04-23T04:02:21.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/2.2.0c","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/2.2.0c"},{"name":"jackson-databind-2.2.0","sha":"f03eb1d4f9b9e1841d65f57191f971d7425d8274","kind":"tag","published_at":"2013-04-23T02:51:20.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.2.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.2.0"},{"name":"jackson-databind-2.2.0-rc1","sha":"84785f8658a28adf30fbb55e55906ac55d874e22","kind":"tag","published_at":"2013-04-18T01:55:38.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.2.0-rc1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.2.0-rc1"},{"name":"jackson-databind-2.1.4","sha":"90f3125c222668255db99bcbb7fb2a6cb5d886e6","kind":"tag","published_at":"2013-02-26T23:13:55.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.1.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.1.4"},{"name":"jackson-databind-2.1.3","sha":"fef1a9992f3c314a9672a952d8dfd394959f9d6e","kind":"tag","published_at":"2013-01-19T21:10:37.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.1.3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.1.3"},{"name":"jackson-databind-2.1.2","sha":"88d0b78c0a94a02bdba778da298968085db8a164","kind":"tag","published_at":"2012-12-04T06:05:33.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.1.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.1.2"},{"name":"jackson-databind-2.1.1","sha":"e2455c786aa361b725f5cb14e246c32469c8efa5","kind":"tag","published_at":"2012-11-11T23:51:13.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.1.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.1.1"},{"name":"jackson-databind-2.1.0","sha":"e997f1270f6c3d5c1443755e51ecc580eaf943c6","kind":"tag","published_at":"2012-10-10T00:13:39.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.1.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.1.0"},{"name":"jackson-databind-2.0.6","sha":"391d11353cd8a5fb6f84d001105a37234a457a71","kind":"tag","published_at":"2012-09-06T03:19:05.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.6","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.6"},{"name":"jackson-databind-2.0.5","sha":"d82198dafdb99fe52e96f50c07046e43836a73e1","kind":"tag","published_at":"2012-07-27T22:58:16.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.5","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.5"},{"name":"jackson-databind-2.0.4","sha":"67cd09aba9f75f1ebbc664d7e929a6105ac3413b","kind":"tag","published_at":"2012-06-27T05:14:45.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.4","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.4"},{"name":"jackson-databind-2.0.2","sha":"3f186e18ad8bd349b28aacd7fb1fb34957b5b71e","kind":"tag","published_at":"2012-05-15T02:14:37.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.2"},{"name":"jackson-databind-2.0.1","sha":"a253fd38e6b975ce4e10ab6470dd8f57838a553c","kind":"tag","published_at":"2012-04-24T01:57:11.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.1"},{"name":"jackson-databind-2.0.0","sha":"e8df0987e3034d102ee6d704d30a05a2e3ac7089","kind":"tag","published_at":"2012-03-25T19:09:14.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.0","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.0"},{"name":"jackson-databind-2.0.0-RC3","sha":"f04929a744b10694a8af73cf1f33dfbb0226bbc4","kind":"tag","published_at":"2012-03-23T00:15:59.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.0-RC3","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.0-RC3"},{"name":"jackson-databind-2.0.0-RC2","sha":"ab22e8281836fd197bc6943e277f4aa0d0c953e3","kind":"tag","published_at":"2012-03-06T07:00:25.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.0-RC2","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.0-RC2"},{"name":"jackson-databind-2.0.0-RC1","sha":"9af5904b805fa07a00757fe2d24c1f931b502254","kind":"tag","published_at":"2012-02-19T08:03:58.000Z","download_url":"https://codeload.github.com/FasterXML/jackson-databind/tar.gz/jackson-databind-2.0.0-RC1","html_url":"https://github.com/FasterXML/jackson-databind/releases/tag/jackson-databind-2.0.0-RC1"}]},"repo_metadata_updated_at":"2023-03-21T21:47:17.173Z","dependent_packages_count":23566,"downloads":null,"downloads_period":null,"dependent_repos_count":244221,"rankings":{"downloads":null,"dependent_repos_count":0.0024044241404183697,"dependent_packages_count":0.0012022120702091848,"stargazers_count":5.802877294221368,"forks_count":4.350805482087041,"docker_downloads_count":0.00080147471347279,"average":2.031618177446502},"purl":"pkg:maven/com.fasterxml.jackson.core/jackson-databind","advisories":[{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTltNmYtN3hjcS04dmY4","url":"https://github.com/advisories/GHSA-9m6f-7xcq-8vf8","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:16:34.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36183","https://github.com/FasterXML/jackson-databind/issues/3003","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/12e23c962ffb4cf1857c5461d72ae54cc8008f29","https://github.com/advisories/GHSA-9m6f-7xcq-8vf8"],"source_kind":"github","identifiers":["GHSA-9m6f-7xcq-8vf8","CVE-2020-36183"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.5"},{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.7.00, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.459Z","updated_at":"2023-09-14T16:15:44.000Z","epss_percentage":0.02421,"epss_percentile":0.83686},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4MjItcjRyNS12OGpn","url":"https://github.com/advisories/GHSA-h822-r4r5-v8jg","title":"Polymorphic Typing issue in FasterXML jackson-databind","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10, 2.8.11.5, and 2.6.7.3. It is related to `com.zaxxer.hikari.HikariConfig`.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-09-23T18:33:25.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-14540","https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x","https://github.com/FasterXML/jackson-databind/issues/2410","https://github.com/FasterXML/jackson-databind/issues/2449","https://access.redhat.com/errata/RHSA-2019:3200","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E","https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E","https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E","https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html","https://seclists.org/bugtraq/2019/Oct/6","https://www.debian.org/security/2019/dsa-4542","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de","https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT","https://security.netapp.com/advisory/ntap-20191004-0002","https://github.com/advisories/GHSA-h822-r4r5-v8jg"],"source_kind":"github","identifiers":["GHSA-h822-r4r5-v8jg","CVE-2019-14540"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003c 2.6.7.3"},{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.8.11.5"},{"first_patched_version":"2.9.10","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:28.073Z","updated_at":"2024-03-15T00:58:38.000Z","epss_percentage":0.07082,"epss_percentile":0.9064},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM4aG0tN2hwcS03amhn","url":"https://github.com/advisories/GHSA-c8hm-7hpq-7jhg","title":"com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data","description":"FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-01-04T19:07:03.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-19362","https://github.com/FasterXML/jackson-databind/issues/2186","https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:0877","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8","https://github.com/advisories/GHSA-c8hm-7hpq-7jhg","https://issues.apache.org/jira/browse/TINKERPOP-2121","https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html","https://seclists.org/bugtraq/2019/May/68","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","http://www.securityfocus.com/bid/107985","https://github.com/FasterXML/jackson-databind/commit/72cd4025a229fb28ec133235003dd4616f70afaa","https://security.netapp.com/advisory/ntap-20190530-0003"],"source_kind":"github","identifiers":["GHSA-c8hm-7hpq-7jhg","CVE-2018-19362"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.3"},{"first_patched_version":"2.7.9.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.4"},{"first_patched_version":"2.8.11.3","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.2"},{"first_patched_version":"2.9.8","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.271Z","updated_at":"2025-06-07T01:09:51.603Z","epss_percentage":0.06777,"epss_percentile":0.90804},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW14OXYtZ21oNC1tZ3F3","url":"https://github.com/advisories/GHSA-mx9v-gmh4-mgqw","title":"Deserialization of Untrusted Data in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-01-04T19:07:01.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-19361","https://github.com/FasterXML/jackson-databind/issues/2186","https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:0877","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8","https://github.com/advisories/GHSA-mx9v-gmh4-mgqw","https://issues.apache.org/jira/browse/TINKERPOP-2121","https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html","https://seclists.org/bugtraq/2019/May/68","https://security.netapp.com/advisory/ntap-20190530-0003/","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","http://www.securityfocus.com/bid/107985"],"source_kind":"github","identifiers":["GHSA-mx9v-gmh4-mgqw","CVE-2018-19361"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.8.11.3","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.2"},{"first_patched_version":"2.7.9.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.4"},{"first_patched_version":"2.9.8","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.419Z","updated_at":"2023-01-09T05:03:46.000Z","epss_percentage":0.04063,"epss_percentile":0.87964},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmNnItMmM0cS0ydndn","url":"https://github.com/advisories/GHSA-rf6r-2c4q-2vwg","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-05-15T18:58:54.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-10968","https://github.com/FasterXML/jackson-databind/issues/2662","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/05d7e0e13f43e12db6a51726df12c8b4d8040676","https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88","https://security.netapp.com/advisory/ntap-20200403-0002","https://github.com/advisories/GHSA-rf6r-2c4q-2vwg"],"source_kind":"github","identifiers":["GHSA-rf6r-2c4q-2vwg","CVE-2020-10968"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.121Z","updated_at":"2024-03-15T00:50:18.000Z","epss_percentage":0.06632,"epss_percentile":0.90685},{"uuid":"GSA_kwCzR0hTQS1yZ3Y5LXE1NDMtcnFnNM4AAvJu","url":"https://github.com/advisories/GHSA-rgv9-q543-rqg4","title":"Uncontrolled Resource Consumption in FasterXML jackson-databind","description":"In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. This issue can only happen when the `UNWRAP_SINGLE_VALUE_ARRAYS` feature is explicitly enabled.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-10-03T00:00:31.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.2,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2022-42004","https://github.com/FasterXML/jackson-databind/issues/3582","https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490","https://security.gentoo.org/glsa/202210-21","https://www.debian.org/security/2022/dsa-5283","https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html","https://github.com/FasterXML/jackson-databind/commit/35de19e7144c4df8ab178b800ba86e80c3d84252","https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea","https://security.netapp.com/advisory/ntap-20221118-0008","https://github.com/advisories/GHSA-rgv9-q543-rqg4"],"source_kind":"github","identifiers":["GHSA-rgv9-q543-rqg4","CVE-2022-42004"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":44.17982064259438,"packages":[{"versions":[{"first_patched_version":"2.13.4","vulnerable_version_range":"\u003e= 2.13.0, \u003c 2.13.4"},{"first_patched_version":"2.12.7.1","vulnerable_version_range":"\u003c 2.12.7.1"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:11:50.357Z","updated_at":"2024-12-02T16:17:22.000Z","epss_percentage":0.00219,"epss_percentile":0.44791},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdoOGctM2oyYy1ycWo1","url":"https://github.com/advisories/GHSA-wh8g-3j2c-rqj5","title":"Serialization gadgets exploit in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:15:00.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-35490","https://github.com/FasterXML/jackson-databind/issues/2986","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d","https://security.netapp.com/advisory/ntap-20210122-0005","https://github.com/advisories/GHSA-wh8g-3j2c-rqj5"],"source_kind":"github","identifiers":["GHSA-wh8g-3j2c-rqj5","CVE-2020-35490"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.0.0, \u003c= 2.9.10.7"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:07.948Z","updated_at":"2024-03-15T00:28:08.000Z","epss_percentage":0.04749,"epss_percentile":0.88888},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMyNjUtMzd2ai1jd2Nj","url":"https://github.com/advisories/GHSA-c265-37vj-cwcc","title":"Deserialization of untrusted data in Jackson Databind","description":"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-06-18T14:44:48.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-14062","https://github.com/FasterXML/jackson-databind/issues/2704","https://github.com/FasterXML/jackson-databind/commit/99001cdb6807b5c7b170ec6a9092ecbb618ae79c","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625","https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/840eae2ca81c597a0010b2126f32dce17d384b70","https://security.netapp.com/advisory/ntap-20200702-0003","https://github.com/advisories/GHSA-c265-37vj-cwcc"],"source_kind":"github","identifiers":["GHSA-c265-37vj-cwcc","CVE-2020-14062"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.5","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:23.993Z","updated_at":"2024-06-25T13:46:04.000Z","epss_percentage":0.07706,"epss_percentile":0.9143},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnZ2otZnZ2My1jcXd2","url":"https://github.com/advisories/GHSA-cggj-fvv3-cqwv","title":"FasterXML jackson-databind allows unauthenticated remote code execution ","description":"FasterXML jackson-databind before before 2.6.7.5, 2.7.x before 2.7.9.3, 2.8.x before 2.8.11.1, and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2018-10-16T17:45:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-7489","https://github.com/FasterXML/jackson-databind/issues/1931","https://access.redhat.com/errata/RHSA-2018:1447","https://access.redhat.com/errata/RHSA-2018:1448","https://access.redhat.com/errata/RHSA-2018:1449","https://access.redhat.com/errata/RHSA-2018:1450","https://access.redhat.com/errata/RHSA-2018:1451","https://access.redhat.com/errata/RHSA-2018:1786","https://access.redhat.com/errata/RHSA-2018:2088","https://access.redhat.com/errata/RHSA-2018:2089","https://access.redhat.com/errata/RHSA-2018:2090","https://access.redhat.com/errata/RHSA-2018:2938","https://access.redhat.com/errata/RHSA-2018:2939","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3149","https://github.com/advisories/GHSA-cggj-fvv3-cqwv","https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us","https://www.debian.org/security/2018/dsa-4190","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2","https://github.com/FasterXML/jackson-databind/commit/c921f0935d5e41bf206e702d8077a275ba1a6efc","https://github.com/FasterXML/jackson-databind/commit/ca2bfc86af82a1479112004b663ba74c760752e6","https://github.com/FasterXML/jackson-databind/commit/e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d","https://security.netapp.com/advisory/ntap-20180328-0001","https://github.com/FasterXML/jackson-databind/commit/bc22f90eb7f896ace9567598a99cb1ff6e0f9d9d"],"source_kind":"github","identifiers":["GHSA-cggj-fvv3-cqwv","CVE-2018-7489"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003c 2.6.7.5"},{"first_patched_version":"2.7.9.3","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.9.3"},{"first_patched_version":"2.8.11.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.0"},{"first_patched_version":"2.9.5","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.5"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.280Z","updated_at":"2024-03-15T01:08:05.000Z","epss_percentage":0.4268,"epss_percentile":0.9729},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmeDYtdnA5Zy1yaDd2","url":"https://github.com/advisories/GHSA-rfx6-vp9g-rh7v","title":"jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass","description":"FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2018-10-18T17:42:48.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2017-17485","https://github.com/FasterXML/jackson-databind/issues/1855","https://access.redhat.com/errata/RHSA-2018:0116","https://access.redhat.com/errata/RHSA-2018:0342","https://access.redhat.com/errata/RHSA-2018:0478","https://access.redhat.com/errata/RHSA-2018:0479","https://access.redhat.com/errata/RHSA-2018:0480","https://access.redhat.com/errata/RHSA-2018:0481","https://access.redhat.com/errata/RHSA-2018:1447","https://access.redhat.com/errata/RHSA-2018:1448","https://access.redhat.com/errata/RHSA-2018:1449","https://access.redhat.com/errata/RHSA-2018:1450","https://access.redhat.com/errata/RHSA-2018:1451","https://access.redhat.com/errata/RHSA-2018:2930","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us","https://www.debian.org/security/2018/dsa-4114","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/10fe7f17ea7c8da2a71e7a0c774b420a1d5c1b50","https://github.com/FasterXML/jackson-databind/commit/2235894210c75f624a3d0cd60bfb0434a20a18bf","https://github.com/FasterXML/jackson-databind/commit/459107dccc9b3ea991af3e6ad0953e54b01ef7c1","https://github.com/FasterXML/jackson-databind/commit/4f16f67ebd22c7522fdbb8a7eb87e3026a807d61","https://github.com/FasterXML/jackson-databind/commit/978798382ceb72229e5036aa1442943933d6d171","https://github.com/FasterXML/jackson-databind/commit/bb45fb16709018842f858f1a6e1118676aaa34bd","https://github.com/FasterXML/jackson-databind/commit/eb217dd0f87c5fb471e0668575644aa7eba9a3d3","https://github.com/FasterXML/jackson-databind/commit/f031f27a31625d07922bdd090664c69544200a5d","https://github.com/irsl/jackson-rce-via-spel","https://security.netapp.com/advisory/ntap-20180201-0003","https://web.archive.org/web/20200927162225/http://www.securityfocus.com/archive/1/541652/100/0/threaded","https://github.com/advisories/GHSA-rfx6-vp9g-rh7v"],"source_kind":"github","identifiers":["GHSA-rfx6-vp9g-rh7v","CVE-2017-17485"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.2","vulnerable_version_range":"\u003c 2.7.9.2"},{"first_patched_version":"2.8.11","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11"},{"first_patched_version":"2.9.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:34.335Z","updated_at":"2024-03-01T21:35:58.000Z","epss_percentage":0.77043,"epss_percentile":0.98893},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN2bTktZmptOS0zNTcy","url":"https://github.com/advisories/GHSA-cvm9-fjm9-3572","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:16:10.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36181","https://github.com/FasterXML/jackson-databind/issues/3004","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b","https://github.com/advisories/GHSA-cvm9-fjm9-3572"],"source_kind":"github","identifiers":["GHSA-cvm9-fjm9-3572","CVE-2020-36181"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.5"},{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.432Z","updated_at":"2023-09-14T16:07:00.000Z","epss_percentage":0.06306,"epss_percentile":0.90001},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcXgtMzNxbS1nODY5","url":"https://github.com/advisories/GHSA-vfqx-33qm-g869","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:16:59.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36189","https://github.com/FasterXML/jackson-databind/issues/2996","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/33d96c13fe18a2dad01b19ce195548c9acea9da4","https://github.com/advisories/GHSA-vfqx-33qm-g869"],"source_kind":"github","identifiers":["GHSA-vfqx-33qm-g869","CVE-2020-36189"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003c 2.6.7.5"},{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.488Z","updated_at":"2023-09-14T16:04:22.000Z","epss_percentage":0.02635,"epss_percentile":0.84823},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5eGgtMnFncC1jcTU3","url":"https://github.com/advisories/GHSA-f9xh-2qgp-cq57","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:16:42.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36188","https://github.com/FasterXML/jackson-databind/issues/2996","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/33d96c13fe18a2dad01b19ce195548c9acea9da4","https://github.com/advisories/GHSA-f9xh-2qgp-cq57"],"source_kind":"github","identifiers":["GHSA-f9xh-2qgp-cq57","CVE-2020-36188"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.5"},{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.469Z","updated_at":"2023-09-14T16:04:22.000Z","epss_percentage":0.0698,"epss_percentile":0.90564},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02eDQtOTd3eC00cTI3","url":"https://github.com/advisories/GHSA-m6x4-97wx-4q27","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:16:26.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36184","https://github.com/FasterXML/jackson-databind/issues/2998","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/567194c53ae91f0a14dc27239afb739b1c10448a","https://github.com/advisories/GHSA-m6x4-97wx-4q27"],"source_kind":"github","identifiers":["GHSA-m6x4-97wx-4q27","CVE-2020-36184"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.450Z","updated_at":"2023-09-14T15:53:30.000Z","epss_percentage":0.05061,"epss_percentile":0.88784},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqdzItaHI5OC1xZ2Zo","url":"https://github.com/advisories/GHSA-qjw2-hr98-qgfh","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:15:36.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-24750","https://github.com/FasterXML/jackson-databind/issues/2798","https://github.com/FasterXML/jackson-databind/commit/ad5a630174f08d279504bc51ebba8772fd71b86b","https://security.netapp.com/advisory/ntap-20201009-0003/","https://www.oracle.com/security-alerts/cpujan2021.html","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://github.com/FasterXML/jackson-databind/commit/2118e71325486c68f089a9761c9d8a11b4ddd1cb","https://www.oracle.com/security-alerts/cpuapr2022.html","https://github.com/FasterXML/jackson-databind/commit/6cc9f1a1af323cd156f5668a47e43bab324ae16f","https://github.com/advisories/GHSA-qjw2-hr98-qgfh"],"source_kind":"github","identifiers":["GHSA-qjw2-hr98-qgfh","CVE-2020-24750"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.6","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.9.10.5"},{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003e= 2.0, \u003c= 2.6.7.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:30.537Z","updated_at":"2023-09-14T15:47:50.000Z","epss_percentage":0.02107,"epss_percentile":0.82538},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZxd2YtcGp3Zi03dnF2","url":"https://github.com/advisories/GHSA-fqwf-pjwf-7vqv","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-05-15T18:59:04.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-10673","https://github.com/FasterXML/jackson-databind/issues/2660","https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/1645efbd392989cf015f459a91c999e59c921b15","https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20200403-0002","https://github.com/advisories/GHSA-fqwf-pjwf-7vqv"],"source_kind":"github","identifiers":["GHSA-fqwf-pjwf-7vqv","CVE-2020-10673"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.4","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.4"},{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.9.10.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.214Z","updated_at":"2024-07-03T21:10:31.000Z","epss_percentage":0.20473,"epss_percentile":0.95074},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE5M2gtamM0OS03OGdn","url":"https://github.com/advisories/GHSA-q93h-jc49-78gg","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-05-15T18:59:10.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-9547","https://github.com/FasterXML/jackson-databind/issues/2634","https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd0e958d6d5c5ee16efed73314cd0e445c8dbb4bdcc80fc9d1d6c11fc@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/redbe4f1e21bf080f637cf9fbec47729750a2f443a919765360337428@%3Cnotifications.zookeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://security.netapp.com/advisory/ntap-20200904-0006/","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/9f4e97019fb0dd836533d0b6198c88787e235ae2","https://github.com/advisories/GHSA-q93h-jc49-78gg"],"source_kind":"github","identifiers":["GHSA-q93h-jc49-78gg","CVE-2020-9547"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.7","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.7.9.7"},{"first_patched_version":"2.8.11.6","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11.6"},{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.194Z","updated_at":"2023-09-14T15:09:40.000Z","epss_percentage":0.06229,"epss_percentile":0.89939},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtbWMtNzQycS1qZzc1","url":"https://github.com/advisories/GHSA-fmmc-742q-jg75","title":"jackson-databind polymorphic typing issue","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-11-13T00:32:27.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-16943","https://github.com/FasterXML/jackson-databind/issues/2478","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E","https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/","https://seclists.org/bugtraq/2019/Oct/6","https://security.netapp.com/advisory/ntap-20191017-0006/","https://www.debian.org/security/2019/dsa-4542","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://github.com/FasterXML/jackson-databind/commit/328a0f833daf6baa443ac3b37c818a0204714b0b","https://github.com/FasterXML/jackson-databind/commit/bc67eb11a7cf57561f861ff16f879f1fceb5779f","https://github.com/advisories/GHSA-fmmc-742q-jg75"],"source_kind":"github","identifiers":["GHSA-fmmc-742q-jg75","CVE-2019-16943"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003c 2.6.7.3"},{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.8.11.5"},{"first_patched_version":"2.9.10.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10.1"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:06.104Z","updated_at":"2023-09-14T14:55:20.000Z","epss_percentage":0.01841,"epss_percentile":0.81908},{"uuid":"GSA_kwCzR0hTQS1ycHIzLWN3MzktM3B4aM4AAtZ7","url":"https://github.com/advisories/GHSA-rpr3-cw39-3pxh","title":"jackson-databind vulnerable to unsafe deserialization","description":"The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-07-15T19:41:47.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-10650","https://github.com/FasterXML/jackson-databind/issues/2658","https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19","https://github.com/FasterXML/jackson-databind/pull/2864","https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef","https://www.oracle.com/security-alerts/cpujan2021.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://www.oracle.com/security-alerts/cpuoct2022.html","https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html","https://security.netapp.com/advisory/ntap-20230818-0007","https://github.com/advisories/GHSA-rpr3-cw39-3pxh"],"source_kind":"github","identifiers":["GHSA-rpr3-cw39-3pxh","CVE-2020-10650"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:10.583Z","updated_at":"2025-04-14T22:08:44.000Z","epss_percentage":0.05253,"epss_percentile":0.89475},{"uuid":"GSA_kwCzR0hTQS01N2oyLXc0Y3gtNjJoMs0ybA","url":"https://github.com/advisories/GHSA-57j2-w4cx-62h2","title":"Deeply nested json in jackson-databind","description":"jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-03-12T00:00:36.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36518","https://github.com/FasterXML/jackson-databind/issues/2816","https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13","https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html","https://www.debian.org/security/2022/dsa-5283","https://github.com/FasterXML/jackson-databind/commit/0a8157c6ca478b1bc7be4ba7dccdb3863275f0de","https://github.com/FasterXML/jackson-databind/commit/3cc52f82ecf943e06c1d7c3b078e405fb3923d2b","https://github.com/FasterXML/jackson-databind/commit/8238ab41d0350fb915797c89d46777b4496b74fd","https://github.com/FasterXML/jackson-databind/commit/b3587924ee5d8695942f364d0d404d48d0ea6126","https://security.netapp.com/advisory/ntap-20220506-0004","https://github.com/advisories/GHSA-57j2-w4cx-62h2"],"source_kind":"github","identifiers":["GHSA-57j2-w4cx-62h2","CVE-2020-36518"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.12.6.1","vulnerable_version_range":"\u003c= 2.12.6.0"},{"first_patched_version":"2.13.2.1","vulnerable_version_range":"\u003e= 2.13.0, \u003c= 2.13.2.0"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:31.754Z","updated_at":"2025-06-07T01:09:51.848Z","epss_percentage":0.00477,"epss_percentile":0.63876},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlteGYtZzN4Ni13djc0","url":"https://github.com/advisories/GHSA-9mxf-g3x6-wv74","title":"Server-Side Request Forgery (SSRF) in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-01-04T19:07:06.