Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

chore(deps): bump org.springframework.boot:spring-boot-starter-parent from 2.2.2.RELEASE to 3.5.7

Closed
Number: #125
Type: Pull Request
State: Closed
Author: dependabot[bot] dependabot[bot]
Association: Unknown
Comments: 1
Created: October 27, 2025 at 04:13 AM UTC
(about 1 month ago)
Updated: November 06, 2025 at 03:58 PM UTC
(about 1 month ago)
Closed: November 06, 2025 at 03:58 PM UTC
(about 1 month ago)
Time to Close: 10 days
Labels:
dependencies java
Description:

Bumps org.springframework.boot:spring-boot-starter-parent from 2.2.2.RELEASE to 3.5.7.

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.5.7

:star: New Features

  • Add TWENTY_FIVE to JavaVersion enum #47609

:lady_beetle: Bug Fixes

  • Signed jar verification fails when nested in an uber war running on an Oracle JVM #47771
  • In an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location #47737
  • Homebrew formula for the CLI should use libexec #47722
  • When virtual threads are enabled, embedded Jetty does not use recommended virtual thread configuration #47717
  • ClientHttpRequestFactoryRuntimeHints is missing timeout methods with Duration overloads #47678
  • OnBeanCondition no longer correctly finds annotations on scoped target proxy beans #47635
  • JavaVersion doesn't work reliably in native-image #47620
  • LiquibaseEndpoint always uses defaultSchema instead of liquibaseSchema #47346
  • Launcher fails to find main method when it is parameterless #47311
  • Package private Main class using Java 25 is not found by build plugins #47309
  • Bitnami legacy images are not automatically detected #47275
  • Maven plugin does not provide an easy way to exclude optional dependencies from uber jar #25403

:notebook_with_decorative_cover: Documentation

  • Some spring.test.* properties are not documented #47775
  • Dependency management for Maven AntRun Plugin is missing changelog link #47744
  • Developing Your First Spring Boot Application has outdated tools #47700
  • Include deprecated configuration properties in the reference documentation #47669
  • Aggregated Javadoc should link to the proper version of JakartaEE #47593
  • Update javadoc of TestRestTemplate following change to redirect behavior #47474
  • Use non-deprecated syntax to configure sourceCompatibility #47343
  • Fix link to Framework's @Bean annotation #47330
  • Update managed dependency version override examples in documentation #47306

:hammer: Dependency Upgrades

  • Upgrade to ActiveMQ 6.1.8 #47767
  • Upgrade to Angus Mail 2.0.5 #47525
  • Upgrade to AssertJ 3.27.6 #47526
  • Upgrade to Byte Buddy 1.17.8 #47527
  • Upgrade to Cassandra Driver 4.19.1 #47768
  • Upgrade to Classmate 1.7.1 #47528
  • Upgrade to Elasticsearch Client 8.18.8 #47671
  • Upgrade to Glassfish JAXB 4.0.6 #47529
  • Upgrade to GraphQL Java 24.3 #47755
  • Upgrade to Groovy 4.0.29 #47713
  • Upgrade to Hibernate 6.6.33.Final #47530
  • Upgrade to HttpClient5 5.5.1 #47531
  • Upgrade to HttpCore5 5.3.6 #47532
  • Upgrade to Jakarta Mail 2.1.5 #47533
  • Upgrade to Jakarta XML Bind 4.0.4 #47242
  • Upgrade to Jetty 12.0.29 #47728

... (truncated)

Commits
  • d3152ea Release v3.5.7
  • af07358 Merge branch '3.4.x' into 3.5.x
  • b0bef35 Document missing spring.test.* properties
  • 6683d0f Merge branch '3.4.x' into 3.5.x
  • 5ba3642 Next development version (v3.4.12-SNAPSHOT)
  • 59aba4e Merge branch '3.4.x' into 3.5.x
  • 4525a0c Merge pull request #47284 from DKARAGODIN
  • 43d91ae Write signature files to uber wars for Oracle Java 17 verification
  • eaad688 Upgrade to Spring Batch 5.2.4
  • edee2de Upgrade to Cassandra Driver 4.19.1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Package Dependencies
Package:
org.springframework.boot:spring-boot-starter-parent
Ecosystem:
maven
Version Change:
2.2.2.RELEASE → 3.5.7
Update Type:
Major
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 10871372
UUID: 3554974490
Node ID: PR_kwDOJSqFs86vy9Ke
Host: GitHub
Repository: octodemo/java-springboot-demo