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-14721","https://github.com/FasterXML/jackson-databind/issues/2097","https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:1106","https://access.redhat.com/errata/RHSA-2019:1107","https://access.redhat.com/errata/RHSA-2019:1108","https://access.redhat.com/errata/RHSA-2019:1140","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7","https://github.com/advisories/GHSA-9mxf-g3x6-wv74","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html","https://seclists.org/bugtraq/2019/May/68","https://security.netapp.com/advisory/ntap-20190530-0003/","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"],"source_kind":"github","identifiers":["GHSA-9mxf-g3x6-wv74","CVE-2018-14721"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.4"},{"first_patched_version":"2.8.11.3","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.2"},{"first_patched_version":"2.9.7","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.7"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.254Z","updated_at":"2023-01-09T05:03:46.000Z","epss_percentage":0.09895,"epss_percentile":0.92586},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4MjMtNHFjaC0zcmdt","url":"https://github.com/advisories/GHSA-j823-4qch-3rgm","title":"Deserialization of untrusted data in Jackson Databind","description":"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-06-18T14:44:46.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-14060","https://github.com/FasterXML/jackson-databind/issues/2688","https://github.com/FasterXML/jackson-databind/commit/d1c67a0396e84c08d0558fbb843b5bd1f26e1921","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314","https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88","https://github.com/FasterXML/jackson-databind/commit/ac7232e3f9004bdb4f11dcb5bc6c1fadf074f5f7","https://security.netapp.com/advisory/ntap-20200702-0003","https://github.com/advisories/GHSA-j823-4qch-3rgm"],"source_kind":"github","identifiers":["GHSA-j823-4qch-3rgm","CVE-2020-14060"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.5","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:24.002Z","updated_at":"2024-03-15T00:39:55.000Z","epss_percentage":0.08718,"epss_percentile":0.92009},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmcHAtcmdqOS04cndj","url":"https://github.com/advisories/GHSA-6fpp-rgj9-8rwc","title":"Deserialization of untrusted data in FasterXML jackson-databind","description":"SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2, 2.8.11.4, and 2.7.9.6 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-08-01T19:18:00.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-14379","https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2","https://github.com/FasterXML/jackson-databind/issues/2387","https://access.redhat.com/errata/RHBA-2019:2824","https://access.redhat.com/errata/RHSA-2019:2743","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:2935","https://access.redhat.com/errata/RHSA-2019:2936","https://access.redhat.com/errata/RHSA-2019:2937","https://access.redhat.com/errata/RHSA-2019:2938","https://access.redhat.com/errata/RHSA-2019:2998","https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E","https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/525bcf949a4b0da87a375cbad2680b8beccde749522f24c49befe7fb@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/689c6bcc6c7612eee71e453a115a4c8581e7b718537025d4b265783d@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/75f482fdc84abe6d0c8f438a76437c335a7bbeb5cddd4d70b4bc0cbf@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/859815b2e9f1575acbb2b260b73861c16ca49bca627fa0c46419051f@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/8723b52c2544e6cb804bc8a36622c584acd1bd6c53f2b6034c9fea54@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E","https://lists.apache.org/thread.html/99944f86abefde389da9b4040ea2327c6aa0b53a2ff9352bd4cfec17@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/d161ff3d59c5a8213400dd6afb1cce1fac4f687c32d1e0c0bfbfaa2d@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/e25e734c315f70d8876a846926cfe3bfa1a4888044f146e844caf72f@%3Ccommits.ambari.apache.org%3E","https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/f17f63b0f8a57e4a5759e01d25cffc0548f0b61ff5c6bfd704ad2f2a@%3Ccommits.ambari.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/08/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/","https://security.netapp.com/advisory/ntap-20190814-0001/","https://access.redhat.com/errata/RHSA-2019:3044","https://access.redhat.com/errata/RHSA-2019:3045","https://access.redhat.com/errata/RHSA-2019:3046","https://access.redhat.com/errata/RHSA-2019:3050","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3200","https://access.redhat.com/errata/RHSA-2019:3292","https://access.redhat.com/errata/RHSA-2019:3297","https://access.redhat.com/errata/RHSA-2019:3901","https://access.redhat.com/errata/RHSA-2020:0727","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://support.apple.com/kb/HT213189","http://seclists.org/fulldisclosure/2022/Mar/23","https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b","https://github.com/advisories/GHSA-6fpp-rgj9-8rwc"],"source_kind":"github","identifiers":["GHSA-6fpp-rgj9-8rwc","CVE-2019-14379"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.6","vulnerable_version_range":"\u003c 2.7.9.6"},{"first_patched_version":"2.8.11.4","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11.4"},{"first_patched_version":"2.9.9.2","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.9.2"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:06.085Z","updated_at":"2023-09-13T17:18:25.000Z","epss_percentage":0.01455,"epss_percentile":0.79758},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFtcWMteDNyNC02djM5","url":"https://github.com/advisories/GHSA-qmqc-x3r4-6v39","title":"Polymorphic deserialization of malicious object in jackson-databind","description":"A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-05-15T18:59:07.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-14893","https://github.com/FasterXML/jackson-databind/issues/2469","https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317","https://access.redhat.com/errata/RHSA-2020:0729","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893","https://security.netapp.com/advisory/ntap-20200327-0006/","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/advisories/GHSA-qmqc-x3r4-6v39"],"source_kind":"github","identifiers":["GHSA-qmqc-x3r4-6v39","CVE-2019-14893"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.205Z","updated_at":"2023-02-01T05:02:58.000Z","epss_percentage":0.00794,"epss_percentile":0.72767},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3dzctcDV3NC13cmZ2","url":"https://github.com/advisories/GHSA-gww7-p5w4-wrfv","title":"Deserialization of Untrusted Data in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-03-04T20:52:11.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-20330","https://github.com/FasterXML/jackson-databind/issues/2526","https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2","https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r7a0821b44247a1e6c6fe5f2943b90ebc4f80a8d1fb0aa9a8b29a59a2@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r7fb123e7dad49af5886cfec7135c0fd5b74e4c67af029e1dc91ba744@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r8831b7fa5ca87a1cf23ee08d6dedb7877a964c1d2bd869af24056a63@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r909c822409a276ba04dc2ae31179b16f6864ba02c4f9911bdffebf95@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra2e572f568de8df5ba151e6aebb225a0629faaf0476bf7c7ed877af8@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra5ce96faec37c26b0aa15b4b6a8b1cbb145a748653e56ae83e9685d0@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra8a80dbc7319916946397823aec0d893d24713cbf7b5aee0e957298c@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rb532fed78d031fff477fd840b81946f6d1200f93a63698dae65aa528@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/rd1f346227e11fc515914f3a7b20d81543e51e5822ba71baa0452634a@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd49cfa41bbb71ef33b53736a6af2aa8ba88c2106e30f2a34902a87d2@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd6c6fef14944f3dcfb58d35f9317eb1c32a700e86c1b5231e45d3d0b@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/rfa57d9c2a27d3af14c69607fb1a3da00e758b2092aa88eb6a51b6e99@%3Cissues.zookeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://github.com/FasterXML/jackson-databind/commit/eb254813cc822d0af015ce8fe05febf50721dc53","https://github.com/FasterXML/jackson-databind/commit/fc4214a883dc087070f25da738ef0d49c2f3387e","https://security.netapp.com/advisory/ntap-20200127-0004","https://github.com/advisories/GHSA-gww7-p5w4-wrfv"],"source_kind":"github","identifiers":["GHSA-gww7-p5w4-wrfv","CVE-2019-20330"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.4","vulnerable_version_range":"\u003e= 2.0.0, \u003c= 2.6.7.3"},{"first_patched_version":"2.9.10.2","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.1"},{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.4"},{"first_patched_version":"2.7.9.7","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.6"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:30.758Z","updated_at":"2024-03-15T00:52:59.000Z","epss_percentage":0.01997,"epss_percentile":0.82733},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2OTUtN3ZyOS1qZ2My","url":"https://github.com/advisories/GHSA-r695-7vr9-jgc2","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:16:51.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36187","https://github.com/FasterXML/jackson-databind/issues/2997","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/3e8fa3beea49ea62109df9e643c9cb678dabdde1","https://github.com/advisories/GHSA-r695-7vr9-jgc2"],"source_kind":"github","identifiers":["GHSA-r695-7vr9-jgc2","CVE-2020-36187"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.478Z","updated_at":"2023-09-14T16:01:31.000Z","epss_percentage":0.02039,"epss_percentile":0.82754},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5NDktcnc3Zy13eDd3","url":"https://github.com/advisories/GHSA-5949-rw7g-wx7w","title":"Deserialization of untrusted data in jackson-databind","description":"A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-01-20T21:20:15.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2021-20190","https://github.com/FasterXML/jackson-databind/issues/2854","https://github.com/FasterXML/jackson-databind/commit/7dbf51bf78d157098074a20bd9da39bd48c18e4a","https://bugzilla.redhat.com/show_bug.cgi?id=1916633","https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a@%3Ccommits.nifi.apache.org%3E","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88","https://security.netapp.com/advisory/ntap-20210219-0008","https://github.com/advisories/GHSA-5949-rw7g-wx7w"],"source_kind":"github","identifiers":["GHSA-5949-rw7g-wx7w","CVE-2021-20190"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003c 2.6.7.5"},{"first_patched_version":"2.9.10.7","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.9.10.7"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:11.950Z","updated_at":"2024-03-15T00:16:04.000Z","epss_percentage":0.00636,"epss_percentile":0.69351},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1jNmgtNHFncC0zN3Fo","url":"https://github.com/advisories/GHSA-mc6h-4qgp-37qh","title":"Deserialization of untrusted data in Jackson Databind","description":"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-06-18T14:44:43.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-14195","https://github.com/FasterXML/jackson-databind/issues/2765","https://github.com/FasterXML/jackson-databind/commit/f6d9c664f6d481703138319f6a0f1fdbddb3a259","https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88","https://security.netapp.com/advisory/ntap-20200702-0003","https://github.com/advisories/GHSA-mc6h-4qgp-37qh"],"source_kind":"github","identifiers":["GHSA-mc6h-4qgp-37qh","CVE-2020-14195"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.5","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:24.012Z","updated_at":"2024-03-15T00:37:17.000Z","epss_percentage":0.09511,"epss_percentile":0.92082},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3ODItcjMyOS0zcTY3","url":"https://github.com/advisories/GHSA-4w82-r329-3q67","title":"Deserialization of Untrusted Data in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-03-04T20:52:14.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-8840","https://github.com/FasterXML/jackson-databind/issues/2620","https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497","https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r46bebdeb59b8b7212d63a010ca445a9f5c4e9d64dcf693cab6f399d3@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r6fdd4c61a09a0c89f581b4ddb3dc6f154ab0c705fcfd0a7358b2e4e5@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r8170007fd9b263d65b37d92a7b5d7bc357aedbb113a32838bc4a9485@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r9ecf211c22760b00967ebe158c6ed7dba9142078e2a630ab8904a5b7@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rac5ee5d686818be7e7c430d35108ee01a88aae54f832d32f62431fd1@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rb43f9a65150948a6bebd3cb77ee3e105d40db2820fd547528f4e7f89@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rb5eedf90ba3633e171a2ffdfe484651c9490dc5df74c8a29244cbc0e@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rdf8d389271a291dde3b2f99c36918d6cb1e796958af626cc140fee23@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/re7326b8655eab931f2a9ce074fd9a1a51b5db11456bee9b48e1e170c@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/re8ae2670ec456ef1c5a2a661a2838ab2cd00e9efa1e88c069f546f21@%3Ccommits.zookeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html","https://lists.apache.org/thread.html/r65ee95fa09c831843bac81eaa582fdddc2b6119912a72d1c83a9b882@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/r446646c5588b10f5e02409ad580b12f314869009cdfbf844ca395cec@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/r5d8bea8e9d17b6efcf4a0e4e194e91ef46a99f505777a31a60da2b38@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/r7762d69e85c58d6948823424017ef4c08f47de077644277fa18cc116@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/r7e5c10534ed06bf805473ac85e8412fe3908a8fa4cabf5027bf11220@%3Cdev.kafka.apache.org%3E","https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/r94930e39b60fff236160c1c4110fe884dc093044b067aa5fc98d7ee1@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/r9e59ebaf76fd00b2fa3ff5ebf18fe075ca9f4376216612c696f76718@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/ra275f29615f35d5b40106d1582a41e5388b2a5131564e9e01a572987@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/rb73708bf714ed6dbc1212da082e7703e586077f0c92f3940b2e82caf@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/rb99c7321eba5d4c907beec46675d52827528b738cfafd48eb4d862f1@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/rc717fd6c65190f4e592345713f9ef0723fb7d71f624caa2a17caa26a@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/rcc72b497e3dff2dc62ec9b89ceb90bc4e1b14fc56c3c252a6fcbb013@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/rdea588d4a0ebf9cb7ce8c3a8f18d0d306507c4f8ba178dd3d20207b8@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/rdf311f13e6356297e0ffe74397fdd25a3687b0a16e687c3ff5b834d8@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/rf28ab6f224b48452afd567dfffb705fbda0fdbbf6535f6bc69d47e91@%3Cdev.ranger.apache.org%3E","https://lists.apache.org/thread.html/rfc1ccfe89332155b72ce17f13a2701d3e7b9ec213324ceb90e79a28a@%3Cdev.ranger.apache.org%3E","https://security.netapp.com/advisory/ntap-20200327-0002/","https://www.oracle.com/security-alerts/cpuapr2020.html","http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/74aba4042fce35ee0b91bd2847e788c10040d78b","https://github.com/FasterXML/jackson-databind/commit/9bb52c7122271df75435ec7e66ecf6b02b1ee14f","https://github.com/advisories/GHSA-4w82-r329-3q67"],"source_kind":"github","identifiers":["GHSA-4w82-r329-3q67","CVE-2020-8840"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.4","vulnerable_version_range":"\u003e= 2.0.0, \u003c= 2.6.7.3"},{"first_patched_version":"2.7.9.7","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.6"},{"first_patched_version":"2.9.10.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.2"},{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:30.631Z","updated_at":"2023-06-08T19:02:12.000Z","epss_percentage":0.08164,"epss_percentile":0.91721},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5aHYtbWc1aC14Y3c5","url":"https://github.com/advisories/GHSA-f9hv-mg5h-xcw9","title":"Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization","description":"FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-01-04T19:06:57.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-19360","https://github.com/FasterXML/jackson-databind/issues/2186","https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:0877","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8","https://github.com/advisories/GHSA-f9hv-mg5h-xcw9","https://issues.apache.org/jira/browse/TINKERPOP-2121","https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html","https://seclists.org/bugtraq/2019/May/68","https://security.netapp.com/advisory/ntap-20190530-0003/","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","http://www.securityfocus.com/bid/107985"],"source_kind":"github","identifiers":["GHSA-f9hv-mg5h-xcw9","CVE-2018-19360"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.4"},{"first_patched_version":"2.8.11.3","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.2"},{"first_patched_version":"2.9.8","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.288Z","updated_at":"2023-06-12T22:34:12.000Z","epss_percentage":0.06777,"epss_percentile":0.90805},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgydzUtNW0yZy03aDVt","url":"https://github.com/advisories/GHSA-x2w5-5m2g-7h5m","title":"XML External Entity Reference (XXE) in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-01-04T19:09:46.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-14720","https://github.com/FasterXML/jackson-databind/issues/2097","https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:1106","https://access.redhat.com/errata/RHSA-2019:1107","https://access.redhat.com/errata/RHSA-2019:1108","https://access.redhat.com/errata/RHSA-2019:1140","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7","https://github.com/advisories/GHSA-x2w5-5m2g-7h5m","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html","https://seclists.org/bugtraq/2019/May/68","https://security.netapp.com/advisory/ntap-20190530-0003/","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"],"source_kind":"github","identifiers":["GHSA-x2w5-5m2g-7h5m","CVE-2018-14720"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.2"},{"first_patched_version":"2.8.11.3","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.2"},{"first_patched_version":"2.9.7","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.7"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.586Z","updated_at":"2023-06-12T22:34:50.000Z","epss_percentage":0.0341,"epss_percentile":0.86859},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRncTUtY2g1Ny1jMm1n","url":"https://github.com/advisories/GHSA-4gq5-ch57-c2mg","title":"Arbitrary Code Execution in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.7, 2.8.11.3, and 2.7.9.5 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-01-04T19:09:49.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-14719","https://github.com/FasterXML/jackson-databind/issues/2097","https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:0877","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html","https://seclists.org/bugtraq/2019/May/68","https://security.netapp.com/advisory/ntap-20190530-0003/","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://github.com/advisories/GHSA-4gq5-ch57-c2mg"],"source_kind":"github","identifiers":["GHSA-4gq5-ch57-c2mg","CVE-2018-14719"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.5","vulnerable_version_range":"\u003e= 2.0.0, \u003c= 2.7.9.4"},{"first_patched_version":"2.8.11.3","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.2"},{"first_patched_version":"2.9.7","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.7"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.037Z","updated_at":"2023-09-13T18:31:10.000Z","epss_percentage":0.03526,"epss_percentile":0.87075},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNtZmctODd2cS1nNWc0","url":"https://github.com/advisories/GHSA-cmfg-87vq-g5g4","title":"Deserialization of untrusted data in FasterXML jackson-databind","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2019-07-17T15:26:12.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-12814","https://github.com/FasterXML/jackson-databind/issues/2341","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:2935","https://access.redhat.com/errata/RHSA-2019:2936","https://access.redhat.com/errata/RHSA-2019:2937","https://access.redhat.com/errata/RHSA-2019:2938","https://access.redhat.com/errata/RHSA-2019:3044","https://access.redhat.com/errata/RHSA-2019:3045","https://access.redhat.com/errata/RHSA-2019:3046","https://access.redhat.com/errata/RHSA-2019:3050","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3200","https://access.redhat.com/errata/RHSA-2019:3292","https://access.redhat.com/errata/RHSA-2019:3297","https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/71f9ffd92410a889e27b95a219eaa843fd820f8550898633d85d4ea3@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E","https://lists.apache.org/thread.html/a3ae8a8c5e32c413cd27071d3a204166050bf79ce7f1299f6866338f@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/a78239b1f11cddfa86e4edee19064c40b6272214630bfef070c37957@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0a2b2cca072650dbd5882719976c3d353972c44f6736ddf0ba95209@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/b148fa2e9ef468c4de00de255dd728b74e2a97d935f8ced31eb41ba2@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/bf20574dbc2db255f1fd489942b5720f675e32a2c4f44eb6a36060cd@%3Ccommits.accumulo.apache.org%3E","https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe@%3Cnotifications.geode.apache.org%3E","https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC","https://security.netapp.com/advisory/ntap-20190625-0006","https://github.com/advisories/GHSA-cmfg-87vq-g5g4"],"source_kind":"github","identifiers":["GHSA-cmfg-87vq-g5g4","CVE-2019-12814"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.3"},{"first_patched_version":"2.7.9.6","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.9.6"},{"first_patched_version":"2.8.11.4","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11.4"},{"first_patched_version":"2.9.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.9.1"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:06.256Z","updated_at":"2025-06-07T01:09:51.678Z","epss_percentage":0.19277,"epss_percentile":0.95028},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW14N3AtNjY3OS04ZzNx","url":"https://github.com/advisories/GHSA-mx7p-6679-8g3q","title":"Polymorphic Typing in FasterXML jackson-databind","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-10-28T20:51:15.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-16942","https://github.com/FasterXML/jackson-databind/issues/2478","https://issues.apache.org/jira/browse/GEODE-7255","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://access.redhat.com/errata/RHSA-2019:3901","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E","https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html","https://seclists.org/bugtraq/2019/Oct/6","https://www.debian.org/security/2019/dsa-4542","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://github.com/FasterXML/jackson-databind/commit/328a0f833daf6baa443ac3b37c818a0204714b0b","https://github.com/FasterXML/jackson-databind/commit/54aa38d87dcffa5ccc23e64922e9536c82c1b9c8","https://github.com/FasterXML/jackson-databind/commit/9593e16cf5a3d289a9c584f7123639655de9ddac","https://github.com/FasterXML/jackson-databind/commit/bc67eb11a7cf57561f861ff16f879f1fceb5779f","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT","https://security.netapp.com/advisory/ntap-20191017-0006","https://github.com/advisories/GHSA-mx7p-6679-8g3q"],"source_kind":"github","identifiers":["GHSA-mx7p-6679-8g3q","CVE-2019-16942"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.8.11.5"},{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.3"},{"first_patched_version":"2.9.10.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10.1"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:06.095Z","updated_at":"2024-03-15T00:57:37.000Z","epss_percentage":0.00438,"epss_percentile":0.61784},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXczZjQtM3E2ai1yaDgy","url":"https://github.com/advisories/GHSA-w3f4-3q6j-rh82","title":"Deserialization of Untrusted Data in jackson-databind","description":"FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-06-30T20:40:50.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-5968","https://github.com/FasterXML/jackson-databind/issues/1899","https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05","https://access.redhat.com/errata/RHSA-2018:0478","https://access.redhat.com/errata/RHSA-2018:0479","https://access.redhat.com/errata/RHSA-2018:0480","https://access.redhat.com/errata/RHSA-2018:0481","https://access.redhat.com/errata/RHSA-2018:1525","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3149","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us","https://www.debian.org/security/2018/dsa-4114","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d0","https://github.com/FasterXML/jackson-databind/commit/03ea0bec6293d4330b5ad19d1d62aca0e3cb6381","https://github.com/FasterXML/jackson-databind/commit/454be8bb8c913be18298327a84ca45a280b61605","https://security.netapp.com/advisory/ntap-20180423-0002","https://github.com/advisories/GHSA-w3f4-3q6j-rh82"],"source_kind":"github","identifiers":["GHSA-w3f4-3q6j-rh82","CVE-2018-5968"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.5","vulnerable_version_range":"\u003c 2.7.9.5"},{"first_patched_version":"2.8.11.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11"},{"first_patched_version":"2.9.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:23.844Z","updated_at":"2024-03-01T21:56:34.000Z","epss_percentage":0.02582,"epss_percentile":0.84685},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzZ3ItY3hyZi1oZzI1","url":"https://github.com/advisories/GHSA-r3gr-cxrf-hg25","title":"Serialization gadgets exploit in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:15:11.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-35491","https://github.com/FasterXML/jackson-databind/issues/2986","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d","https://security.netapp.com/advisory/ntap-20210122-0005","https://github.com/advisories/GHSA-r3gr-cxrf-hg25"],"source_kind":"github","identifiers":["GHSA-r3gr-cxrf-hg25","CVE-2020-35491"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.0.0, \u003c= 2.9.10.7"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:07.957Z","updated_at":"2024-06-25T13:47:23.000Z","epss_percentage":0.06892,"epss_percentile":0.90886},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1OTItMzhjbS00Z2dw","url":"https://github.com/advisories/GHSA-h592-38cm-4ggp","title":"jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution","description":"jackson-databind in versions prior to 2.8.11 and 2.9.4 contain a deserialization flaw which allows an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525, blacklisting additonal vulnerable classes.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2018-10-18T17:42:34.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2017-15095","https://github.com/FasterXML/jackson-databind/issues/1680","https://github.com/FasterXML/jackson-databind/issues/1737","https://access.redhat.com/errata/RHSA-2017:3189","https://access.redhat.com/errata/RHSA-2017:3190","https://access.redhat.com/errata/RHSA-2018:0342","https://access.redhat.com/errata/RHSA-2018:0478","https://access.redhat.com/errata/RHSA-2018:0479","https://access.redhat.com/errata/RHSA-2018:0480","https://access.redhat.com/errata/RHSA-2018:0481","https://access.redhat.com/errata/RHSA-2018:0576","https://access.redhat.com/errata/RHSA-2018:0577","https://access.redhat.com/errata/RHSA-2018:1447","https://access.redhat.com/errata/RHSA-2018:1448","https://access.redhat.com/errata/RHSA-2018:1449","https://access.redhat.com/errata/RHSA-2018:1450","https://access.redhat.com/errata/RHSA-2018:1451","https://access.redhat.com/errata/RHSA-2018:2927","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html","https://www.debian.org/security/2017/dsa-4037","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","https://github.com/FasterXML/jackson-databind/commit/a3939d36edcc755c8af55bdc1969e0fa8438f9db","https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92","https://github.com/FasterXML/jackson-databind/commit/e865a7a4464da63ded9f4b1a2328ad85c9ded78b","https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935","https://web.archive.org/web/20200401000000*/http://www.securityfocus.com/bid/103880","https://web.archive.org/web/20201221192044/http://www.securitytracker.com/id/1039769","https://github.com/FasterXML/jackson-databind/commit/a054585e2175ad0882f07bcafedecfac86230f1b","https://github.com/tolbertam/jackson-databind/commit/80566a0f96b2003863f9d8f9ccc3b562001e147b","https://security.netapp.com/advisory/ntap-20171214-0003","https://github.com/advisories/GHSA-h592-38cm-4ggp"],"source_kind":"github","identifiers":["GHSA-h592-38cm-4ggp","CVE-2017-15095"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.2","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.9.2"},{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.3"},{"first_patched_version":"2.8.11","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11"},{"first_patched_version":"2.9.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:34.344Z","updated_at":"2024-03-15T01:13:59.000Z","epss_percentage":0.07411,"epss_percentile":0.91245},{"uuid":"GSA_kwCzR0hTQS0zeDh4LTc5bTItM3cyd84AAyLf","url":"https://github.com/advisories/GHSA-3x8x-79m2-3w2w","title":"jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode","description":"jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-19T00:30:25.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2021-46877","https://github.com/FasterXML/jackson-databind/issues/3328","https://groups.google.com/g/jackson-user/c/OsBsirPM_Vw","https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.6","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13.1","https://github.com/advisories/GHSA-3x8x-79m2-3w2w"],"source_kind":"github","identifiers":["GHSA-3x8x-79m2-3w2w","CVE-2021-46877"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.13.1","vulnerable_version_range":"\u003e= 2.13.0, \u003c 2.13.1"},{"first_patched_version":"2.12.6","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.12.6"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2023-03-20T22:03:07.536Z","updated_at":"2025-02-26T22:17:22.000Z","epss_percentage":0.00097,"epss_percentile":0.28275},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNqamYtOTRmZi00M3c3","url":"https://github.com/advisories/GHSA-cjjf-94ff-43w7","title":"jackson-databind Deserialization of Untrusted Data vulnerability","description":"An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2019-03-25T18:03:09.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-12022","https://github.com/FasterXML/jackson-databind/issues/2052","https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:0877","https://access.redhat.com/errata/RHSA-2019:1106","https://access.redhat.com/errata/RHSA-2019:1107","https://access.redhat.com/errata/RHSA-2019:1108","https://access.redhat.com/errata/RHSA-2019:1140","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://bugzilla.redhat.com/show_bug.cgi?id=1671098","https://github.com/advisories/GHSA-cjjf-94ff-43w7","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://seclists.org/bugtraq/2019/May/68","https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","http://www.securityfocus.com/bid/107585","https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC","https://security.netapp.com/advisory/ntap-20190530-0003","https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a"],"source_kind":"github","identifiers":["GHSA-cjjf-94ff-43w7","CVE-2018-12022"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.8.11.2","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.1"},{"first_patched_version":"2.7.9.4","vulnerable_version_range":"\u003c= 2.7.9.3"},{"first_patched_version":"2.9.6","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.6"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.019Z","updated_at":"2024-03-01T21:49:05.000Z","epss_percentage":0.03093,"epss_percentile":0.85601},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1Y3ctaGo2NS1xcXY5","url":"https://github.com/advisories/GHSA-85cw-hj65-qqv9","title":"Polymorphic Typing issue in FasterXML jackson-databind","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10, 2.8.11.5, and 2.6.7.3. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-09-23T18:33:45.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-16335","https://github.com/FasterXML/jackson-databind/issues/2449","https://access.redhat.com/errata/RHSA-2019:3200","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://access.redhat.com/errata/RHSA-2020:0729","https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E","https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E","https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E","https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/","https://seclists.org/bugtraq/2019/Oct/6","https://security.netapp.com/advisory/ntap-20191004-0002/","https://www.debian.org/security/2019/dsa-4542","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db","https://github.com/advisories/GHSA-85cw-hj65-qqv9"],"source_kind":"github","identifiers":["GHSA-85cw-hj65-qqv9","CVE-2019-16335"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003c 2.6.7.3"},{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.8.11.5"},{"first_patched_version":"2.9.10","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:28.082Z","updated_at":"2023-09-13T18:22:47.000Z","epss_percentage":0.0074,"epss_percentile":0.71567},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1OG0tdjU2di1ncmo0","url":"https://github.com/advisories/GHSA-758m-v56v-grj4","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-04-23T21:36:03.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-10969","https://github.com/FasterXML/jackson-databind/issues/2642","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/6ba48457984943df0de92c54144f7dcae01b1221","https://security.netapp.com/advisory/ntap-20200403-0002","https://github.com/advisories/GHSA-758m-v56v-grj4"],"source_kind":"github","identifiers":["GHSA-758m-v56v-grj4","CVE-2020-10969"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.146Z","updated_at":"2024-06-25T13:46:45.000Z","epss_percentage":0.01478,"epss_percentile":0.79845},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1waDQtdmhyeC1tdjY3","url":"https://github.com/advisories/GHSA-mph4-vhrx-mv67","title":"Deserialization of Untrusted Data in FasterXML jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2019-07-05T21:07:27.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-12384","https://doyensec.com/research.html","https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad","https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html","https://access.redhat.com/errata/RHSA-2019:1820","https://access.redhat.com/errata/RHSA-2019:2720","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:2935","https://access.redhat.com/errata/RHSA-2019:2936","https://access.redhat.com/errata/RHSA-2019:2937","https://access.redhat.com/errata/RHSA-2019:2938","https://access.redhat.com/errata/RHSA-2019:2998","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3200","https://access.redhat.com/errata/RHSA-2019:3292","https://access.redhat.com/errata/RHSA-2019:3297","https://access.redhat.com/errata/RHSA-2019:3901","https://access.redhat.com/errata/RHSA-2019:4352","https://blog.doyensec.com/2019/07/22/jackson-gadgets.html","https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe@%3Cnotifications.geode.apache.org%3E","https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://seclists.org/bugtraq/2019/Oct/6","https://www.debian.org/security/2019/dsa-4542","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/issues/2334","https://github.com/FasterXML/jackson-databind/commit/c9ef4a10d6f6633cf470d6a469514b68fa2be234","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC","https://security.netapp.com/advisory/ntap-20190703-0002","https://github.com/advisories/GHSA-mph4-vhrx-mv67"],"source_kind":"github","identifiers":["GHSA-mph4-vhrx-mv67","CVE-2019-12384"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.3"},{"first_patched_version":"2.7.9.6","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.9.6"},{"first_patched_version":"2.8.11.4","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11.4"},{"first_patched_version":"2.9.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.9.1"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:06.245Z","updated_at":"2025-06-07T01:09:51.651Z","epss_percentage":0.51675,"epss_percentile":0.97738},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzY3ctZzRtcS1jNXgy","url":"https://github.com/advisories/GHSA-h3cw-g4mq-c5x2","title":"Code Injection in jackson-databind","description":"This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:14:51.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-24616","https://github.com/FasterXML/jackson-databind/issues/2814","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20200904-0006/","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://github.com/FasterXML/jackson-databind/commit/3d97153944f7de9c19c1b3637b33d3cf1fbbe4d7","https://github.com/advisories/GHSA-h3cw-g4mq-c5x2"],"source_kind":"github","identifiers":["GHSA-h3cw-g4mq-c5x2","CVE-2020-24616"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.6","vulnerable_version_range":"\u003e= 2.0.0, \u003c= 2.9.10.5"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:06.076Z","updated_at":"2023-09-14T15:44:55.000Z","epss_percentage":0.03783,"epss_percentile":0.87561},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF4eHgtMnBwNy01aG14","url":"https://github.com/advisories/GHSA-qxxx-2pp7-5hmx","title":"jackson-databind is vulnerable to a deserialization flaw","description":"A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2018-10-16T17:21:35.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2017-7525","https://github.com/FasterXML/jackson-databind/issues/1599","https://github.com/FasterXML/jackson-databind/issues/1723","https://access.redhat.com/errata/RHSA-2017:1834","https://access.redhat.com/errata/RHSA-2017:1835","https://access.redhat.com/errata/RHSA-2017:1836","https://access.redhat.com/errata/RHSA-2017:1837","https://access.redhat.com/errata/RHSA-2017:1839","https://access.redhat.com/errata/RHSA-2017:1840","https://access.redhat.com/errata/RHSA-2017:2477","https://access.redhat.com/errata/RHSA-2017:2546","https://access.redhat.com/errata/RHSA-2017:2547","https://access.redhat.com/errata/RHSA-2017:2633","https://access.redhat.com/errata/RHSA-2017:2635","https://access.redhat.com/errata/RHSA-2017:2636","https://access.redhat.com/errata/RHSA-2017:2637","https://access.redhat.com/errata/RHSA-2017:2638","https://access.redhat.com/errata/RHSA-2017:3141","https://access.redhat.com/errata/RHSA-2017:3454","https://access.redhat.com/errata/RHSA-2017:3455","https://access.redhat.com/errata/RHSA-2017:3456","https://access.redhat.com/errata/RHSA-2017:3458","https://access.redhat.com/errata/RHSA-2018:0294","https://access.redhat.com/errata/RHSA-2018:0342","https://access.redhat.com/errata/RHSA-2018:1449","https://access.redhat.com/errata/RHSA-2018:1450","https://access.redhat.com/errata/RHSA-2019:0910","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3149","https://bugzilla.redhat.com/show_bug.cgi?id=1462702","https://cwiki.apache.org/confluence/display/WW/S2-055","https://github.com/advisories/GHSA-qxxx-2pp7-5hmx","https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E","https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E","https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E","https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E","https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html","https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us","https://www.debian.org/security/2017/dsa-4004","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E","https://github.com/FasterXML/jackson-databind/commit/3bfbb835e530055c1941ddf87fde0b08d08dcd38","https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1","https://github.com/FasterXML/jackson-databind/commit/680d75b011edd67a2d2a2e9980998a968194c2ef","https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c1","https://github.com/FasterXML/jackson-databind/commit/90042692085deeb05ae75c569c9909f7dba24415","https://github.com/FasterXML/jackson-databind/commit/fa87c1ddbe803ebb7295f5c2ebfe38e12f6e6162","https://github.com/FasterXML/jackson-databind/commit/fd8dec2c7fab8b4b4bd60502a0f1d63ec23c24da","https://security.netapp.com/advisory/ntap-20171214-0002"],"source_kind":"github","identifiers":["GHSA-qxxx-2pp7-5hmx","CVE-2017-7525"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.1","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.0"},{"first_patched_version":"2.6.7.1","vulnerable_version_range":"\u003c= 2.6.7.0"},{"first_patched_version":"2.8.9","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.9"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.529Z","updated_at":"2024-03-01T21:41:49.000Z","epss_percentage":0.77336,"epss_percentile":0.9891},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3dzktajgzbS1xN3F4","url":"https://github.com/advisories/GHSA-5ww9-j83m-q7qx","title":"Information exposure in FasterXML jackson-databind","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2019-05-23T09:32:24.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-12086","https://github.com/FasterXML/jackson-databind/issues/2326","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:2935","https://access.redhat.com/errata/RHSA-2019:2936","https://access.redhat.com/errata/RHSA-2019:2937","https://access.redhat.com/errata/RHSA-2019:2938","https://access.redhat.com/errata/RHSA-2019:2998","https://access.redhat.com/errata/RHSA-2019:3044","https://access.redhat.com/errata/RHSA-2019:3045","https://access.redhat.com/errata/RHSA-2019:3046","https://access.redhat.com/errata/RHSA-2019:3050","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3200","https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/05/msg00030.html","https://seclists.org/bugtraq/2019/May/68","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://web.archive.org/web/20200227030031/http://www.securityfocus.com/bid/109227","https://github.com/FasterXML/jackson-databind/commit/efc3c0d02f4743dbaa6d1b9c466772a2f13d966b","https://github.com/FasterXML/jackson-databind/commit/dda513bd7251b4f32b7b60b1c13740e3b5a43024","https://github.com/FasterXML/jackson-databind/commit/d30f036208ab1c60bd5ce429cb4f7f1a3e5682e8","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC","https://security.netapp.com/advisory/ntap-20190530-0003","https://web.archive.org/web/20200808181049/http://russiansecurity.expert/2016/04/20/mysql-connect-file-read","https://github.com/advisories/GHSA-5ww9-j83m-q7qx"],"source_kind":"github","identifiers":["GHSA-5ww9-j83m-q7qx","CVE-2019-12086"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.3"},{"first_patched_version":"2.7.9.6","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.9.6"},{"first_patched_version":"2.8.11.4","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11.4"},{"first_patched_version":"2.9.9","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.9"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:30.093Z","updated_at":"2024-03-15T01:06:42.000Z","epss_percentage":0.15745,"epss_percentile":0.94152},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2dnAtZnh3Ni1qY3hy","url":"https://github.com/advisories/GHSA-9vvp-fxw6-jcxr","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-05-15T18:58:47.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-11113","https://github.com/FasterXML/jackson-databind/issues/2670","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88","https://github.com/FasterXML/jackson-databind/commit/e2ba12d5d60715d95105e3e790fc234cfb59893d","https://security.netapp.com/advisory/ntap-20200403-0002","https://github.com/advisories/GHSA-9vvp-fxw6-jcxr"],"source_kind":"github","identifiers":["GHSA-9vvp-fxw6-jcxr","CVE-2020-11113"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.103Z","updated_at":"2024-03-15T00:48:55.000Z","epss_percentage":0.5882,"epss_percentile":0.98039},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqbXctdmY5aC1nMjV2","url":"https://github.com/advisories/GHSA-gjmw-vf9h-g25v","title":"jackson-databind polymorphic typing issue","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. ","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-11-13T00:32:38.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-17531","https://github.com/FasterXML/jackson-databind/issues/2498","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://access.redhat.com/errata/RHSA-2019:4192","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html","https://security.netapp.com/advisory/ntap-20191024-0005/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://github.com/FasterXML/jackson-databind/commit/b5a304a98590b6bb766134f9261e6566dcbbb6d0","https://github.com/advisories/GHSA-gjmw-vf9h-g25v"],"source_kind":"github","identifiers":["GHSA-gjmw-vf9h-g25v","CVE-2019-17531"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003c 2.6.7.3"},{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.8.11.5"},{"first_patched_version":"2.9.10.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10.1"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:06.113Z","updated_at":"2023-09-14T14:55:25.000Z","epss_percentage":0.0119,"epss_percentile":0.77612},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMycTMtNHFyaC1mbTQ4","url":"https://github.com/advisories/GHSA-c2q3-4qrh-fm48","title":"Deserialization of untrusted data in Jackson Databind","description":"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-06-18T14:44:50.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-14061","https://github.com/FasterXML/jackson-databind/issues/2698","https://github.com/FasterXML/jackson-databind/commit/5c8642aeae9c756b438ab7637c90ef3c77966e6e","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316","https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html","https://security.netapp.com/advisory/ntap-20200702-0003/","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/advisories/GHSA-c2q3-4qrh-fm48"],"source_kind":"github","identifiers":["GHSA-c2q3-4qrh-fm48","CVE-2020-14061"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.5","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:23.984Z","updated_at":"2023-02-01T05:04:14.000Z","epss_percentage":0.0615,"epss_percentile":0.90365},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYzajUtcm1tcC0zZmM1","url":"https://github.com/advisories/GHSA-f3j5-rmmp-3fc5","title":"Improper Input Validation in jackson-databind","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10 and 2.8.11.5. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-06-15T18:44:48.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-17267","https://github.com/FasterXML/jackson-databind/issues/2460","https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10","https://access.redhat.com/errata/RHSA-2019:3200","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html","https://security.netapp.com/advisory/ntap-20191017-0006/","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/191a4cdf87b56d2ddddb77edd895ee756b7f75eb","https://github.com/advisories/GHSA-f3j5-rmmp-3fc5"],"source_kind":"github","identifiers":["GHSA-f3j5-rmmp-3fc5","CVE-2019-17267"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003c 2.8.11.5"},{"first_patched_version":"2.9.10","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:24.114Z","updated_at":"2023-09-13T18:28:29.000Z","epss_percentage":0.01357,"epss_percentile":0.79016},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzeHctYzk2My1mNWhj","url":"https://github.com/advisories/GHSA-v3xw-c963-f5hc","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-05-15T18:58:50.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-11111","https://github.com/FasterXML/jackson-databind/issues/2664","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20200403-0002/","https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/advisories/GHSA-v3xw-c963-f5hc"],"source_kind":"github","identifiers":["GHSA-v3xw-c963-f5hc","CVE-2020-11111"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.112Z","updated_at":"2023-02-01T05:03:05.000Z","epss_percentage":0.02196,"epss_percentile":0.83504},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVyNXItNmhwai04Z2c5","url":"https://github.com/advisories/GHSA-5r5r-6hpj-8gg9","title":"Serialization gadget exploit in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:15:24.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-35728","https://github.com/FasterXML/jackson-databind/issues/2999","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210129-0007/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/1ca0388c2fb37ac6a06f1c188ae89c41e3e15e84","https://github.com/advisories/GHSA-5r5r-6hpj-8gg9"],"source_kind":"github","identifiers":["GHSA-5r5r-6hpj-8gg9","CVE-2020-35728"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.0.0, \u003c= 2.9.10.7"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:08.114Z","updated_at":"2023-11-21T11:40:53.000Z","epss_percentage":0.41431,"epss_percentile":0.97183},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdycjctMzNmeC1yY3Zq","url":"https://github.com/advisories/GHSA-wrr7-33fx-rcvj","title":"Deserialization of Untrusted Data in jackson-databind","description":"**Withdrawn:** Duplicate of GHSA-cjjf-94ff-43w7","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-06-15T18:44:56.000Z","withdrawn_at":"2020-06-16T20:28:06.000Z","classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-12022","https://github.com/FasterXML/jackson-databind/issues/2052","https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:0877","https://access.redhat.com/errata/RHSA-2019:1106","https://access.redhat.com/errata/RHSA-2019:1107","https://access.redhat.com/errata/RHSA-2019:1108","https://access.redhat.com/errata/RHSA-2019:1140","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://bugzilla.redhat.com/show_bug.cgi?id=1671098","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://seclists.org/bugtraq/2019/May/68","https://security.netapp.com/advisory/ntap-20190530-0003/","https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","http://www.securityfocus.com/bid/107585","https://github.com/advisories/GHSA-wrr7-33fx-rcvj"],"source_kind":"github","identifiers":["GHSA-wrr7-33fx-rcvj"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.6","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.6"},{"first_patched_version":"2.8.11.2","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.1"},{"first_patched_version":"2.7.9.4","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:24.140Z","updated_at":"2023-01-09T05:02:25.000Z","epss_percentage":null,"epss_percentile":null},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1Y20tODhmNS1mMmM3","url":"https://github.com/advisories/GHSA-95cm-88f5-f2c7","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-04-23T16:32:59.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-10672","https://github.com/FasterXML/jackson-databind/issues/2659","https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88","https://github.com/FasterXML/jackson-databind/commit/592872f4235c7f2a3280725278da55544032f72d","https://security.netapp.com/advisory/ntap-20200403-0002","https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://github.com/advisories/GHSA-95cm-88f5-f2c7"],"source_kind":"github","identifiers":["GHSA-95cm-88f5-f2c7","CVE-2020-10672"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.185Z","updated_at":"2024-07-03T21:10:50.000Z","epss_percentage":0.4007,"epss_percentile":0.97046},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0cmMtMzg2Zy02bTg1","url":"https://github.com/advisories/GHSA-h4rc-386g-6m85","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-04-23T20:19:02.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-11620","https://github.com/FasterXML/jackson-databind/issues/2682","https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88","https://github.com/FasterXML/jackson-databind/commit/77040d85e3eb6710508e6445640ae1a3d5e60c22","https://security.netapp.com/advisory/ntap-20200511-0004","https://github.com/advisories/GHSA-h4rc-386g-6m85"],"source_kind":"github","identifiers":["GHSA-h4rc-386g-6m85","CVE-2020-11620"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.176Z","updated_at":"2024-03-15T00:41:35.000Z","epss_percentage":0.02796,"epss_percentile":0.84836},{"uuid":"GSA_kwCzR0hTQS12NTg1LTIzaGMtYzY0N80WqA","url":"https://github.com/advisories/GHSA-v585-23hc-c647","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-11-19T20:13:06.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36186","https://github.com/FasterXML/jackson-databind/issues/2997","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://security.netapp.com/advisory/ntap-20210205-0005/","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/3e8fa3beea49ea62109df9e643c9cb678dabdde1","https://github.com/advisories/GHSA-v585-23hc-c647"],"source_kind":"github","identifiers":["GHSA-v585-23hc-c647","CVE-2020-36186"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:44.323Z","updated_at":"2023-09-14T15:59:33.000Z","epss_percentage":0.02039,"epss_percentile":0.82754},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI4OGMtY3E0aC04OGdx","url":"https://github.com/advisories/GHSA-288c-cq4h-88gq","title":"XML External Entity (XXE) Injection in Jackson Databind","description":"A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-02-18T20:51:54.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-25649","https://github.com/FasterXML/jackson-databind/issues/2589","https://bugzilla.redhat.com/show_bug.cgi?id=1887664","https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83@%3Ccommits.servicecomb.apache.org%3E","https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb@%3Ccommits.karaf.apache.org%3E","https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd@%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cdev.kafka.apache.org%3E","https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cusers.kafka.apache.org%3E","https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cdev.kafka.apache.org%3E","https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cusers.kafka.apache.org%3E","https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22@%3Ccommits.karaf.apache.org%3E","https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a@%3Ccommits.tomee.apache.org%3E","https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3@%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1@%3Ccommits.karaf.apache.org%3E","https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca@%3Cjira.kafka.apache.org%3E","https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402@%3Ccommits.karaf.apache.org%3E","https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1@%3Cdev.hive.apache.org%3E","https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386@%3Ccommits.turbine.apache.org%3E","https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042@%3Creviews.iotdb.apache.org%3E","https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8@%3Cnotifications.iotdb.apache.org%3E","https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60@%3Creviews.iotdb.apache.org%3E","https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb@%3Creviews.iotdb.apache.org%3E","https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07@%3Ccommits.iotdb.apache.org%3E","https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61@%3Cdev.knox.apache.org%3E","https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb@%3Cdev.knox.apache.org%3E","https://www.oracle.com/security-alerts/cpuApr2021.html","https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3@%3Cuser.spark.apache.org%3E","https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E","https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E","https://www.oracle.com//security-alerts/cpujul2021.html","https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E","https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E","https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949@%3Cissues.hive.apache.org%3E","https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc@%3Cissues.hive.apache.org%3E","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/3d932709abd0b5390efe67451653fc9efa9db677","https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59","https://security.netapp.com/advisory/ntap-20210108-0007","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT","https://github.com/advisories/GHSA-288c-cq4h-88gq"],"source_kind":"github","identifiers":["GHSA-288c-cq4h-88gq","CVE-2020-25649"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.4","vulnerable_version_range":"\u003e= 2.6.0, \u003c= 2.6.7.3"},{"first_patched_version":"2.10.5.1","vulnerable_version_range":"\u003e= 2.10.0.0, \u003c= 2.10.5.0"},{"first_patched_version":"2.9.10.7","vulnerable_version_range":"\u003e= 2.7.0.0, \u003c= 2.9.10.6"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:11.444Z","updated_at":"2024-03-15T00:31:24.000Z","epss_percentage":0.00011,"epss_percentile":0.01063},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ3cXAtdjR2Ni1jODdj","url":"https://github.com/advisories/GHSA-6wqp-v4v6-c87c","title":"Deserialization of Untrusted Data","description":"An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-06-15T18:44:51.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-12023","https://github.com/FasterXML/jackson-databind/issues/2058","https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:0877","https://access.redhat.com/errata/RHSA-2019:1106","https://access.redhat.com/errata/RHSA-2019:1107","https://access.redhat.com/errata/RHSA-2019:1108","https://access.redhat.com/errata/RHSA-2019:1140","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://seclists.org/bugtraq/2019/May/68","https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","http://www.securityfocus.com/bid/105659","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a","https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC","https://security.netapp.com/advisory/ntap-20190530-0003","https://github.com/advisories/GHSA-6wqp-v4v6-c87c"],"source_kind":"github","identifiers":["GHSA-6wqp-v4v6-c87c","CVE-2018-12023"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.6","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.6"},{"first_patched_version":"2.8.11.2","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.1"},{"first_patched_version":"2.7.9.4","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:24.131Z","updated_at":"2024-03-01T21:50:31.000Z","epss_percentage":0.049,"epss_percentile":0.88598},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmNnItM3dnYy1oODYz","url":"https://github.com/advisories/GHSA-cf6r-3wgc-h863","title":"Polymorphic deserialization of malicious object in jackson-databind","description":"A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5, and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-05-15T18:58:58.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-14892","https://github.com/FasterXML/jackson-databind/issues/2462","https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af","https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b","https://access.redhat.com/errata/RHSA-2020:0729","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://security.netapp.com/advisory/ntap-20200904-0005/","https://github.com/advisories/GHSA-cf6r-3wgc-h863"],"source_kind":"github","identifiers":["GHSA-cf6r-3wgc-h863","CVE-2019-14892"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.8.11.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.8.11.4"},{"first_patched_version":"2.9.10","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10"},{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003c= 2.6.7.2"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.137Z","updated_at":"2023-09-14T15:07:14.000Z","epss_percentage":0.00873,"epss_percentile":0.74214},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3eGotcnF4NS0yMjU1","url":"https://github.com/advisories/GHSA-27xj-rqx5-2255","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-05-15T18:58:44.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-11619","https://github.com/FasterXML/jackson-databind/issues/2680","https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20200511-0004/","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://github.com/advisories/GHSA-27xj-rqx5-2255"],"source_kind":"github","identifiers":["GHSA-27xj-rqx5-2255","CVE-2020-11619"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.093Z","updated_at":"2023-02-01T05:02:59.000Z","epss_percentage":0.01826,"epss_percentile":0.81832},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwMzQtNW02cC1wNThn","url":"https://github.com/advisories/GHSA-5p34-5m6p-p58g","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-04-23T21:08:40.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-9546","https://github.com/FasterXML/jackson-databind/issues/2631","https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://security.netapp.com/advisory/ntap-20200904-0006/","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/advisories/GHSA-5p34-5m6p-p58g"],"source_kind":"github","identifiers":["GHSA-5p34-5m6p-p58g","CVE-2020-9546"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.156Z","updated_at":"2023-02-01T05:02:59.000Z","epss_percentage":0.02327,"epss_percentile":0.83854},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjNGotMzRyNC14cjhn","url":"https://github.com/advisories/GHSA-8c4j-34r4-xr8g","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:16:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36180","https://github.com/FasterXML/jackson-databind/issues/3004","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b","https://github.com/advisories/GHSA-8c4j-34r4-xr8g"],"source_kind":"github","identifiers":["GHSA-8c4j-34r4-xr8g","CVE-2020-36180"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.5"},{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.441Z","updated_at":"2023-09-14T16:13:01.000Z","epss_percentage":0.01957,"epss_percentile":0.82508},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5cXItMzY5Zi01bTV4","url":"https://github.com/advisories/GHSA-89qr-369f-5m5x","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:15:46.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36182","https://github.com/FasterXML/jackson-databind/issues/3004","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b","https://github.com/advisories/GHSA-89qr-369f-5m5x"],"source_kind":"github","identifiers":["GHSA-89qr-369f-5m5x","CVE-2020-36182"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.5"},{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.404Z","updated_at":"2023-09-14T16:08:37.000Z","epss_percentage":0.01957,"epss_percentile":0.82508},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3MjYtNmYyNS1jbTl4","url":"https://github.com/advisories/GHSA-8w26-6f25-cm9x","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:16:02.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36185","https://github.com/FasterXML/jackson-databind/issues/2998","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/567194c53ae91f0a14dc27239afb739b1c10448a","https://github.com/advisories/GHSA-8w26-6f25-cm9x"],"source_kind":"github","identifiers":["GHSA-8w26-6f25-cm9x","CVE-2020-36185"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.423Z","updated_at":"2023-09-14T15:52:49.000Z","epss_percentage":0.01957,"epss_percentile":0.82508},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncGgtMjJ4aC04eDk4","url":"https://github.com/advisories/GHSA-9gph-22xh-8x98","title":"Unsafe Deserialization in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-12-09T19:15:54.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-36179","https://github.com/FasterXML/jackson-databind/issues/3004","https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436@%3Cissues.spark.apache.org%3E","https://security.netapp.com/advisory/ntap-20210205-0005/","https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b","https://github.com/advisories/GHSA-9gph-22xh-8x98"],"source_kind":"github","identifiers":["GHSA-9gph-22xh-8x98","CVE-2020-36179"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.5","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.5"},{"first_patched_version":"2.9.10.8","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.9.10.8"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:10.414Z","updated_at":"2023-09-14T16:07:40.000Z","epss_percentage":0.61296,"epss_percentile":0.98175},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA0M3gteGZqZi01amhy","url":"https://github.com/advisories/GHSA-p43x-xfjf-5jhr","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-05-15T18:59:01.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-9548","https://github.com/FasterXML/jackson-databind/issues/2634","https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E","https://www.oracle.com/security-alerts/cpujul2020.html","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/FasterXML/jackson-databind/commit/9f4e97019fb0dd836533d0b6198c88787e235ae2","https://github.com/FasterXML/jackson-databind/commit/1e64db6a2fad331f96c7363fda3bc5f3dffa25bb","https://security.netapp.com/advisory/ntap-20200904-0006","https://github.com/advisories/GHSA-p43x-xfjf-5jhr"],"source_kind":"github","identifiers":["GHSA-p43x-xfjf-5jhr","CVE-2020-9548"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.9.7","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.7.9.7"},{"first_patched_version":"2.8.11.6","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11.6"},{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.10.4"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:25.166Z","updated_at":"2024-03-15T00:20:09.000Z","epss_percentage":0.13945,"epss_percentile":0.9372},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyN2otaDZnZy1qbWdj","url":"https://github.com/advisories/GHSA-qr7j-h6gg-jmgc","title":"Deserialization of Untrusted Data in jackson-databind","description":"An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-07-16T17:42:21.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-11307","https://access.redhat.com/errata/RHSA-2019:0782","https://github.com/FasterXML/jackson-databind/issues/2032","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://nvd.nist.gov/vuln/detail/CVE-2017-7525","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","https://github.com/FasterXML/jackson-databind/commit/051bd5e447fbc9539e12a4fe90eb989dba0c656","https://github.com/FasterXML/jackson-databind/commit/27b4defc270454dea6842bd9279f17387eceb73","https://github.com/FasterXML/jackson-databind/commit/78e78738d69adcb59fdac9fc12d9053ce8809f3d","https://github.com/advisories/GHSA-qr7j-h6gg-jmgc"],"source_kind":"github","identifiers":["GHSA-qr7j-h6gg-jmgc","CVE-2018-11307"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.8.11.2","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.1"},{"first_patched_version":"2.7.9.4","vulnerable_version_range":"\u003e= 2.0.0, \u003c= 2.7.9.3"},{"first_patched_version":"2.9.6","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.6"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:06.122Z","updated_at":"2024-03-01T21:46:20.000Z","epss_percentage":0.12636,"epss_percentile":0.93533},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY0NXAtODhxaC13Mzk4","url":"https://github.com/advisories/GHSA-645p-88qh-w398","title":"Arbitrary Code Execution in jackson-databind","description":"FasterXML jackson-databind 2.x before 2.9.7, 2.8.11.3, 2.7.9.5, and 2.6.7.3 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2019-01-04T19:06:55.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-14718","https://github.com/FasterXML/jackson-databind/issues/2097","https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44","https://access.redhat.com/errata/RHBA-2019:0959","https://access.redhat.com/errata/RHSA-2019:0782","https://access.redhat.com/errata/RHSA-2019:0877","https://access.redhat.com/errata/RHSA-2019:1782","https://access.redhat.com/errata/RHSA-2019:1797","https://access.redhat.com/errata/RHSA-2019:1822","https://access.redhat.com/errata/RHSA-2019:1823","https://access.redhat.com/errata/RHSA-2019:2804","https://access.redhat.com/errata/RHSA-2019:2858","https://access.redhat.com/errata/RHSA-2019:3002","https://access.redhat.com/errata/RHSA-2019:3140","https://access.redhat.com/errata/RHSA-2019:3149","https://access.redhat.com/errata/RHSA-2019:3892","https://access.redhat.com/errata/RHSA-2019:4037","https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7","https://github.com/advisories/GHSA-645p-88qh-w398","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html","https://seclists.org/bugtraq/2019/May/68","https://security.netapp.com/advisory/ntap-20190530-0003/","https://www.debian.org/security/2019/dsa-4452","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","http://www.securityfocus.com/bid/106601"],"source_kind":"github","identifiers":["GHSA-645p-88qh-w398","CVE-2018-14718"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.6.7.3"},{"first_patched_version":"2.7.9.5","vulnerable_version_range":"\u003e= 2.7.0, \u003c= 2.7.9.4"},{"first_patched_version":"2.8.11.3","vulnerable_version_range":"\u003e= 2.8.0, \u003c= 2.8.11.2"},{"first_patched_version":"2.9.7","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.7"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:12:59.028Z","updated_at":"2025-06-07T01:10:59.363Z","epss_percentage":0.14747,"epss_percentile":0.94124},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4cHAtOWM3Ni01NjI1","url":"https://github.com/advisories/GHSA-58pp-9c76-5625","title":"jackson-databind mishandles the interaction between serialization gadgets and typing","description":"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-06-10T21:12:41.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-11112","https://github.com/FasterXML/jackson-databind/issues/2666","https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","https://security.netapp.com/advisory/ntap-20200403-0002/","https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://github.com/advisories/GHSA-58pp-9c76-5625"],"source_kind":"github","identifiers":["GHSA-58pp-9c76-5625","CVE-2020-11112"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.10.4","vulnerable_version_range":"\u003e= 2.9.0, \u003c= 2.9.10.3"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:24.225Z","updated_at":"2023-02-01T05:03:03.000Z","epss_percentage":0.11418,"epss_percentile":0.92941},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3cDQtaGZ2Ni1wN2h3","url":"https://github.com/advisories/GHSA-gwp4-hfv6-p7hw","title":"Deserialization of untrusted data in FasterXML jackson-databind","description":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2, 2.8.11.4, 2.7.9.6, and 2.6.7.3. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2019-08-01T19:18:06.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-14439","https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b","https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2","https://github.com/FasterXML/jackson-databind/issues/2389","https://access.redhat.com/errata/RHSA-2019:3200","https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/08/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/","https://seclists.org/bugtraq/2019/Oct/6","https://security.netapp.com/advisory/ntap-20190814-0001/","https://www.debian.org/security/2019/dsa-4542","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://github.com/advisories/GHSA-gwp4-hfv6-p7hw"],"source_kind":"github","identifiers":["GHSA-gwp4-hfv6-p7hw","CVE-2019-14439"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.8.11.4","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.11.4"},{"first_patched_version":"2.6.7.3","vulnerable_version_range":"\u003c 2.6.7.3"},{"first_patched_version":"2.7.9.6","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.9.6"},{"first_patched_version":"2.9.9.2","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.9.2"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:13:07.671Z","updated_at":"2023-11-27T23:03:29.000Z","epss_percentage":0.10318,"epss_percentile":0.92687},{"uuid":"GSA_kwCzR0hTQS1qampoLWpqeHAtd3BmZs4AAvJv","url":"https://github.com/advisories/GHSA-jjjh-jjxp-wpff","title":"Uncontrolled Resource Consumption in Jackson-databind","description":"In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0.\n\nCommits that introduced vulnerable code are \nhttps://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc.\n\nFix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.\n\nThe `2.13.4.1` release does fix this issue, however it also references a non-existent jackson-bom which causes build failures for gradle users. See https://github.com/FasterXML/jackson-databind/issues/3627#issuecomment-1277957548 for details. This is fixed in `2.13.4.2` which is listed in the advisory metadata so that users are not subjected to unnecessary build failures","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-10-03T00:00:31.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2022-42003","https://github.com/FasterXML/jackson-databind/issues/3590","https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020","https://github.com/FasterXML/jackson-databind/blob/2.13/release-notes/VERSION-2.x","https://security.gentoo.org/glsa/202210-21","https://github.com/FasterXML/jackson-databind/issues/3627","https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea","https://www.debian.org/security/2022/dsa-5283","https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html","https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc","https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1","https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45","https://github.com/FasterXML/jackson-databind/commits/jackson-databind-2.4.0-rc1?after=75b97b8519f0d50c62523ad85170d80a197a2c86+174\u0026branch=jackson-databind-2.4.0-rc1\u0026qualified_name=refs%2Ftags%2Fjackson-databind-2.4.0-rc1","https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.13.4.1...jackson-databind-2.13.4.2","https://github.com/FasterXML/jackson-databind/commit/2c4a601c626f7790cad9d3c322d244e182838288","https://security.netapp.com/advisory/ntap-20221124-0004","https://github.com/advisories/GHSA-jjjh-jjxp-wpff"],"source_kind":"github","identifiers":["GHSA-jjjh-jjxp-wpff","CVE-2022-42003"],"repository_url":"https://github.com/FasterXML/jackson-databind","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.13.4.2","vulnerable_version_range":"\u003e= 2.13.0, \u003c 2.13.4.2"},{"first_patched_version":"2.12.7.1","vulnerable_version_range":"\u003e= 2.4.0-rc1, \u003c 2.12.7.1"}],"ecosystem":"maven","package_name":"com.fasterxml.jackson.core:jackson-databind"}],"created_at":"2022-12-21T16:11:51.356Z","updated_at":"2024-09-13T18:29:14.000Z","epss_percentage":0.00168,"epss_percentile":0.38955}],"docker_usage_url":"https://docker.ecosyste.ms/usage/maven/com.fasterxml.jackson.core:jackson-databind","docker_dependents_count":44228,"docker_downloads_count":16203456674,"usage_url":"https://repos.ecosyste.ms/usage/maven/com.fasterxml.jackson.core:jackson-databind","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/maven/com.fasterxml.jackson.core:jackson-databind/dependencies","status":null,"funding_links":["https://tidelift.com/funding/github/maven/com.fasterxml.jackson.core:jackson-databind","https://github.com/sponsors/cowtowncoder"],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/com.fasterxml.jackson.core:jackson-databind/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/com.fasterxml.jackson.core:jackson-databind/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/com.fasterxml.jackson.core:jackson-databind/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/com.fasterxml.jackson.core:jackson-databind/related_packages","maintainers":[],"registry":{"name":"repo1.maven.org","url":"https://repo.maven.apache.org/maven2","ecosystem":"maven","default":true,"packages_count":522677,"maintainers_count":0,"namespaces_count":69506,"keywords_count":32319,"github":"maven-central","metadata":{"funded_packages_count":25462},"icon_url":"https://github.com/maven-central.png","created_at":"2022-07-21T16:40:13.074Z","updated_at":"2025-06-17T05:11:26.284Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/namespaces"}},"unique_repositories_count":5,"unique_repositories_count_past_30_days":2,"recent_issues":[{"uuid":"3897027270","node_id":"PR_kwDOHYbty87BfdMo","number":160,"state":"closed","title":"[CORE-69]: Bump the minor-patch-dependencies group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependency","gradle"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-01T11:07:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-04T15:11:34.000Z","updated_at":"2026-03-01T11:07:34.000Z","time_to_close":2145359,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-patch-dependencies","update_count":16,"packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.20.1","new_version":"2.21.0","repository_url":"https://github.com/FasterXML/jackson"},{"name":"org.postgresql:postgresql","old_version":"42.7.8","new_version":"42.7.9","repository_url":"https://github.com/pgjdbc/pgjdbc"},{"name":"org.springframework.boot:spring-boot-starter-data-jdbc","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-web","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-validation","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-thymeleaf","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-configuration-processor","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-test","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-actuator","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"io.sentry:sentry-spring-boot-starter","old_version":"8.29.0","new_version":"8.31.0","repository_url":"https://github.com/getsentry/sentry-java"},{"name":"ch.qos.logback:logback-classic","old_version":"1.5.23","new_version":"1.5.27","repository_url":"https://github.com/qos-ch/logback"},{"name":"io.micrometer:micrometer-registry-prometheus","old_version":"1.16.1","new_version":"1.16.2","repository_url":"https://github.com/micrometer-metrics/micrometer"},{"name":"com.diffplug.spotless:spotless-plugin-gradle","old_version":"8.1.0","new_version":"8.2.1","repository_url":"https://github.com/diffplug/spotless"},{"name":"de.undercouch.download:de.undercouch.download.gradle.plugin","old_version":"5.6.0","new_version":"5.7.0","repository_url":"https://github.com/michel-kraemer/gradle-download-task"},{"name":"org.springframework.boot:spring-boot-gradle-plugin","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-patch-dependencies group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.20.1` | `2.21.0` |\n| [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) | `42.7.8` | `42.7.9` |\n| [org.springframework.boot:spring-boot-starter-data-jdbc](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-web](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-validation](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-thymeleaf](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-configuration-processor](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-actuator](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [io.sentry:sentry-spring-boot-starter](https://github.com/getsentry/sentry-java) | `8.29.0` | `8.31.0` |\n| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.23` | `1.5.27` |\n| [io.micrometer:micrometer-registry-prometheus](https://github.com/micrometer-metrics/micrometer) | `1.16.1` | `1.16.2` |\n| [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless) | `8.1.0` | `8.2.1` |\n| [de.undercouch.download:de.undercouch.download.gradle.plugin](https://github.com/michel-kraemer/gradle-download-task) | `5.6.0` | `5.7.0` |\n| [org.springframework.boot:spring-boot-gradle-plugin](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.20.1 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.postgresql:postgresql` from 42.7.8 to 42.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pgjdbc/pgjdbc/releases\"\u003eorg.postgresql:postgresql's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev42.7.9\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded changelogs for version 42.7.9 \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3908\"\u003e#3908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ethe classloader is nullable, and remove a space \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3907\"\u003e#3907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix:  incorrect pg_stat_replication.reply_time calculation \u003ca href=\"https://github.com/atorik\"\u003e\u003ccode\u003e@​atorik\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3906\"\u003e#3906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3892\"\u003e#3892\u003c/a\u003e, PGXAConnection.prepare(Xid) should return XA_RDONLY if the connection is read only \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix badges for maven central and search paths. Sonatype has changed the search paths \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3901\"\u003e#3901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: make all Calendar instances proleptic Gregorian (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3837\"\u003e#3837\u003c/a\u003e) \u003ca href=\"https://github.com/m-van-tilburg\"\u003e\u003ccode\u003e@​m-van-tilburg\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3887\"\u003e#3887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etest: add CI tests with Java 26 \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3893\"\u003e#3893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eperf: optimize PGInterval.getValue() by replacing String.format with StringBuilder \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3866\"\u003e#3866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euse ssl_is_used() to check for ssl connection \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3867\"\u003e#3867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd PEMKeyManager to handle PEM based certs and keys. \u003ca href=\"https://github.com/harinath001\"\u003e\u003ccode\u003e@​harinath001\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3700\"\u003e#3700\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eComment and simplify the complex state machine logic in QueryExecutorImpl \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3850\"\u003e#3850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;fix: Issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3784\"\u003e#3784\u003c/a\u003e pgjdbc can't decode numeric arrays containing special numbers like NaN\u0026quot; \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3851\"\u003e#3851\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: Issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3784\"\u003e#3784\u003c/a\u003e pgjdbc can't decode numeric arrays containing special numbers like NaN \u003ca href=\"https://github.com/ShenFeng312\"\u003e\u003ccode\u003e@​ShenFeng312\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3838\"\u003e#3838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSmall simplication of locking patterns in QueryExecutorBase \u003ca href=\"https://github.com/Sanne\"\u003e\u003ccode\u003e@​Sanne\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3849\"\u003e#3849\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edoc: update property quoteReturningIdentifiers default value \u003ca href=\"https://github.com/sodekim\"\u003e\u003ccode\u003e@​sodekim\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3847\"\u003e#3847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: default query timeout property \u003ca href=\"https://github.com/cfredri4\"\u003e\u003ccode\u003e@​cfredri4\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecreate action to deploy docs to \u003ca href=\"https://pgjdbc.github.io/\"\u003ehttps://pgjdbc.github.io/\u003c/a\u003e \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3819\"\u003e#3819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix homepage release note \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3817\"\u003e#3817\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: close temporary lob descriptors that are used internally in PreparedStatement#setBlob \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3903\"\u003e#3903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: avoid memory leaks in Java \u0026lt;= 21 caused by Thread.inheritedAccessControlContext \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3886\"\u003e#3886\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📝 Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edoc: add the new PGP signing key to the official documentation \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3813\"\u003e#3813\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🧰 Maintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove unused com.github.spotbugs Gradle plugin dependency \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3868\"\u003e#3868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: drop SpotBugs as we do not seem to use it \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3834\"\u003e#3834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: bump version to 42.7.9 after 42.7.8 release \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3810\"\u003e#3810\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⬆️ Dependencies\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update actions/create-github-app-token digest to 29824e6 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3898\"\u003e#3898\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(deps): update actions/setup-java digest to c1e3236 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3899\"\u003e#3899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(deps): update codecov/codecov-action digest to 671740a \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3900\"\u003e#3900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency org.junit:junit-bom to v5.14.1 - autoclosed \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3884\"\u003e#3884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency org.apache.bcel:bcel to v6.11.0 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3883\"\u003e#3883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency org.mockito:mockito-bom to v5.20.0 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3885\"\u003e#3885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency net.bytebuddy:byte-buddy-parent to v1.18.2 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3882\"\u003e#3882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to 497990d \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3881\"\u003e#3881\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md\"\u003eorg.postgresql:postgresql's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[42.7.9] (2026-01-14)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: query timeout property [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3705\"\u003e#3705\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3705\"\u003epgjdbc/pgjdbc#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: Add PEMKeyManager to handle PEM based certs and keys [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3700\"\u003e#3700\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3700\"\u003epgjdbc/pgjdbc#3700\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eperf: optimize PGInterval.getValue() by replacing String.format with StringBuilder\u003c/li\u003e\n\u003cli\u003edoc: update property quoteReturningIdentifiers default value [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3847\"\u003e#3847\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3847\"\u003epgjdbc/pgjdbc#3847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: Use a static method forName to load all user supplied classes. Use the Class.forName 3 parameter method and do not initilize it unless it is a subclass of the expected class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: incorrect pg_stat_replication.reply_time calculation [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3906\"\u003e#3906\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3906\"\u003epgjdbc/pgjdbc#3906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: close temporary lob descriptors that are used internally in PreparedStatement#setBlob\u003c/li\u003e\n\u003cli\u003efix: PGXAConnection.prepare(Xid) should return XA_RDONLY if the connection is read only [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3897\"\u003e#3897\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3897\"\u003epgjdbc/pgjdbc#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: make all Calendar instances proleptic Gregorian [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3837\"\u003e#3837\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3887\"\u003epgjdbc/pgjdbc#3887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: Simplify concurrency guards on QueryExecutorBase#transaction and QueryExecutorBase#standardConformingStrings [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3897\"\u003e#3897\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3849\"\u003epgjdbc/pgjdbc#3849\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: avoid memory leaks in Java \u0026lt;= 21 caused by Thread.inheritedAccessControlContext [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3886\"\u003e#3886\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3886\"\u003epgjdbc/pgjdbc#3886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: Issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3784\"\u003e#3784\u003c/a\u003e pgjdbc can't decode numeric arrays containing special numbers like NaN [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3838\"\u003e#3838\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3838\"\u003epgjdbc/pgjdbc#3838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: use ssl_is_used() to check for ssl connection [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3867\"\u003e#3867\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3867\"\u003epgjdbc/pgjdbc#3867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: the classloader is nullable [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3907\"\u003e#3907\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3907\"\u003epgjdbc/pgjdbc#3907\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/79b784e3a63def9d12088471334399a53016d880\"\u003e\u003ccode\u003e79b784e\u003c/code\u003e\u003c/a\u003e Added changelogs for version 42.7.9 (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3908\"\u003e#3908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/1c00ffc02be1570027b6510cbcd760b916227800\"\u003e\u003ccode\u003e1c00ffc\u003c/code\u003e\u003c/a\u003e doc: add the new PGP signing key to the official documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/f774000c105ddb2971f50dc5cf51a2d20ee4c14a\"\u003e\u003ccode\u003ef774000\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/create-github-app-token digest to 29824e6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/27daf3b48b8b7d266ba680f59345f3723e2786d2\"\u003e\u003ccode\u003e27daf3b\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/setup-java digest to c1e3236\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/6eb01ff6bcb7ba6d71c9363a29d7305911861946\"\u003e\u003ccode\u003e6eb01ff\u003c/code\u003e\u003c/a\u003e chore(deps): update codecov/codecov-action digest to 671740a\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/dbf1e57747709b560da16fdcec0ba9e927393516\"\u003e\u003ccode\u003edbf1e57\u003c/code\u003e\u003c/a\u003e the classloader is nullable, and remove a space (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3907\"\u003e#3907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/6a20574f4c896b3f02d7f36d21ab1f3da15c3936\"\u003e\u003ccode\u003e6a20574\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/c07721af972eee4f10873b1a23b3811336454436\"\u003e\u003ccode\u003ec07721a\u003c/code\u003e\u003c/a\u003e fix:  incorrect pg_stat_replication.reply_time calculation (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3906\"\u003e#3906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/83023f3c2ae98dc69df00a560dbbe386afafe3b1\"\u003e\u003ccode\u003e83023f3\u003c/code\u003e\u003c/a\u003e fix: close temporary lob descriptors that are used internally in PreparedStat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/62c9805ef8606f3d38273ac69f64b14e936a0bfa\"\u003e\u003ccode\u003e62c9805\u003c/code\u003e\u003c/a\u003e fix: issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3892\"\u003e#3892\u003c/a\u003e, PGXAConnection.prepare(Xid) should return XA_RDONLY if the ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pgjdbc/pgjdbc/compare/REL42.7.8...REL42.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-data-jdbc` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-data-jdbc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-web` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-validation` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-validation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-thymeleaf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-configuration-processor` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-configuration-processor's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-test` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-actuator` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-actuator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/488...\n\n_Description has been truncated_","html_url":"https://github.com/DataBiosphere/terra-policy-service/pull/160","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fterra-policy-service/issues/160","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/160/packages"},{"uuid":"3882003259","node_id":"PR_kwDOJx0dmM7Atpla","number":119,"state":"open","title":"[CORE-69]: Bump the minor-and-patch-updates group with 3 updates","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-01T13:03:16.000Z","updated_at":"2026-02-01T13:06:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-and-patch-updates","update_count":3,"packages":[{"name":"ch.qos.logback:logback-classic","old_version":"1.5.23","new_version":"1.5.27","repository_url":"https://github.com/qos-ch/logback"},{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.20.1","new_version":"2.21.0","repository_url":"https://github.com/FasterXML/jackson"},{"name":"com.diffplug.spotless:spotless-plugin-gradle","old_version":"8.1.0","new_version":"8.2.1","repository_url":"https://github.com/diffplug/spotless"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 3 updates: [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback), [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) and [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless).\n\nUpdates `ch.qos.logback:logback-classic` from 1.5.23 to 1.5.27\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/qos-ch/logback/releases\"\u003ech.qos.logback:logback-classic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eLogback 1.5.27\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-30 Release of logback version 1.5.27\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• Updated license to Eclipse Public License version 2.0 from version 1.0, retaining the GPL 2.1 dual-license.\u003c/p\u003e\n\u003cp\u003e• Fixed missing MDC data transmitted by \u003ccode\u003eSocketAppender\u003c/code\u003e reported in \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/1010\"\u003eissues/1010\u003c/a\u003e by Lars Vogel.\u003c/p\u003e\n\u003cp\u003e• Removed all \u003ccode\u003eReceiver\u003c/code\u003e classes and components which were already disabled for several years.\u003c/p\u003e\n\u003cp\u003e• Refactored file scanning code for improved clarity.\u003c/p\u003e\n\u003cp\u003e• In \u003ccode\u003eSizeAndTimeBasedRollingPolicy\u003c/code\u003e modified \u003ccode\u003etotalSizeCap\u003c/code\u003e and \u003ccode\u003emaxFileSize\u003c/code\u003e comparison to taking into account file compression. This fixes \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/1007\"\u003eissues/1007\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by building from source code at commit 3618eb01aad6672f9cd250dccf7546a69cbe982f associated with the tag v_1.5.27. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003ch2\u003eLogback 1.5.26\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-25 Release of logback version 1.5.26\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• InsertFromJNDIModelHandler was accessing javax.naming package forcing the inclusion of the optional java.naming module. This problem was raised in \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/1003\"\u003eissues/1003\u003c/a\u003e by Marius Hanl who also provided the relevant PR.\u003c/p\u003e\n\u003cp\u003e• In applications using shadow/fat/shade jars, module or package information could be lost. Thus, in the absence of version information, logback-classic would warn about version mismatches. Logback components now ship with properties files containing version information that survive shadow/fat/shade jars. This issue was reporteed in \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/1002\"\u003eissues/1002\u003c/a\u003e by Christoph Gritschenberger.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by building from source code at commit 33deb54506bbfaf1ff151f26f3a5f86936011619 associated with the tag v_1.5.26. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003ch2\u003eLogback 1.5.25\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-17 Release of logback version 1.5.25\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• When processing configuration files, logback-core will now only instantiate components compatible with the class expected by the encapsulating class. This fixes an ACE vulnerability recorded as \u003ca href=\"https://www.cve.org/cverecord?id=CVE-2026-1225\"\u003eCVE-2026-1225\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e• In configuration files, referencing a single undeclared appender would cause all referenced appenders to be skipped. This issue was discovered in \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/997\"\u003eissues/997\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e• Added VersionUtil class to logback-core. This utility class checks for version compatibility issues and alerts the user if need be.\u003c/p\u003e\n\u003cp\u003e• Added \u003ca href=\"https://logback.qos.ch/manual/layouts.html#epoch\"\u003eEpochConverter\u003c/a\u003e to output milliseconds/seconds since epoch. This enhancement was requested by Duncan Jauncey in \u003ca href=\"https://redirect.github.com/qos-ch/logback/pull/1000\"\u003eissues/1000\u003c/a\u003e who also provided the relevant implementation PR.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by building from source code at commit f426e0002800cfb507f393fcacffe0761a425220 associated with the tag v_1.5.25. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003ch2\u003eLogback 1.5.24\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-06 Release of logback version 1.5.24\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• Added ExpressionPropertyCondition a PropertyCondition that can evaluate boolean expressions similar to Java. See \u003ca href=\"https://logback.qos.ch/manual/configuration.html#conditionalExp\"\u003ethe relevant documentation\u003c/a\u003e for further details.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by building from source code at commit 62bc5fc245dd3a52f3dd45e232733f4cefb4806d associated with the tag v_1.5.24. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/3618eb01aad6672f9cd250dccf7546a69cbe982f\"\u003e\u003ccode\u003e3618eb0\u003c/code\u003e\u003c/a\u003e increase timeout delay to 2000 millis\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/db150c3c92656ed01c66dbd8ec2a0f1548637663\"\u003e\u003ccode\u003edb150c3\u003c/code\u003e\u003c/a\u003e prepare release 1.5.27\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/0370b137a47a6148c3f2d527f6bfdbd22d3136a8\"\u003e\u003ccode\u003e0370b13\u003c/code\u003e\u003c/a\u003e fix missing MDC transmission in SocketAppender. Fixes issues/1010\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/8100acd4e49f7d3c78520efacfd98bd398f0e810\"\u003e\u003ccode\u003e8100acd\u003c/code\u003e\u003c/a\u003e remove RemoteAppender*\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/2b67210613628b8610f44063c4e739b71ce83190\"\u003e\u003ccode\u003e2b67210\u003c/code\u003e\u003c/a\u003e remove Receiver related classes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/d84b58686b3e04661bb47e7260d1fdcb731826ac\"\u003e\u003ccode\u003ed84b586\u003c/code\u003e\u003c/a\u003e remove ReceiverModelHandler - project still builds indicating no active usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/44049ed38ff396bc45a98d9b536da8f179547132\"\u003e\u003ccode\u003e44049ed\u003c/code\u003e\u003c/a\u003e remove support for receivers in SerializedModelConfigurator and JoranConfigur...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/56085d898665d6e99489591333a4ddf381465443\"\u003e\u003ccode\u003e56085d8\u003c/code\u003e\u003c/a\u003e fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/e7764f47e51921abe9635b32c2fa80e65d29efba\"\u003e\u003ccode\u003ee7764f4\u003c/code\u003e\u003c/a\u003e refactor file change scanning for clarity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/e56a12f865751ce6a599963187b4a861854c7e8a\"\u003e\u003ccode\u003ee56a12f\u003c/code\u003e\u003c/a\u003e bump assertj version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/qos-ch/logback/compare/v_1.5.23...v_1.5.27\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.20.1 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.diffplug.spotless:spotless-plugin-gradle` from 8.1.0 to 8.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/diffplug/spotless/releases\"\u003ecom.diffplug.spotless:spotless-plugin-gradle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGradle Plugin v8.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix OutOfMemoryError and slow configuration phase in large multi-project builds when using Eclipse-based formatters (Eclipse JDT, GrEclipse, Eclipse CDT) by implementing P2 dependency caching. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2788\"\u003e#2788\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v8.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a \u003ccode\u003eexpandWildcardImports\u003c/code\u003e API for java (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2594\"\u003e#2679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd the ability to specify a wildcard version (\u003ccode\u003e*\u003c/code\u003e) for external formatter executables. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2757\"\u003e#2757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for passing multiple file paths using the -PspotlessIdeHook option. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2774\"\u003e#2774\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003econfiguration cache for groovy. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2797\"\u003e#2797\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] \u003ccode\u003eNPE\u003c/code\u003e due to workingTreeIterator being null for git ignored files. \u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/911\"\u003e#911\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2771\"\u003e#2771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent race conditions when multiple npm-based formatters launch the server process simultaneously while sharing the same \u003ccode\u003enode_modules\u003c/code\u003e directory. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2786\"\u003e#2786\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump default \u003ccode\u003ektfmt\u003c/code\u003e version to latest \u003ccode\u003e0.59\u003c/code\u003e -\u0026gt; \u003ccode\u003e0.61\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2804\"\u003e2804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ektlint\u003c/code\u003e version to latest \u003ccode\u003e1.7.1\u003c/code\u003e -\u0026gt; \u003ccode\u003e1.8.0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2763\"\u003e2763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003egherkin-utils\u003c/code\u003e version to latest \u003ccode\u003e9.2.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e10.0.0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2619\"\u003e#2619\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/2b7f9de321fc332be56a02d3cd0b73e72d3c1fec\"\u003e\u003ccode\u003e2b7f9de\u003c/code\u003e\u003c/a\u003e Published gradle/8.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/78e26e9a3e07a23a99f0e4b4ef2c7503cc8fed1f\"\u003e\u003ccode\u003e78e26e9\u003c/code\u003e\u003c/a\u003e Published lib/4.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/33692c2d957c07eda497aed93cc4e410289c3d6f\"\u003e\u003ccode\u003e33692c2\u003c/code\u003e\u003c/a\u003e [fix] \u003ccode\u003eremoveSemicolons()\u003c/code\u003e should not be applied to multiline strings in groo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/90628d8e829dbeff10e11d5b018045102367c046\"\u003e\u003ccode\u003e90628d8\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/61864a2a38ee3d41c3027c28f5182be6f2dc78a3\"\u003e\u003ccode\u003e61864a2\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-removeSemicolons\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/4864bc887a9b783feafa2908be5e17ab6a505aad\"\u003e\u003ccode\u003e4864bc8\u003c/code\u003e\u003c/a\u003e Fix Gradle Cache performance issue by supporting cached P2 provisionning via ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/075895cb3b16fdd1884a22342607655f4f996d2a\"\u003e\u003ccode\u003e075895c\u003c/code\u003e\u003c/a\u003e docs: Mention P2 caching for gradle plugin caching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/57214bf3eacc1aee293c95871b1fe41d28cf13ec\"\u003e\u003ccode\u003e57214bf\u003c/code\u003e\u003c/a\u003e feat: Supports P2 in predeclare\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/8aee8accdc070ee14fa85314d55c184c4c0e97df\"\u003e\u003ccode\u003e8aee8ac\u003c/code\u003e\u003c/a\u003e chore: Adds a GradleProvisioner test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/859326c0fa84793be37bcadabd88a8a9471f53dd\"\u003e\u003ccode\u003e859326c\u003c/code\u003e\u003c/a\u003e chore: Use a caching TestP2Provisioner in tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/diffplug/spotless/compare/gradle/8.1.0...gradle/8.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/119","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/119","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/119/packages"},{"uuid":"3828930512","node_id":"PR_kwDOKIhk5M6994mx","number":253,"state":"closed","title":"chore(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.20.1 to 2.21.0","user":"dependabot[bot]","labels":["gradle","dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-23T09:24:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-19T10:00:21.000Z","updated_at":"2026-02-23T09:24:07.000Z","time_to_close":3021824,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.20.1","new_version":"2.21.0","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.20.1 to 2.21.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.20.1\u0026new-version=2.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/cyberkaida/reverse-engineering-assistant/pull/253","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberkaida%2Freverse-engineering-assistant/issues/253","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/253/packages"},{"uuid":"3607232243","node_id":"PR_kwDOKIhk5M6yfZ8T","number":218,"state":"closed","title":"chore(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.1","user":"dependabot[bot]","labels":["gradle","dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-05T09:03:42.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-10T10:11:40.000Z","updated_at":"2026-01-05T09:03:51.000Z","time_to_close":4834322,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.2","new_version":"2.20.1","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.2 to 2.20.1.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.2\u0026new-version=2.20.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/cyberkaida/reverse-engineering-assistant/pull/218","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberkaida%2Freverse-engineering-assistant/issues/218","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/218/packages"},{"uuid":"3576624957","node_id":"PR_kwDOAd-BNc6w69UH","number":757,"state":"open","title":"build(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.20.0 to 2.20.1","user":"dependabot[bot]","labels":["dependencies","gradle","automerge","patch"],"assignees":["BigMichi1"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-10-31T22:01:25.000Z","updated_at":"2025-10-31T22:01:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.20.0","new_version":"2.20.1","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.20.0 to 2.20.1.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.20.0\u0026new-version=2.20.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gradle-dependency-analyze/gradle-dependency-analyze/pull/757","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradle-dependency-analyze%2Fgradle-dependency-analyze/issues/757","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/757/packages"},{"uuid":"2878382392","node_id":"PR_kwDOFAzjV86rkKE4","number":888,"state":"open","title":"build(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.18.1 to 2.20.0 in /serverpackcreator-api","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":["Griefed"],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-10-01T14:02:47.000Z","updated_at":"2025-10-01T14:02:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.18.1","new_version":"2.20.0","repository_url":"https://github.com/FasterXML/jackson"}],"path":"/serverpackcreator-api","ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.18.1 to 2.20.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.18.1\u0026new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Griefed/ServerPackCreator/pull/888","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Griefed%2FServerPackCreator/issues/888","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/888/packages"},{"uuid":"2790873334","node_id":"PR_kwDOJx0dmM6mWVj2","number":105,"state":"closed","title":"[CORE-69]: Bump com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.0 in the minor-and-patch-updates group","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-09-02T13:13:29.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-01T23:14:02.000Z","updated_at":"2025-09-02T13:13:30.000Z","time_to_close":50367,"merged_at":"2025-09-02T13:13:29.000Z","merged_by":"davidangb","closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.2","new_version":"2.20.0","repository_url":"https://github.com/FasterXML/jackson"}],"path":"the minor-and-patch-updates group","ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 1 update: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson).\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.2\u0026new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/105","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/105","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/105/packages"},{"uuid":"2790746694","node_id":"PR_kwDOHYbty86mV2pG","number":138,"state":"open","title":"[CORE-69]: Bump the minor-patch-dependencies group with 13 updates","user":"dependabot[bot]","labels":["dependency","gradle"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-01T21:08:03.000Z","updated_at":"2025-09-02T16:14:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-patch-dependencies","update_count":13,"packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.2","new_version":"2.20.0","repository_url":"https://github.com/FasterXML/jackson"},{"name":"org.springframework.boot:spring-boot-starter-data-jdbc","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-web","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-validation","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-thymeleaf","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-configuration-processor","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-test","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-actuator","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework:spring-aop","old_version":"6.2.9","new_version":"6.2.10","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-aspects","old_version":"6.2.9","new_version":"6.2.10","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"io.sentry:sentry-spring-boot-starter","old_version":"8.19.1","new_version":"8.20.0","repository_url":"https://github.com/getsentry/sentry-java"},{"name":"org.springframework.boot:spring-boot-gradle-plugin","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.yaml:snakeyaml","old_version":"2.4","new_version":"2.5"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-patch-dependencies group with 13 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.19.2` | `2.20.0` |\n| [org.springframework.boot:spring-boot-starter-data-jdbc](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-web](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-validation](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-thymeleaf](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-configuration-processor](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-actuator](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework:spring-aop](https://github.com/spring-projects/spring-framework) | `6.2.9` | `6.2.10` |\n| [org.springframework:spring-aspects](https://github.com/spring-projects/spring-framework) | `6.2.9` | `6.2.10` |\n| [io.sentry:sentry-spring-boot-starter](https://github.com/getsentry/sentry-java) | `8.19.1` | `8.20.0` |\n| [org.springframework.boot:spring-boot-gradle-plugin](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) | `2.4` | `2.5` |\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-data-jdbc` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-data-jdbc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-web` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-validation` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-validation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-thymeleaf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-configuration-processor` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-configuration-processor's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-test` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-actuator` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-actuator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-web` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n...\n\n_Description has been truncated_","html_url":"https://github.com/DataBiosphere/terra-policy-service/pull/138","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fterra-policy-service/issues/138","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/138/packages"},{"uuid":"2786127025","node_id":"PR_kwDOAd-BNc6mEOyx","number":726,"state":"closed","title":"build(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.0","user":"dependabot[bot]","labels":["dependencies","gradle","automerge","minor"],"assignees":["BigMichi1"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-29T22:26:56.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-29T22:01:19.000Z","updated_at":"2025-08-29T22:26:56.000Z","time_to_close":1537,"merged_at":"2025-08-29T22:26:56.000Z","merged_by":"kodiakhq[bot]","closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.2","new_version":"2.20.0","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.2 to 2.20.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.2\u0026new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gradle-dependency-analyze/gradle-dependency-analyze/pull/726","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradle-dependency-analyze%2Fgradle-dependency-analyze/issues/726","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/726/packages"},{"uuid":"2718069750","node_id":"PR_kwDOKIhk5M6iAnP2","number":160,"state":"open","title":"chore(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.19.1 to 2.19.2","user":"dependabot[bot]","labels":["gradle","dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-04T13:51:07.000Z","updated_at":"2025-08-09T01:01:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.1","new_version":"2.19.2","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.1 to 2.19.2.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.1\u0026new-version=2.19.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/cyberkaida/reverse-engineering-assistant/pull/160","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberkaida%2Freverse-engineering-assistant/issues/160","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/160/packages"},{"uuid":"3285055331","node_id":"PR_kwDOJx0dmM6hyA8A","number":102,"state":"open","title":"[CORE-69]: Bump the minor-and-patch-updates group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-01T20:29:58.000Z","updated_at":"2025-08-01T22:09:42.234Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-and-patch-updates","update_count":2,"packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.1","new_version":"2.19.2","repository_url":"https://github.com/FasterXML/jackson"},{"name":"com.diffplug.spotless:spotless-plugin-gradle","old_version":"7.0.4","new_version":"7.2.1","repository_url":"https://github.com/diffplug/spotless"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 2 updates in the / directory: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) and [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless).\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.1 to 2.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.diffplug.spotless:spotless-plugin-gradle` from 7.0.4 to 7.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/diffplug/spotless/releases\"\u003ecom.diffplug.spotless:spotless-plugin-gradle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGradle Plugin v7.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003espotlessInstallGitPrePushHook\u003c/code\u003e didn't work on windows, now fixed. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v7.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow specifying path to Biome JSON config file directly in \u003ccode\u003ebiome\u003c/code\u003e step. Requires biome 2.x. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003espotlessInstallGitPrePushHook\u003c/code\u003e task, which installs a Git \u003ccode\u003epre-push\u003c/code\u003e hook to run \u003ccode\u003espotlessCheck\u003c/code\u003e and \u003ccode\u003espotlessApply\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2553\"\u003e#2553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow setting Eclipse XML config from a string, not only from files (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2361\"\u003e#2361\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump default \u003ccode\u003egson\u003c/code\u003e version to latest \u003ccode\u003e2.11.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.13.1\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2414\"\u003e#2414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ejackson\u003c/code\u003e version to latest \u003ccode\u003e2.18.1\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.19.2\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2558\"\u003e#2558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003egherkin-utils\u003c/code\u003e version to latest \u003ccode\u003e9.0.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e9.2.0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2408\"\u003e#2408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ecleanthat\u003c/code\u003e version to latest \u003ccode\u003e2.22\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.23\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2556\"\u003e#2556\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v7.1.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003eidea\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2020\"\u003e#2020\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2535\"\u003e#2535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for removing wildcard imports via \u003ccode\u003eremoveWildcardImports\u003c/code\u003e step. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2517\"\u003e#2517\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix biome formatter for new major release 2.x of biome (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2537\"\u003e#2537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake sure npm-based formatters use the correct \u003ccode\u003enode_modules\u003c/code\u003e directory when running in parallel. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump internal dependencies for npm-based formatters (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003escalafmt: enforce version consistency between the version configured in Spotless and the version declared in Scalafmt config file (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2460\"\u003e#2460\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/9e11c9d4a8411876b10d77d81aaf5b4ab312b455\"\u003e\u003ccode\u003e9e11c9d\u003c/code\u003e\u003c/a\u003e Published gradle/7.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/314418c2b9fa8210169826e52270e7cc5539531b\"\u003e\u003ccode\u003e314418c\u003c/code\u003e\u003c/a\u003e Published lib/3.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/5e9df11e2b1dde4d6d71ddac6f4f453bb9c8131d\"\u003e\u003ccode\u003e5e9df11\u003c/code\u003e\u003c/a\u003e Windows Compatibility Fix for Git Pre-push Hook (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/24ca3bcef169ba3b34f809196bcbaceb98798971\"\u003e\u003ccode\u003e24ca3bc\u003c/code\u003e\u003c/a\u003e We should run CI for PRs against \u003ccode\u003erelease\u003c/code\u003e also.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/222085be8c9a336d9f2bbd6300ac0d818d04d2db\"\u003e\u003ccode\u003e222085b\u003c/code\u003e\u003c/a\u003e Update changelogs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/776f7d15cc523af3db7cbc8b288abaf13dd54516\"\u003e\u003ccode\u003e776f7d1\u003c/code\u003e\u003c/a\u003e execute pre-push hook\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/b8e80bcd369d7e68d9a7ace6434729aa4194daf7\"\u003e\u003ccode\u003eb8e80bc\u003c/code\u003e\u003c/a\u003e tests fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/1042742744e7f273a019dc4e21566244a5585306\"\u003e\u003ccode\u003e1042742\u003c/code\u003e\u003c/a\u003e spotlessApply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/4cf8137acb1fae06147e6d6dd7a7e127aae7de74\"\u003e\u003ccode\u003e4cf8137\u003c/code\u003e\u003c/a\u003e git pre push hook windows fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/94da761e14d554ae61f6e665328d7c25d9a86e85\"\u003e\u003ccode\u003e94da761\u003c/code\u003e\u003c/a\u003e Published maven/2.46.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/diffplug/spotless/compare/gradle/7.0.4...gradle/7.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/102","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/102","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/102/packages"},{"uuid":"2713125384","node_id":"PR_kwDOJx0dmM6htwII","number":99,"state":"open","title":"[CORE-69]: Bump the minor-and-patch-updates group with 3 updates","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-01T12:46:56.000Z","updated_at":"2025-08-01T20:25:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-and-patch-updates","update_count":3,"packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.1","new_version":"2.19.2","repository_url":"https://github.com/FasterXML/jackson"},{"name":"com.google.cloud.artifactregistry.gradle-plugin","old_version":"2.1.5","new_version":"2.2.5"},{"name":"com.diffplug.spotless:spotless-plugin-gradle","old_version":"7.0.4","new_version":"7.2.1","repository_url":"https://github.com/diffplug/spotless"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 3 updates: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson), com.google.cloud.artifactregistry.gradle-plugin and [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless).\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.1 to 2.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.cloud.artifactregistry.gradle-plugin` from 2.1.5 to 2.2.5\n\nUpdates `com.diffplug.spotless:spotless-plugin-gradle` from 7.0.4 to 7.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/diffplug/spotless/releases\"\u003ecom.diffplug.spotless:spotless-plugin-gradle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGradle Plugin v7.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003espotlessInstallGitPrePushHook\u003c/code\u003e didn't work on windows, now fixed. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v7.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow specifying path to Biome JSON config file directly in \u003ccode\u003ebiome\u003c/code\u003e step. Requires biome 2.x. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003espotlessInstallGitPrePushHook\u003c/code\u003e task, which installs a Git \u003ccode\u003epre-push\u003c/code\u003e hook to run \u003ccode\u003espotlessCheck\u003c/code\u003e and \u003ccode\u003espotlessApply\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2553\"\u003e#2553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow setting Eclipse XML config from a string, not only from files (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2361\"\u003e#2361\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump default \u003ccode\u003egson\u003c/code\u003e version to latest \u003ccode\u003e2.11.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.13.1\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2414\"\u003e#2414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ejackson\u003c/code\u003e version to latest \u003ccode\u003e2.18.1\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.19.2\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2558\"\u003e#2558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003egherkin-utils\u003c/code\u003e version to latest \u003ccode\u003e9.0.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e9.2.0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2408\"\u003e#2408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ecleanthat\u003c/code\u003e version to latest \u003ccode\u003e2.22\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.23\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2556\"\u003e#2556\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v7.1.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003eidea\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2020\"\u003e#2020\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2535\"\u003e#2535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for removing wildcard imports via \u003ccode\u003eremoveWildcardImports\u003c/code\u003e step. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2517\"\u003e#2517\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix biome formatter for new major release 2.x of biome (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2537\"\u003e#2537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake sure npm-based formatters use the correct \u003ccode\u003enode_modules\u003c/code\u003e directory when running in parallel. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump internal dependencies for npm-based formatters (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003escalafmt: enforce version consistency between the version configured in Spotless and the version declared in Scalafmt config file (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2460\"\u003e#2460\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/9e11c9d4a8411876b10d77d81aaf5b4ab312b455\"\u003e\u003ccode\u003e9e11c9d\u003c/code\u003e\u003c/a\u003e Published gradle/7.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/314418c2b9fa8210169826e52270e7cc5539531b\"\u003e\u003ccode\u003e314418c\u003c/code\u003e\u003c/a\u003e Published lib/3.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/5e9df11e2b1dde4d6d71ddac6f4f453bb9c8131d\"\u003e\u003ccode\u003e5e9df11\u003c/code\u003e\u003c/a\u003e Windows Compatibility Fix for Git Pre-push Hook (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/24ca3bcef169ba3b34f809196bcbaceb98798971\"\u003e\u003ccode\u003e24ca3bc\u003c/code\u003e\u003c/a\u003e We should run CI for PRs against \u003ccode\u003erelease\u003c/code\u003e also.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/222085be8c9a336d9f2bbd6300ac0d818d04d2db\"\u003e\u003ccode\u003e222085b\u003c/code\u003e\u003c/a\u003e Update changelogs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/776f7d15cc523af3db7cbc8b288abaf13dd54516\"\u003e\u003ccode\u003e776f7d1\u003c/code\u003e\u003c/a\u003e execute pre-push hook\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/b8e80bcd369d7e68d9a7ace6434729aa4194daf7\"\u003e\u003ccode\u003eb8e80bc\u003c/code\u003e\u003c/a\u003e tests fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/1042742744e7f273a019dc4e21566244a5585306\"\u003e\u003ccode\u003e1042742\u003c/code\u003e\u003c/a\u003e spotlessApply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/4cf8137acb1fae06147e6d6dd7a7e127aae7de74\"\u003e\u003ccode\u003e4cf8137\u003c/code\u003e\u003c/a\u003e git pre push hook windows fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/94da761e14d554ae61f6e665328d7c25d9a86e85\"\u003e\u003ccode\u003e94da761\u003c/code\u003e\u003c/a\u003e Published maven/2.46.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/diffplug/spotless/compare/gradle/7.0.4...gradle/7.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/99","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/99","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/99/packages"},{"uuid":"2678349432","node_id":"PR_kwDOAd-BNc6fpF54","number":707,"state":"closed","title":"build(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.19.1 to 2.19.2","user":"dependabot[bot]","labels":["dependencies","gradle","automerge","patch"],"assignees":["BigMichi1"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-18T22:34:15.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-18T22:08:19.000Z","updated_at":"2025-07-18T22:34:15.000Z","time_to_close":1556,"merged_at":"2025-07-18T22:34:14.000Z","merged_by":"kodiakhq[bot]","closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.1","new_version":"2.19.2","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.1 to 2.19.2.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.1\u0026new-version=2.19.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gradle-dependency-analyze/gradle-dependency-analyze/pull/707","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradle-dependency-analyze%2Fgradle-dependency-analyze/issues/707","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/707/packages"},{"uuid":"2632383001","node_id":"PR_kwDOJx0dmM6c5voZ","number":96,"state":"closed","title":"[CORE-69]: Bump com.fasterxml.jackson.core:jackson-databind from 2.19.0 to 2.19.1 in the minor-and-patch-updates group","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2025-07-01T13:27:14.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-01T12:56:08.000Z","updated_at":"2025-07-01T13:27:14.000Z","time_to_close":1866,"merged_at":"2025-07-01T13:27:14.000Z","merged_by":"calypsomatic","closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.0","new_version":"2.19.1","repository_url":"https://github.com/FasterXML/jackson"}],"path":"the minor-and-patch-updates group","ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 1 update: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson).\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.0 to 2.19.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.0\u0026new-version=2.19.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/96","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/96","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/96/packages"},{"uuid":"2597190616","node_id":"PR_kwDOAd-BNc6azfvY","number":697,"state":"closed","title":"build(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.19.0 to 2.19.1","user":"dependabot[bot]","labels":["dependencies","gradle","automerge","patch"],"assignees":["BigMichi1"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-17T00:26:58.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-17T00:01:31.000Z","updated_at":"2025-06-17T00:26:59.000Z","time_to_close":1527,"merged_at":"2025-06-17T00:26:58.000Z","merged_by":"kodiakhq[bot]","closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.0","new_version":"2.19.1","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.0 to 2.19.1.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.0\u0026new-version=2.19.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gradle-dependency-analyze/gradle-dependency-analyze/pull/697","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradle-dependency-analyze%2Fgradle-dependency-analyze/issues/697","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/697/packages"}],"issue_packages":[{"old_version":"2.20.1","new_version":"2.21.0","update_type":"minor","path":null,"pr_created_at":"2026-02-04T15:11:34.000Z","version_change":"2.20.1 → 2.21.0","issue":{"uuid":"3897027270","node_id":"PR_kwDOHYbty87BfdMo","number":160,"state":"closed","title":"[CORE-69]: Bump the minor-patch-dependencies group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependency","gradle"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-01T11:07:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-04T15:11:34.000Z","updated_at":"2026-03-01T11:07:34.000Z","time_to_close":2145359,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-patch-dependencies","update_count":16,"packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.20.1","new_version":"2.21.0","repository_url":"https://github.com/FasterXML/jackson"},{"name":"org.postgresql:postgresql","old_version":"42.7.8","new_version":"42.7.9","repository_url":"https://github.com/pgjdbc/pgjdbc"},{"name":"org.springframework.boot:spring-boot-starter-data-jdbc","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-web","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-validation","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-thymeleaf","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-configuration-processor","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-test","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-actuator","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"io.sentry:sentry-spring-boot-starter","old_version":"8.29.0","new_version":"8.31.0","repository_url":"https://github.com/getsentry/sentry-java"},{"name":"ch.qos.logback:logback-classic","old_version":"1.5.23","new_version":"1.5.27","repository_url":"https://github.com/qos-ch/logback"},{"name":"io.micrometer:micrometer-registry-prometheus","old_version":"1.16.1","new_version":"1.16.2","repository_url":"https://github.com/micrometer-metrics/micrometer"},{"name":"com.diffplug.spotless:spotless-plugin-gradle","old_version":"8.1.0","new_version":"8.2.1","repository_url":"https://github.com/diffplug/spotless"},{"name":"de.undercouch.download:de.undercouch.download.gradle.plugin","old_version":"5.6.0","new_version":"5.7.0","repository_url":"https://github.com/michel-kraemer/gradle-download-task"},{"name":"org.springframework.boot:spring-boot-gradle-plugin","old_version":"3.5.7","new_version":"3.5.10","repository_url":"https://github.com/spring-projects/spring-boot"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-patch-dependencies group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.20.1` | `2.21.0` |\n| [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) | `42.7.8` | `42.7.9` |\n| [org.springframework.boot:spring-boot-starter-data-jdbc](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-web](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-validation](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-thymeleaf](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-configuration-processor](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [org.springframework.boot:spring-boot-starter-actuator](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n| [io.sentry:sentry-spring-boot-starter](https://github.com/getsentry/sentry-java) | `8.29.0` | `8.31.0` |\n| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.23` | `1.5.27` |\n| [io.micrometer:micrometer-registry-prometheus](https://github.com/micrometer-metrics/micrometer) | `1.16.1` | `1.16.2` |\n| [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless) | `8.1.0` | `8.2.1` |\n| [de.undercouch.download:de.undercouch.download.gradle.plugin](https://github.com/michel-kraemer/gradle-download-task) | `5.6.0` | `5.7.0` |\n| [org.springframework.boot:spring-boot-gradle-plugin](https://github.com/spring-projects/spring-boot) | `3.5.7` | `3.5.10` |\n\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.20.1 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.postgresql:postgresql` from 42.7.8 to 42.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pgjdbc/pgjdbc/releases\"\u003eorg.postgresql:postgresql's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev42.7.9\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded changelogs for version 42.7.9 \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3908\"\u003e#3908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ethe classloader is nullable, and remove a space \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3907\"\u003e#3907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix:  incorrect pg_stat_replication.reply_time calculation \u003ca href=\"https://github.com/atorik\"\u003e\u003ccode\u003e@​atorik\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3906\"\u003e#3906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3892\"\u003e#3892\u003c/a\u003e, PGXAConnection.prepare(Xid) should return XA_RDONLY if the connection is read only \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix badges for maven central and search paths. Sonatype has changed the search paths \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3901\"\u003e#3901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: make all Calendar instances proleptic Gregorian (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3837\"\u003e#3837\u003c/a\u003e) \u003ca href=\"https://github.com/m-van-tilburg\"\u003e\u003ccode\u003e@​m-van-tilburg\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3887\"\u003e#3887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etest: add CI tests with Java 26 \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3893\"\u003e#3893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eperf: optimize PGInterval.getValue() by replacing String.format with StringBuilder \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3866\"\u003e#3866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euse ssl_is_used() to check for ssl connection \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3867\"\u003e#3867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd PEMKeyManager to handle PEM based certs and keys. \u003ca href=\"https://github.com/harinath001\"\u003e\u003ccode\u003e@​harinath001\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3700\"\u003e#3700\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eComment and simplify the complex state machine logic in QueryExecutorImpl \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3850\"\u003e#3850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;fix: Issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3784\"\u003e#3784\u003c/a\u003e pgjdbc can't decode numeric arrays containing special numbers like NaN\u0026quot; \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3851\"\u003e#3851\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: Issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3784\"\u003e#3784\u003c/a\u003e pgjdbc can't decode numeric arrays containing special numbers like NaN \u003ca href=\"https://github.com/ShenFeng312\"\u003e\u003ccode\u003e@​ShenFeng312\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3838\"\u003e#3838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSmall simplication of locking patterns in QueryExecutorBase \u003ca href=\"https://github.com/Sanne\"\u003e\u003ccode\u003e@​Sanne\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3849\"\u003e#3849\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edoc: update property quoteReturningIdentifiers default value \u003ca href=\"https://github.com/sodekim\"\u003e\u003ccode\u003e@​sodekim\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3847\"\u003e#3847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: default query timeout property \u003ca href=\"https://github.com/cfredri4\"\u003e\u003ccode\u003e@​cfredri4\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3705\"\u003e#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecreate action to deploy docs to \u003ca href=\"https://pgjdbc.github.io/\"\u003ehttps://pgjdbc.github.io/\u003c/a\u003e \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3819\"\u003e#3819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix homepage release note \u003ca href=\"https://github.com/davecramer\"\u003e\u003ccode\u003e@​davecramer\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3817\"\u003e#3817\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: close temporary lob descriptors that are used internally in PreparedStatement#setBlob \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3903\"\u003e#3903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: avoid memory leaks in Java \u0026lt;= 21 caused by Thread.inheritedAccessControlContext \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3886\"\u003e#3886\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📝 Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edoc: add the new PGP signing key to the official documentation \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3813\"\u003e#3813\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🧰 Maintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove unused com.github.spotbugs Gradle plugin dependency \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3868\"\u003e#3868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: drop SpotBugs as we do not seem to use it \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3834\"\u003e#3834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: bump version to 42.7.9 after 42.7.8 release \u003ca href=\"https://github.com/vlsi\"\u003e\u003ccode\u003e@​vlsi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3810\"\u003e#3810\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⬆️ Dependencies\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update actions/create-github-app-token digest to 29824e6 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3898\"\u003e#3898\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(deps): update actions/setup-java digest to c1e3236 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3899\"\u003e#3899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(deps): update codecov/codecov-action digest to 671740a \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3900\"\u003e#3900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency org.junit:junit-bom to v5.14.1 - autoclosed \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3884\"\u003e#3884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency org.apache.bcel:bcel to v6.11.0 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3883\"\u003e#3883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency org.mockito:mockito-bom to v5.20.0 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3885\"\u003e#3885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency net.bytebuddy:byte-buddy-parent to v1.18.2 \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3882\"\u003e#3882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to 497990d \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3881\"\u003e#3881\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md\"\u003eorg.postgresql:postgresql's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[42.7.9] (2026-01-14)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: query timeout property [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3705\"\u003e#3705\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3705\"\u003epgjdbc/pgjdbc#3705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: Add PEMKeyManager to handle PEM based certs and keys [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3700\"\u003e#3700\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3700\"\u003epgjdbc/pgjdbc#3700\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eperf: optimize PGInterval.getValue() by replacing String.format with StringBuilder\u003c/li\u003e\n\u003cli\u003edoc: update property quoteReturningIdentifiers default value [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3847\"\u003e#3847\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3847\"\u003epgjdbc/pgjdbc#3847\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: Use a static method forName to load all user supplied classes. Use the Class.forName 3 parameter method and do not initilize it unless it is a subclass of the expected class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: incorrect pg_stat_replication.reply_time calculation [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3906\"\u003e#3906\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3906\"\u003epgjdbc/pgjdbc#3906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: close temporary lob descriptors that are used internally in PreparedStatement#setBlob\u003c/li\u003e\n\u003cli\u003efix: PGXAConnection.prepare(Xid) should return XA_RDONLY if the connection is read only [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3897\"\u003e#3897\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3897\"\u003epgjdbc/pgjdbc#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: make all Calendar instances proleptic Gregorian [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3837\"\u003e#3837\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3887\"\u003epgjdbc/pgjdbc#3887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: Simplify concurrency guards on QueryExecutorBase#transaction and QueryExecutorBase#standardConformingStrings [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3897\"\u003e#3897\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3849\"\u003epgjdbc/pgjdbc#3849\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: avoid memory leaks in Java \u0026lt;= 21 caused by Thread.inheritedAccessControlContext [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3886\"\u003e#3886\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3886\"\u003epgjdbc/pgjdbc#3886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: Issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3784\"\u003e#3784\u003c/a\u003e pgjdbc can't decode numeric arrays containing special numbers like NaN [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3838\"\u003e#3838\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3838\"\u003epgjdbc/pgjdbc#3838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: use ssl_is_used() to check for ssl connection [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3867\"\u003e#3867\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3867\"\u003epgjdbc/pgjdbc#3867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: the classloader is nullable [PR \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3907\"\u003e#3907\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/pull/3907\"\u003epgjdbc/pgjdbc#3907\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/79b784e3a63def9d12088471334399a53016d880\"\u003e\u003ccode\u003e79b784e\u003c/code\u003e\u003c/a\u003e Added changelogs for version 42.7.9 (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3908\"\u003e#3908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/1c00ffc02be1570027b6510cbcd760b916227800\"\u003e\u003ccode\u003e1c00ffc\u003c/code\u003e\u003c/a\u003e doc: add the new PGP signing key to the official documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/f774000c105ddb2971f50dc5cf51a2d20ee4c14a\"\u003e\u003ccode\u003ef774000\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/create-github-app-token digest to 29824e6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/27daf3b48b8b7d266ba680f59345f3723e2786d2\"\u003e\u003ccode\u003e27daf3b\u003c/code\u003e\u003c/a\u003e chore(deps): update actions/setup-java digest to c1e3236\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/6eb01ff6bcb7ba6d71c9363a29d7305911861946\"\u003e\u003ccode\u003e6eb01ff\u003c/code\u003e\u003c/a\u003e chore(deps): update codecov/codecov-action digest to 671740a\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/dbf1e57747709b560da16fdcec0ba9e927393516\"\u003e\u003ccode\u003edbf1e57\u003c/code\u003e\u003c/a\u003e the classloader is nullable, and remove a space (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3907\"\u003e#3907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/6a20574f4c896b3f02d7f36d21ab1f3da15c3936\"\u003e\u003ccode\u003e6a20574\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/c07721af972eee4f10873b1a23b3811336454436\"\u003e\u003ccode\u003ec07721a\u003c/code\u003e\u003c/a\u003e fix:  incorrect pg_stat_replication.reply_time calculation (\u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3906\"\u003e#3906\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/83023f3c2ae98dc69df00a560dbbe386afafe3b1\"\u003e\u003ccode\u003e83023f3\u003c/code\u003e\u003c/a\u003e fix: close temporary lob descriptors that are used internally in PreparedStat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pgjdbc/pgjdbc/commit/62c9805ef8606f3d38273ac69f64b14e936a0bfa\"\u003e\u003ccode\u003e62c9805\u003c/code\u003e\u003c/a\u003e fix: issue \u003ca href=\"https://redirect.github.com/pgjdbc/pgjdbc/issues/3892\"\u003e#3892\u003c/a\u003e, PGXAConnection.prepare(Xid) should return XA_RDONLY if the ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pgjdbc/pgjdbc/compare/REL42.7.8...REL42.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-data-jdbc` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-data-jdbc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-web` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-validation` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-validation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-thymeleaf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-configuration-processor` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-configuration-processor's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-test` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48847\"\u003e#48847\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48707\"\u003e#48707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to REST Assured 5.5.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48884\"\u003e#48884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring AMQP 3.2.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48909\"\u003e#48909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Data Bom 2025.0.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48708\"\u003e#48708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Integration 6.5.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48921\"\u003e#48921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Kafka 3.3.12 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48709\"\u003e#48709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Spring Pulsar 1.2.14 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48710\"\u003e#48710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Undertow 2.3.22.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48848\"\u003e#48848\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to WebJars Locator Lite 1.1.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48780\"\u003e#48780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:heart: Contributors\u003c/h2\u003e\n\u003cp\u003eThank you to all the contributors who worked on this release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GaoSSR\"\u003e\u003ccode\u003e@​GaoSSR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/izeye\"\u003e\u003ccode\u003e@​izeye\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/ngocnhan-tran1996\"\u003e\u003ccode\u003e@​ngocnhan-tran1996\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.9\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRabbitHealthIndicator reports an error when version is missing from the connection's server properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48486\"\u003e#48486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProfiles retained during AOT processing are not configured in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48475\"\u003e#48475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/1b4e78fe6cae27179438931afd1cb74d51ea9f20\"\u003e\u003ccode\u003e1b4e78f\u003c/code\u003e\u003c/a\u003e Release v3.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/650236d11987cb75dc3ad9f0eef71b1a99f6e1b0\"\u003e\u003ccode\u003e650236d\u003c/code\u003e\u003c/a\u003e Remove breaking and unnecessary Undertow TLS with RSA test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/877d59bb74964b783ad8fbaab9fd2eed8ebd9aab\"\u003e\u003ccode\u003e877d59b\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Kafka 3.3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ce650b1bec96dc1460d35135677c5bcdc0ac6949\"\u003e\u003ccode\u003ece650b1\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Integration 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/30b5b73f5f236c20cda7337c6c7d9da895ef2af0\"\u003e\u003ccode\u003e30b5b73\u003c/code\u003e\u003c/a\u003e Upgrade to Develocity Conventions 0.0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/413ec6ce139a173f18c504a2e8d755ceef770a33\"\u003e\u003ccode\u003e413ec6c\u003c/code\u003e\u003c/a\u003e Upgrade to Spring Pulsar 1.2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3f86432eb5a7850a61fab7031c3553ba531d36e9\"\u003e\u003ccode\u003e3f86432\u003c/code\u003e\u003c/a\u003e Upgrade to Spring AMQP 3.2.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/2fa3aaaf9fd5140ac8f139bdff902c67181397af\"\u003e\u003ccode\u003e2fa3aaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48902\"\u003e#48902\u003c/a\u003e from dependabot[bot]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/37e0cbc371bb2ac351529b7fe67d2a100afdd9a6\"\u003e\u003ccode\u003e37e0cbc\u003c/code\u003e\u003c/a\u003e Polish \u0026quot;Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ad51defa29f390bf9548b6fe812a35b88eba93e6\"\u003e\u003ccode\u003ead51def\u003c/code\u003e\u003c/a\u003e Bump jfrog/setup-jfrog-cli from 4.8.1 to 4.9.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.7...v3.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-actuator` from 3.5.7 to 3.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-actuator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.10\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluation of bean conditions unnecessarily queries the bean factory for types that are not present \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48836\"\u003e#48836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen a bean condition references a type that is not present, it appears as ? in the condition evaluation report \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48835\"\u003e#48835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eActuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48810\"\u003e#48810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48702\"\u003e#48702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplication JAR created by extract command is not reproductible \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48664\"\u003e#48664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAOT processing of tests should not be disabled when 'skipTests' is set \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48661\"\u003e#48661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix zero-length byte buffer in InspectedContent \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48649\"\u003e#48649\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate documentation for Buildpack's AOT Cache support \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48768\"\u003e#48768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument support for configuring arguments passed to Docker Compose \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48657\"\u003e#48657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48634\"\u003e#48634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammar and typos in the reference guide \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/48596\"\u003e#48596\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Classmate 1.7.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48775\"\u003e#48775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.41.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48881\"\u003e#48881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HttpClient5 5.5.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48777\"\u003e#48777\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Logback 1.5.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48882\"\u003e#48882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48705\"\u003e#48705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48706\"\u003e#48706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pooled JMS 3.1.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48779\"\u003e#48779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Postgresql 42.7.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/48883\"\u003e#48883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to R2DBC MSSQL 1.0.4.RELEASE \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/488...\n\n_Description has been truncated_","html_url":"https://github.com/DataBiosphere/terra-policy-service/pull/160","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fterra-policy-service/issues/160","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/160/packages"}},{"old_version":"2.20.1","new_version":"2.21.0","update_type":"minor","path":null,"pr_created_at":"2026-02-01T13:03:16.000Z","version_change":"2.20.1 → 2.21.0","issue":{"uuid":"3882003259","node_id":"PR_kwDOJx0dmM7Atpla","number":119,"state":"open","title":"[CORE-69]: Bump the minor-and-patch-updates group with 3 updates","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-01T13:03:16.000Z","updated_at":"2026-02-01T13:06:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-and-patch-updates","update_count":3,"packages":[{"name":"ch.qos.logback:logback-classic","old_version":"1.5.23","new_version":"1.5.27","repository_url":"https://github.com/qos-ch/logback"},{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.20.1","new_version":"2.21.0","repository_url":"https://github.com/FasterXML/jackson"},{"name":"com.diffplug.spotless:spotless-plugin-gradle","old_version":"8.1.0","new_version":"8.2.1","repository_url":"https://github.com/diffplug/spotless"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 3 updates: [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback), [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) and [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless).\n\nUpdates `ch.qos.logback:logback-classic` from 1.5.23 to 1.5.27\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/qos-ch/logback/releases\"\u003ech.qos.logback:logback-classic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eLogback 1.5.27\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-30 Release of logback version 1.5.27\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• Updated license to Eclipse Public License version 2.0 from version 1.0, retaining the GPL 2.1 dual-license.\u003c/p\u003e\n\u003cp\u003e• Fixed missing MDC data transmitted by \u003ccode\u003eSocketAppender\u003c/code\u003e reported in \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/1010\"\u003eissues/1010\u003c/a\u003e by Lars Vogel.\u003c/p\u003e\n\u003cp\u003e• Removed all \u003ccode\u003eReceiver\u003c/code\u003e classes and components which were already disabled for several years.\u003c/p\u003e\n\u003cp\u003e• Refactored file scanning code for improved clarity.\u003c/p\u003e\n\u003cp\u003e• In \u003ccode\u003eSizeAndTimeBasedRollingPolicy\u003c/code\u003e modified \u003ccode\u003etotalSizeCap\u003c/code\u003e and \u003ccode\u003emaxFileSize\u003c/code\u003e comparison to taking into account file compression. This fixes \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/1007\"\u003eissues/1007\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by building from source code at commit 3618eb01aad6672f9cd250dccf7546a69cbe982f associated with the tag v_1.5.27. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003ch2\u003eLogback 1.5.26\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-25 Release of logback version 1.5.26\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• InsertFromJNDIModelHandler was accessing javax.naming package forcing the inclusion of the optional java.naming module. This problem was raised in \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/1003\"\u003eissues/1003\u003c/a\u003e by Marius Hanl who also provided the relevant PR.\u003c/p\u003e\n\u003cp\u003e• In applications using shadow/fat/shade jars, module or package information could be lost. Thus, in the absence of version information, logback-classic would warn about version mismatches. Logback components now ship with properties files containing version information that survive shadow/fat/shade jars. This issue was reporteed in \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/1002\"\u003eissues/1002\u003c/a\u003e by Christoph Gritschenberger.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by building from source code at commit 33deb54506bbfaf1ff151f26f3a5f86936011619 associated with the tag v_1.5.26. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003ch2\u003eLogback 1.5.25\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-17 Release of logback version 1.5.25\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• When processing configuration files, logback-core will now only instantiate components compatible with the class expected by the encapsulating class. This fixes an ACE vulnerability recorded as \u003ca href=\"https://www.cve.org/cverecord?id=CVE-2026-1225\"\u003eCVE-2026-1225\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e• In configuration files, referencing a single undeclared appender would cause all referenced appenders to be skipped. This issue was discovered in \u003ca href=\"https://redirect.github.com/qos-ch/logback/issues/997\"\u003eissues/997\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e• Added VersionUtil class to logback-core. This utility class checks for version compatibility issues and alerts the user if need be.\u003c/p\u003e\n\u003cp\u003e• Added \u003ca href=\"https://logback.qos.ch/manual/layouts.html#epoch\"\u003eEpochConverter\u003c/a\u003e to output milliseconds/seconds since epoch. This enhancement was requested by Duncan Jauncey in \u003ca href=\"https://redirect.github.com/qos-ch/logback/pull/1000\"\u003eissues/1000\u003c/a\u003e who also provided the relevant implementation PR.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by building from source code at commit f426e0002800cfb507f393fcacffe0761a425220 associated with the tag v_1.5.25. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003ch2\u003eLogback 1.5.24\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-06 Release of logback version 1.5.24\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• Added ExpressionPropertyCondition a PropertyCondition that can evaluate boolean expressions similar to Java. See \u003ca href=\"https://logback.qos.ch/manual/configuration.html#conditionalExp\"\u003ethe relevant documentation\u003c/a\u003e for further details.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by building from source code at commit 62bc5fc245dd3a52f3dd45e232733f4cefb4806d associated with the tag v_1.5.24. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/3618eb01aad6672f9cd250dccf7546a69cbe982f\"\u003e\u003ccode\u003e3618eb0\u003c/code\u003e\u003c/a\u003e increase timeout delay to 2000 millis\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/db150c3c92656ed01c66dbd8ec2a0f1548637663\"\u003e\u003ccode\u003edb150c3\u003c/code\u003e\u003c/a\u003e prepare release 1.5.27\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/0370b137a47a6148c3f2d527f6bfdbd22d3136a8\"\u003e\u003ccode\u003e0370b13\u003c/code\u003e\u003c/a\u003e fix missing MDC transmission in SocketAppender. Fixes issues/1010\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/8100acd4e49f7d3c78520efacfd98bd398f0e810\"\u003e\u003ccode\u003e8100acd\u003c/code\u003e\u003c/a\u003e remove RemoteAppender*\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/2b67210613628b8610f44063c4e739b71ce83190\"\u003e\u003ccode\u003e2b67210\u003c/code\u003e\u003c/a\u003e remove Receiver related classes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/d84b58686b3e04661bb47e7260d1fdcb731826ac\"\u003e\u003ccode\u003ed84b586\u003c/code\u003e\u003c/a\u003e remove ReceiverModelHandler - project still builds indicating no active usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/44049ed38ff396bc45a98d9b536da8f179547132\"\u003e\u003ccode\u003e44049ed\u003c/code\u003e\u003c/a\u003e remove support for receivers in SerializedModelConfigurator and JoranConfigur...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/56085d898665d6e99489591333a4ddf381465443\"\u003e\u003ccode\u003e56085d8\u003c/code\u003e\u003c/a\u003e fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/e7764f47e51921abe9635b32c2fa80e65d29efba\"\u003e\u003ccode\u003ee7764f4\u003c/code\u003e\u003c/a\u003e refactor file change scanning for clarity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qos-ch/logback/commit/e56a12f865751ce6a599963187b4a861854c7e8a\"\u003e\u003ccode\u003ee56a12f\u003c/code\u003e\u003c/a\u003e bump assertj version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/qos-ch/logback/compare/v_1.5.23...v_1.5.27\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.20.1 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.diffplug.spotless:spotless-plugin-gradle` from 8.1.0 to 8.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/diffplug/spotless/releases\"\u003ecom.diffplug.spotless:spotless-plugin-gradle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGradle Plugin v8.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix OutOfMemoryError and slow configuration phase in large multi-project builds when using Eclipse-based formatters (Eclipse JDT, GrEclipse, Eclipse CDT) by implementing P2 dependency caching. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2788\"\u003e#2788\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v8.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a \u003ccode\u003eexpandWildcardImports\u003c/code\u003e API for java (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2594\"\u003e#2679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd the ability to specify a wildcard version (\u003ccode\u003e*\u003c/code\u003e) for external formatter executables. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2757\"\u003e#2757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for passing multiple file paths using the -PspotlessIdeHook option. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2774\"\u003e#2774\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003econfiguration cache for groovy. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2797\"\u003e#2797\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] \u003ccode\u003eNPE\u003c/code\u003e due to workingTreeIterator being null for git ignored files. \u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/911\"\u003e#911\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2771\"\u003e#2771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent race conditions when multiple npm-based formatters launch the server process simultaneously while sharing the same \u003ccode\u003enode_modules\u003c/code\u003e directory. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2786\"\u003e#2786\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump default \u003ccode\u003ektfmt\u003c/code\u003e version to latest \u003ccode\u003e0.59\u003c/code\u003e -\u0026gt; \u003ccode\u003e0.61\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2804\"\u003e2804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ektlint\u003c/code\u003e version to latest \u003ccode\u003e1.7.1\u003c/code\u003e -\u0026gt; \u003ccode\u003e1.8.0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2763\"\u003e2763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003egherkin-utils\u003c/code\u003e version to latest \u003ccode\u003e9.2.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e10.0.0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2619\"\u003e#2619\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/2b7f9de321fc332be56a02d3cd0b73e72d3c1fec\"\u003e\u003ccode\u003e2b7f9de\u003c/code\u003e\u003c/a\u003e Published gradle/8.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/78e26e9a3e07a23a99f0e4b4ef2c7503cc8fed1f\"\u003e\u003ccode\u003e78e26e9\u003c/code\u003e\u003c/a\u003e Published lib/4.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/33692c2d957c07eda497aed93cc4e410289c3d6f\"\u003e\u003ccode\u003e33692c2\u003c/code\u003e\u003c/a\u003e [fix] \u003ccode\u003eremoveSemicolons()\u003c/code\u003e should not be applied to multiline strings in groo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/90628d8e829dbeff10e11d5b018045102367c046\"\u003e\u003ccode\u003e90628d8\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/61864a2a38ee3d41c3027c28f5182be6f2dc78a3\"\u003e\u003ccode\u003e61864a2\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-removeSemicolons\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/4864bc887a9b783feafa2908be5e17ab6a505aad\"\u003e\u003ccode\u003e4864bc8\u003c/code\u003e\u003c/a\u003e Fix Gradle Cache performance issue by supporting cached P2 provisionning via ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/075895cb3b16fdd1884a22342607655f4f996d2a\"\u003e\u003ccode\u003e075895c\u003c/code\u003e\u003c/a\u003e docs: Mention P2 caching for gradle plugin caching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/57214bf3eacc1aee293c95871b1fe41d28cf13ec\"\u003e\u003ccode\u003e57214bf\u003c/code\u003e\u003c/a\u003e feat: Supports P2 in predeclare\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/8aee8accdc070ee14fa85314d55c184c4c0e97df\"\u003e\u003ccode\u003e8aee8ac\u003c/code\u003e\u003c/a\u003e chore: Adds a GradleProvisioner test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/859326c0fa84793be37bcadabd88a8a9471f53dd\"\u003e\u003ccode\u003e859326c\u003c/code\u003e\u003c/a\u003e chore: Use a caching TestP2Provisioner in tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/diffplug/spotless/compare/gradle/8.1.0...gradle/8.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/119","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/119","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/119/packages"}},{"old_version":"2.20.1","new_version":"2.21.0","update_type":"minor","path":null,"pr_created_at":"2026-01-19T10:00:21.000Z","version_change":"2.20.1 → 2.21.0","issue":{"uuid":"3828930512","node_id":"PR_kwDOKIhk5M6994mx","number":253,"state":"closed","title":"chore(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.20.1 to 2.21.0","user":"dependabot[bot]","labels":["gradle","dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-23T09:24:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-19T10:00:21.000Z","updated_at":"2026-02-23T09:24:07.000Z","time_to_close":3021824,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.20.1","new_version":"2.21.0","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.20.1 to 2.21.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.20.1\u0026new-version=2.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/cyberkaida/reverse-engineering-assistant/pull/253","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberkaida%2Freverse-engineering-assistant/issues/253","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/253/packages"}},{"old_version":"2.19.2","new_version":"2.20.1","update_type":"minor","path":null,"pr_created_at":"2025-11-10T10:11:40.000Z","version_change":"2.19.2 → 2.20.1","issue":{"uuid":"3607232243","node_id":"PR_kwDOKIhk5M6yfZ8T","number":218,"state":"closed","title":"chore(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.1","user":"dependabot[bot]","labels":["gradle","dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-05T09:03:42.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-10T10:11:40.000Z","updated_at":"2026-01-05T09:03:51.000Z","time_to_close":4834322,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.2","new_version":"2.20.1","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.2 to 2.20.1.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.2\u0026new-version=2.20.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/cyberkaida/reverse-engineering-assistant/pull/218","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberkaida%2Freverse-engineering-assistant/issues/218","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/218/packages"}},{"old_version":"2.20.0","new_version":"2.20.1","update_type":"patch","path":null,"pr_created_at":"2025-10-31T22:01:25.000Z","version_change":"2.20.0 → 2.20.1","issue":{"uuid":"3576624957","node_id":"PR_kwDOAd-BNc6w69UH","number":757,"state":"open","title":"build(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.20.0 to 2.20.1","user":"dependabot[bot]","labels":["dependencies","gradle","automerge","patch"],"assignees":["BigMichi1"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-10-31T22:01:25.000Z","updated_at":"2025-10-31T22:01:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.20.0","new_version":"2.20.1","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.20.0 to 2.20.1.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.20.0\u0026new-version=2.20.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gradle-dependency-analyze/gradle-dependency-analyze/pull/757","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradle-dependency-analyze%2Fgradle-dependency-analyze/issues/757","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/757/packages"}},{"old_version":"2.18.1","new_version":"2.20.0","update_type":"minor","path":"/serverpackcreator-api","pr_created_at":"2025-10-01T14:02:47.000Z","version_change":"2.18.1 → 2.20.0","issue":{"uuid":"2878382392","node_id":"PR_kwDOFAzjV86rkKE4","number":888,"state":"open","title":"build(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.18.1 to 2.20.0 in /serverpackcreator-api","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":["Griefed"],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-10-01T14:02:47.000Z","updated_at":"2025-10-01T14:02:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.18.1","new_version":"2.20.0","repository_url":"https://github.com/FasterXML/jackson"}],"path":"/serverpackcreator-api","ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.18.1 to 2.20.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.18.1\u0026new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Griefed/ServerPackCreator/pull/888","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Griefed%2FServerPackCreator/issues/888","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/888/packages"}},{"old_version":"2.19.2","new_version":"2.20.0","update_type":"minor","path":"the minor-and-patch-updates group","pr_created_at":"2025-09-01T23:14:02.000Z","version_change":"2.19.2 → 2.20.0","issue":{"uuid":"2790873334","node_id":"PR_kwDOJx0dmM6mWVj2","number":105,"state":"closed","title":"[CORE-69]: Bump com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.0 in the minor-and-patch-updates group","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-09-02T13:13:29.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-01T23:14:02.000Z","updated_at":"2025-09-02T13:13:30.000Z","time_to_close":50367,"merged_at":"2025-09-02T13:13:29.000Z","merged_by":"davidangb","closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.2","new_version":"2.20.0","repository_url":"https://github.com/FasterXML/jackson"}],"path":"the minor-and-patch-updates group","ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 1 update: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson).\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.2\u0026new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/105","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/105","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/105/packages"}},{"old_version":"2.19.2","new_version":"2.20.0","update_type":"minor","path":null,"pr_created_at":"2025-09-01T21:08:03.000Z","version_change":"2.19.2 → 2.20.0","issue":{"uuid":"2790746694","node_id":"PR_kwDOHYbty86mV2pG","number":138,"state":"open","title":"[CORE-69]: Bump the minor-patch-dependencies group with 13 updates","user":"dependabot[bot]","labels":["dependency","gradle"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-01T21:08:03.000Z","updated_at":"2025-09-02T16:14:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-patch-dependencies","update_count":13,"packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.2","new_version":"2.20.0","repository_url":"https://github.com/FasterXML/jackson"},{"name":"org.springframework.boot:spring-boot-starter-data-jdbc","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-web","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-validation","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-thymeleaf","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-configuration-processor","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-test","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.boot:spring-boot-starter-actuator","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework:spring-aop","old_version":"6.2.9","new_version":"6.2.10","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"org.springframework:spring-aspects","old_version":"6.2.9","new_version":"6.2.10","repository_url":"https://github.com/spring-projects/spring-framework"},{"name":"io.sentry:sentry-spring-boot-starter","old_version":"8.19.1","new_version":"8.20.0","repository_url":"https://github.com/getsentry/sentry-java"},{"name":"org.springframework.boot:spring-boot-gradle-plugin","old_version":"3.5.4","new_version":"3.5.5","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.yaml:snakeyaml","old_version":"2.4","new_version":"2.5"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-patch-dependencies group with 13 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.19.2` | `2.20.0` |\n| [org.springframework.boot:spring-boot-starter-data-jdbc](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-web](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-validation](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-thymeleaf](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-configuration-processor](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework.boot:spring-boot-starter-actuator](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.springframework:spring-aop](https://github.com/spring-projects/spring-framework) | `6.2.9` | `6.2.10` |\n| [org.springframework:spring-aspects](https://github.com/spring-projects/spring-framework) | `6.2.9` | `6.2.10` |\n| [io.sentry:sentry-spring-boot-starter](https://github.com/getsentry/sentry-java) | `8.19.1` | `8.20.0` |\n| [org.springframework.boot:spring-boot-gradle-plugin](https://github.com/spring-projects/spring-boot) | `3.5.4` | `3.5.5` |\n| [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) | `2.4` | `2.5` |\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-data-jdbc` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-data-jdbc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-web` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-validation` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-validation's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-thymeleaf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-configuration-processor` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-configuration-processor's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-test` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-actuator` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-actuator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefault value not detected for a field annoted with \u003ccode\u003e@Name\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46666\"\u003e#46666\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing metadata when using \u003ccode\u003e@Name\u003c/code\u003e with a constructor-bound property \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46663\"\u003e#46663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMissing property for Spring Authorization Server's PAR endpoint \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46641\"\u003e#46641\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperty name is incorrect when reporting a mis-configured OAuth 2 Resource Server JWT public key location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46636\"\u003e#46636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMemory not freed on context restart in JpaMetamodel#CACHE with spring.main.lazy-initialization=true \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46634\"\u003e#46634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured MockMvc ignores \u003ccode\u003e@FilterRegistration\u003c/code\u003e annotation \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46605\"\u003e#46605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFailure to discover default value for a primitive should not lead to document its default value \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46561\"\u003e#46561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKotlin samples for configuration metadata are in the wrong package \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46857\"\u003e#46857\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eObservability examples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46798\"\u003e#46798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign method descriptions for SslOptions getCiphers and getEnabledProtocols with \u003ccode\u003e@returns\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46769\"\u003e#46769\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTracing samples in the reference guide are missing the Kotlin version \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46767\"\u003e#46767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove Virtual Threads section to mention the changes in Java 24 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46610\"\u003e#46610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.webtestclient.timeout is not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46588\"\u003e#46588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring-boot-test-autoconfigure should use the configuration properties annotation processor like other modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46585\"\u003e#46585\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt deprecation level for management.health.influxdb.enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46580\"\u003e#46580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.test.mockmvc properties are not documented \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46578\"\u003e#46578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Angus Mail 2.0.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46725\"\u003e#46725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to AssertJ 3.27.4 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46726\"\u003e#46726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Byte Buddy 1.17.7 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46883\"\u003e#46883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Couchbase Client 3.8.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46794\"\u003e#46794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 8.18.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46830\"\u003e#46830\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 6.6.26.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46884\"\u003e#46884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate Validator 8.0.3.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46728\"\u003e#46728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to HikariCP 6.3.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46729\"\u003e#46729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jersey 3.1.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46730\"\u003e#46730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty 12.0.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46831\"\u003e#46831\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jetty Reactive HTTPClient 4.0.11 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46885\"\u003e#46885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to jOOQ 3.19.25 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46808\"\u003e#46808\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MariaDB 3.5.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46779\"\u003e#46779\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Maven Javadoc Plugin 3.11.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46886\"\u003e#46886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer 1.15.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46701\"\u003e#46701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Micrometer Tracing 1.5.3 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46702\"\u003e#46702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to MySQL 9.4.0 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46732\"\u003e#46732\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Netty 4.1.124.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46832\"\u003e#46832\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Pulsar 4.0.6 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46733\"\u003e#46733\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Reactor Bom 2024.0.9 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46703\"\u003e#46703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3537d255b579018851951da08262cd0178e40c66\"\u003e\u003ccode\u003e3537d25\u003c/code\u003e\u003c/a\u003e Release v3.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/a22e28e9e00eca994b8e412a420110da5b58b64a\"\u003e\u003ccode\u003ea22e28e\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4cb8c8a1b9670497046655393ab2a0f535e8442d\"\u003e\u003ccode\u003e4cb8c8a\u003c/code\u003e\u003c/a\u003e Next development version (v3.4.10-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9d205e21c4c007b317cc3c65bf8dcad543e61c81\"\u003e\u003ccode\u003e9d205e2\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/47b06322d3df72d886d838a090f506a6ba281892\"\u003e\u003ccode\u003e47b0632\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46927\"\u003e#46927\u003c/a\u003e from izeye\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8b7145802503dc00720e24db67144e568648c96f\"\u003e\u003ccode\u003e8b71458\u003c/code\u003e\u003c/a\u003e Adapt checkstyle rules for 3.4.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/fb99badf16072b3e49aca422abe8e5be184b1af8\"\u003e\u003ccode\u003efb99bad\u003c/code\u003e\u003c/a\u003e Remove redundant suppressions from Checkstyle configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8af836a428e65b8032483d5d8159099684054cd0\"\u003e\u003ccode\u003e8af836a\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ae6c6a5ed4652134c8f35fb8ca9a3d0149a207c2\"\u003e\u003ccode\u003eae6c6a5\u003c/code\u003e\u003c/a\u003e Merge branch '3.4.x' into 3.5.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/b6bae9f59b38a2dc8234d2766b062a5986410a37\"\u003e\u003ccode\u003eb6bae9f\u003c/code\u003e\u003c/a\u003e Upgrade to Spring RESTDocs 3.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.4...v3.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.boot:spring-boot-starter-web` from 3.5.4 to 3.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-web's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.5\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHazelcast health indicator reports the wrong status when Hazelcast has shut down due to an out-of-memory error \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46909\"\u003e#46909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance critical tracing code has high overhead due to the use of the Stream API \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46844\"\u003e#46844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpringLiquibaseCustomizer is exposed outside its defined visibility scope \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46758\"\u003e#46758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRace condition in OutputCapture can result in stale data \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/46721\"\u003e#46721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-configured WebClient no longer uses context's ReactorResourceFactory \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/46673\"\u003e#46673\u003c/a\u003e\u003c/li\u003e\n...\n\n_Description has been truncated_","html_url":"https://github.com/DataBiosphere/terra-policy-service/pull/138","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fterra-policy-service/issues/138","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/138/packages"}},{"old_version":"2.19.2","new_version":"2.20.0","update_type":"minor","path":null,"pr_created_at":"2025-08-29T22:01:19.000Z","version_change":"2.19.2 → 2.20.0","issue":{"uuid":"2786127025","node_id":"PR_kwDOAd-BNc6mEOyx","number":726,"state":"closed","title":"build(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.0","user":"dependabot[bot]","labels":["dependencies","gradle","automerge","minor"],"assignees":["BigMichi1"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-29T22:26:56.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-29T22:01:19.000Z","updated_at":"2025-08-29T22:26:56.000Z","time_to_close":1537,"merged_at":"2025-08-29T22:26:56.000Z","merged_by":"kodiakhq[bot]","closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.2","new_version":"2.20.0","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.2 to 2.20.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.2\u0026new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gradle-dependency-analyze/gradle-dependency-analyze/pull/726","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradle-dependency-analyze%2Fgradle-dependency-analyze/issues/726","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/726/packages"}},{"old_version":"2.19.1","new_version":"2.19.2","update_type":"patch","path":null,"pr_created_at":"2025-08-04T13:51:07.000Z","version_change":"2.19.1 → 2.19.2","issue":{"uuid":"2718069750","node_id":"PR_kwDOKIhk5M6iAnP2","number":160,"state":"open","title":"chore(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.19.1 to 2.19.2","user":"dependabot[bot]","labels":["gradle","dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-04T13:51:07.000Z","updated_at":"2025-08-09T01:01:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.1","new_version":"2.19.2","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.1 to 2.19.2.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.1\u0026new-version=2.19.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/cyberkaida/reverse-engineering-assistant/pull/160","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberkaida%2Freverse-engineering-assistant/issues/160","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/160/packages"}},{"old_version":"2.19.1","new_version":"2.19.2","update_type":"patch","path":null,"pr_created_at":"2025-08-01T20:29:58.000Z","version_change":"2.19.1 → 2.19.2","issue":{"uuid":"3285055331","node_id":"PR_kwDOJx0dmM6hyA8A","number":102,"state":"open","title":"[CORE-69]: Bump the minor-and-patch-updates group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-01T20:29:58.000Z","updated_at":"2025-08-01T22:09:42.234Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-and-patch-updates","update_count":2,"packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.1","new_version":"2.19.2","repository_url":"https://github.com/FasterXML/jackson"},{"name":"com.diffplug.spotless:spotless-plugin-gradle","old_version":"7.0.4","new_version":"7.2.1","repository_url":"https://github.com/diffplug/spotless"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 2 updates in the / directory: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) and [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless).\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.1 to 2.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.diffplug.spotless:spotless-plugin-gradle` from 7.0.4 to 7.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/diffplug/spotless/releases\"\u003ecom.diffplug.spotless:spotless-plugin-gradle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGradle Plugin v7.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003espotlessInstallGitPrePushHook\u003c/code\u003e didn't work on windows, now fixed. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v7.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow specifying path to Biome JSON config file directly in \u003ccode\u003ebiome\u003c/code\u003e step. Requires biome 2.x. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003espotlessInstallGitPrePushHook\u003c/code\u003e task, which installs a Git \u003ccode\u003epre-push\u003c/code\u003e hook to run \u003ccode\u003espotlessCheck\u003c/code\u003e and \u003ccode\u003espotlessApply\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2553\"\u003e#2553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow setting Eclipse XML config from a string, not only from files (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2361\"\u003e#2361\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump default \u003ccode\u003egson\u003c/code\u003e version to latest \u003ccode\u003e2.11.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.13.1\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2414\"\u003e#2414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ejackson\u003c/code\u003e version to latest \u003ccode\u003e2.18.1\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.19.2\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2558\"\u003e#2558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003egherkin-utils\u003c/code\u003e version to latest \u003ccode\u003e9.0.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e9.2.0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2408\"\u003e#2408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ecleanthat\u003c/code\u003e version to latest \u003ccode\u003e2.22\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.23\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2556\"\u003e#2556\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v7.1.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003eidea\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2020\"\u003e#2020\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2535\"\u003e#2535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for removing wildcard imports via \u003ccode\u003eremoveWildcardImports\u003c/code\u003e step. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2517\"\u003e#2517\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix biome formatter for new major release 2.x of biome (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2537\"\u003e#2537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake sure npm-based formatters use the correct \u003ccode\u003enode_modules\u003c/code\u003e directory when running in parallel. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump internal dependencies for npm-based formatters (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003escalafmt: enforce version consistency between the version configured in Spotless and the version declared in Scalafmt config file (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2460\"\u003e#2460\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/9e11c9d4a8411876b10d77d81aaf5b4ab312b455\"\u003e\u003ccode\u003e9e11c9d\u003c/code\u003e\u003c/a\u003e Published gradle/7.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/314418c2b9fa8210169826e52270e7cc5539531b\"\u003e\u003ccode\u003e314418c\u003c/code\u003e\u003c/a\u003e Published lib/3.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/5e9df11e2b1dde4d6d71ddac6f4f453bb9c8131d\"\u003e\u003ccode\u003e5e9df11\u003c/code\u003e\u003c/a\u003e Windows Compatibility Fix for Git Pre-push Hook (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/24ca3bcef169ba3b34f809196bcbaceb98798971\"\u003e\u003ccode\u003e24ca3bc\u003c/code\u003e\u003c/a\u003e We should run CI for PRs against \u003ccode\u003erelease\u003c/code\u003e also.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/222085be8c9a336d9f2bbd6300ac0d818d04d2db\"\u003e\u003ccode\u003e222085b\u003c/code\u003e\u003c/a\u003e Update changelogs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/776f7d15cc523af3db7cbc8b288abaf13dd54516\"\u003e\u003ccode\u003e776f7d1\u003c/code\u003e\u003c/a\u003e execute pre-push hook\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/b8e80bcd369d7e68d9a7ace6434729aa4194daf7\"\u003e\u003ccode\u003eb8e80bc\u003c/code\u003e\u003c/a\u003e tests fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/1042742744e7f273a019dc4e21566244a5585306\"\u003e\u003ccode\u003e1042742\u003c/code\u003e\u003c/a\u003e spotlessApply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/4cf8137acb1fae06147e6d6dd7a7e127aae7de74\"\u003e\u003ccode\u003e4cf8137\u003c/code\u003e\u003c/a\u003e git pre push hook windows fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/94da761e14d554ae61f6e665328d7c25d9a86e85\"\u003e\u003ccode\u003e94da761\u003c/code\u003e\u003c/a\u003e Published maven/2.46.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/diffplug/spotless/compare/gradle/7.0.4...gradle/7.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/102","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/102","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/102/packages"}},{"old_version":"2.19.1","new_version":"2.19.2","update_type":"patch","path":null,"pr_created_at":"2025-08-01T12:46:56.000Z","version_change":"2.19.1 → 2.19.2","issue":{"uuid":"2713125384","node_id":"PR_kwDOJx0dmM6htwII","number":99,"state":"open","title":"[CORE-69]: Bump the minor-and-patch-updates group with 3 updates","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-01T12:46:56.000Z","updated_at":"2025-08-01T20:25:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","group_name":"minor-and-patch-updates","update_count":3,"packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.1","new_version":"2.19.2","repository_url":"https://github.com/FasterXML/jackson"},{"name":"com.google.cloud.artifactregistry.gradle-plugin","old_version":"2.1.5","new_version":"2.2.5"},{"name":"com.diffplug.spotless:spotless-plugin-gradle","old_version":"7.0.4","new_version":"7.2.1","repository_url":"https://github.com/diffplug/spotless"}],"path":null,"ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 3 updates: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson), com.google.cloud.artifactregistry.gradle-plugin and [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless).\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.1 to 2.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.google.cloud.artifactregistry.gradle-plugin` from 2.1.5 to 2.2.5\n\nUpdates `com.diffplug.spotless:spotless-plugin-gradle` from 7.0.4 to 7.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/diffplug/spotless/releases\"\u003ecom.diffplug.spotless:spotless-plugin-gradle's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGradle Plugin v7.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003espotlessInstallGitPrePushHook\u003c/code\u003e didn't work on windows, now fixed. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v7.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow specifying path to Biome JSON config file directly in \u003ccode\u003ebiome\u003c/code\u003e step. Requires biome 2.x. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003espotlessInstallGitPrePushHook\u003c/code\u003e task, which installs a Git \u003ccode\u003epre-push\u003c/code\u003e hook to run \u003ccode\u003espotlessCheck\u003c/code\u003e and \u003ccode\u003espotlessApply\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2553\"\u003e#2553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow setting Eclipse XML config from a string, not only from files (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2361\"\u003e#2361\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump default \u003ccode\u003egson\u003c/code\u003e version to latest \u003ccode\u003e2.11.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.13.1\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2414\"\u003e#2414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ejackson\u003c/code\u003e version to latest \u003ccode\u003e2.18.1\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.19.2\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2558\"\u003e#2558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003egherkin-utils\u003c/code\u003e version to latest \u003ccode\u003e9.0.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e9.2.0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2408\"\u003e#2408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ecleanthat\u003c/code\u003e version to latest \u003ccode\u003e2.22\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.23\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2556\"\u003e#2556\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eGradle Plugin v7.1.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003eidea\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2020\"\u003e#2020\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2535\"\u003e#2535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for removing wildcard imports via \u003ccode\u003eremoveWildcardImports\u003c/code\u003e step. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2517\"\u003e#2517\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix biome formatter for new major release 2.x of biome (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2537\"\u003e#2537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake sure npm-based formatters use the correct \u003ccode\u003enode_modules\u003c/code\u003e directory when running in parallel. (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump internal dependencies for npm-based formatters (\u003ca href=\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003escalafmt: enforce version consistency between the version configured in Spotless and the version declared in Scalafmt config file (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2460\"\u003e#2460\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/9e11c9d4a8411876b10d77d81aaf5b4ab312b455\"\u003e\u003ccode\u003e9e11c9d\u003c/code\u003e\u003c/a\u003e Published gradle/7.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/314418c2b9fa8210169826e52270e7cc5539531b\"\u003e\u003ccode\u003e314418c\u003c/code\u003e\u003c/a\u003e Published lib/3.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/5e9df11e2b1dde4d6d71ddac6f4f453bb9c8131d\"\u003e\u003ccode\u003e5e9df11\u003c/code\u003e\u003c/a\u003e Windows Compatibility Fix for Git Pre-push Hook (\u003ca href=\"https://redirect.github.com/diffplug/spotless/issues/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/24ca3bcef169ba3b34f809196bcbaceb98798971\"\u003e\u003ccode\u003e24ca3bc\u003c/code\u003e\u003c/a\u003e We should run CI for PRs against \u003ccode\u003erelease\u003c/code\u003e also.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/222085be8c9a336d9f2bbd6300ac0d818d04d2db\"\u003e\u003ccode\u003e222085b\u003c/code\u003e\u003c/a\u003e Update changelogs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/776f7d15cc523af3db7cbc8b288abaf13dd54516\"\u003e\u003ccode\u003e776f7d1\u003c/code\u003e\u003c/a\u003e execute pre-push hook\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/b8e80bcd369d7e68d9a7ace6434729aa4194daf7\"\u003e\u003ccode\u003eb8e80bc\u003c/code\u003e\u003c/a\u003e tests fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/1042742744e7f273a019dc4e21566244a5585306\"\u003e\u003ccode\u003e1042742\u003c/code\u003e\u003c/a\u003e spotlessApply\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/4cf8137acb1fae06147e6d6dd7a7e127aae7de74\"\u003e\u003ccode\u003e4cf8137\u003c/code\u003e\u003c/a\u003e git pre push hook windows fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/diffplug/spotless/commit/94da761e14d554ae61f6e665328d7c25d9a86e85\"\u003e\u003ccode\u003e94da761\u003c/code\u003e\u003c/a\u003e Published maven/2.46.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/diffplug/spotless/compare/gradle/7.0.4...gradle/7.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/99","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/99","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/99/packages"}},{"old_version":"2.19.1","new_version":"2.19.2","update_type":"patch","path":null,"pr_created_at":"2025-07-18T22:08:19.000Z","version_change":"2.19.1 → 2.19.2","issue":{"uuid":"2678349432","node_id":"PR_kwDOAd-BNc6fpF54","number":707,"state":"closed","title":"build(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.19.1 to 2.19.2","user":"dependabot[bot]","labels":["dependencies","gradle","automerge","patch"],"assignees":["BigMichi1"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-18T22:34:15.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-18T22:08:19.000Z","updated_at":"2025-07-18T22:34:15.000Z","time_to_close":1556,"merged_at":"2025-07-18T22:34:14.000Z","merged_by":"kodiakhq[bot]","closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.1","new_version":"2.19.2","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.1 to 2.19.2.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.1\u0026new-version=2.19.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gradle-dependency-analyze/gradle-dependency-analyze/pull/707","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradle-dependency-analyze%2Fgradle-dependency-analyze/issues/707","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/707/packages"}},{"old_version":"2.19.0","new_version":"2.19.1","update_type":"patch","path":"the minor-and-patch-updates group","pr_created_at":"2025-07-01T12:56:08.000Z","version_change":"2.19.0 → 2.19.1","issue":{"uuid":"2632383001","node_id":"PR_kwDOJx0dmM6c5voZ","number":96,"state":"closed","title":"[CORE-69]: Bump com.fasterxml.jackson.core:jackson-databind from 2.19.0 to 2.19.1 in the minor-and-patch-updates group","user":"dependabot[bot]","labels":["dependencies","gradle"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2025-07-01T13:27:14.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-01T12:56:08.000Z","updated_at":"2025-07-01T13:27:14.000Z","time_to_close":1866,"merged_at":"2025-07-01T13:27:14.000Z","merged_by":"calypsomatic","closed_by":null,"dependency_metadata":{"prefix":"[CORE-69]: Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.0","new_version":"2.19.1","repository_url":"https://github.com/FasterXML/jackson"}],"path":"the minor-and-patch-updates group","ecosystem":"gradle"},"body":"Bumps the minor-and-patch-updates group with 1 update: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson).\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.19.0 to 2.19.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.0\u0026new-version=2.19.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DataBiosphere/java-pfb/pull/96","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataBiosphere%2Fjava-pfb/issues/96","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/96/packages"}},{"old_version":"2.19.0","new_version":"2.19.1","update_type":"patch","path":null,"pr_created_at":"2025-06-17T00:01:31.000Z","version_change":"2.19.0 → 2.19.1","issue":{"uuid":"2597190616","node_id":"PR_kwDOAd-BNc6azfvY","number":697,"state":"closed","title":"build(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.19.0 to 2.19.1","user":"dependabot[bot]","labels":["dependencies","gradle","automerge","patch"],"assignees":["BigMichi1"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-17T00:26:58.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-17T00:01:31.000Z","updated_at":"2025-06-17T00:26:59.000Z","time_to_close":1527,"merged_at":"2025-06-17T00:26:58.000Z","merged_by":"kodiakhq[bot]","closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","packages":[{"name":"com.fasterxml.jackson.core:jackson-databind","old_version":"2.19.0","new_version":"2.19.1","repository_url":"https://github.com/FasterXML/jackson"}],"path":null,"ecosystem":"gradle"},"body":"Bumps [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) from 2.19.0 to 2.19.1.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/FasterXML/jackson/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.core:jackson-databind\u0026package-manager=gradle\u0026previous-version=2.19.0\u0026new-version=2.19.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gradle-dependency-analyze/gradle-dependency-analyze/pull/697","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradle-dependency-analyze%2Fgradle-dependency-analyze/issues/697","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/697/packages"}}]}