From 75e9c7d5dd3581a6bde79056611c9d4bb7e63e6e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 26 Jan 2026 21:55:32 +0000
Subject: [PATCH 1/9] build(deps-dev): bump org.assertj:assertj-core in
 /api-tests

Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.4 to 3.27.7.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.4...assertj-build-3.27.7)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 api-tests/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api-tests/pom.xml b/api-tests/pom.xml
index 4fb422a9..139ddec2 100644
--- a/api-tests/pom.xml
+++ b/api-tests/pom.xml
@@ -32,7 +32,7 @@
     <spotbugs.version>4.9.4</spotbugs.version>
     <puppycrawl-tools-checkstyle.version>11.0.0</puppycrawl-tools-checkstyle.version>
     <junit-jupiter.version>5.13.4</junit-jupiter.version>
-    <assertj.core.version>3.27.4</assertj.core.version>
+    <assertj.core.version>3.27.7</assertj.core.version>
     <hamcrest.version>3.0</hamcrest.version>
     <byte.buddy.version>1.17.6</byte.buddy.version>
     <springfox.swagger2.version>3.0.0</springfox.swagger2.version>

From 019d67a96f03f5b0d8f12f8d048df18c049fca95 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 16 Feb 2026 13:26:02 +0000
Subject: [PATCH 2/9] build(deps): bump the low-risk group across 1 directory
 with 11 updates

Bumps the low-risk group with 8 updates in the /java directory:

| Package | From | To |
| --- | --- | --- |
| [com.ensono.stacks.modules:stacks-modules-parent](https://github.com/Ensono/stacks-java-module-parent) | `3.0.111` | `3.0.139` |
| [org.springframework.cloud:spring-cloud-dependencies](https://github.com/spring-cloud/spring-cloud-release) | `2025.0.0` | `2025.1.1` |
| [au.com.dius.pact:consumer](https://github.com/pact-foundation/pact-jvm) | `4.6.17` | `4.6.19` |
| [com.amazonaws:aws-java-sdk-s3](https://github.com/aws/aws-sdk-java) | `1.12.788` | `1.12.797` |
| [org.pitest:pitest-junit5-plugin](https://github.com/pitest/pitest-junit5-plugin) | `1.2.1` | `1.2.3` |
| [au.com.dius.pact.provider:maven](https://github.com/pact-foundation/pact-jvm) | `4.6.17` | `4.6.19` |
| [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) | `12.1.9` | `12.2.0` |
| [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) | `3.5.1` | `3.6.3` |



Updates `com.ensono.stacks.modules:stacks-modules-parent` from 3.0.111 to 3.0.139
- [Commits](https://github.com/Ensono/stacks-java-module-parent/compare/v3.0.111...v3.0.139)

Updates `org.springframework.cloud:spring-cloud-dependencies` from 2025.0.0 to 2025.1.1
- [Release notes](https://github.com/spring-cloud/spring-cloud-release/releases)
- [Commits](https://github.com/spring-cloud/spring-cloud-release/compare/v2025.0.0...v2025.1.1)

Updates `au.com.dius.pact:consumer` from 4.6.17 to 4.6.19
- [Release notes](https://github.com/pact-foundation/pact-jvm/releases)
- [Changelog](https://github.com/pact-foundation/pact-jvm/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pact-foundation/pact-jvm/commits)

Updates `com.amazonaws:aws-java-sdk-s3` from 1.12.788 to 1.12.797
- [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-java/compare/1.12.788...1.12.797)

Updates `com.puppycrawl.tools:checkstyle` from 12.3.0 to 12.3.1
- [Release notes](https://github.com/checkstyle/checkstyle/releases)
- [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-12.3.0...checkstyle-12.3.1)

Updates `org.pitest:pitest-junit5-plugin` from 1.2.1 to 1.2.3
- [Release notes](https://github.com/pitest/pitest-junit5-plugin/releases)
- [Commits](https://github.com/pitest/pitest-junit5-plugin/compare/1.2.1...1.2.3)

Updates `org.springframework.boot:spring-boot-maven-plugin` from 3.5.8 to 3.5.10
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.5.8...v3.5.10)

Updates `au.com.dius.pact.provider:maven` from 4.6.17 to 4.6.19
- [Release notes](https://github.com/pact-foundation/pact-jvm/releases)
- [Changelog](https://github.com/pact-foundation/pact-jvm/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pact-foundation/pact-jvm/commits)

Updates `org.pitest:pitest-maven` from 1.22.0 to 1.22.1
- [Release notes](https://github.com/hcoles/pitest/releases)
- [Commits](https://github.com/hcoles/pitest/compare/1.22.0...1.22.1)

Updates `org.owasp:dependency-check-maven` from 12.1.9 to 12.2.0
- [Release notes](https://github.com/dependency-check/DependencyCheck/releases)
- [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md)
- [Commits](https://github.com/dependency-check/DependencyCheck/compare/v12.1.9...v12.2.0)

Updates `org.codehaus.mojo:exec-maven-plugin` from 3.5.1 to 3.6.3
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](https://github.com/mojohaus/exec-maven-plugin/compare/3.5.1...3.6.3)

---
updated-dependencies:
- dependency-name: com.ensono.stacks.modules:stacks-modules-parent
  dependency-version: 3.0.139
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.springframework.cloud:spring-cloud-dependencies
  dependency-version: 2025.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: au.com.dius.pact:consumer
  dependency-version: 4.6.19
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: com.amazonaws:aws-java-sdk-s3
  dependency-version: 1.12.797
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: com.puppycrawl.tools:checkstyle
  dependency-version: 12.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.pitest:pitest-junit5-plugin
  dependency-version: 1.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.springframework.boot:spring-boot-maven-plugin
  dependency-version: 3.5.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: au.com.dius.pact.provider:maven
  dependency-version: 4.6.19
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.pitest:pitest-maven
  dependency-version: 1.22.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.owasp:dependency-check-maven
  dependency-version: 12.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-version: 3.6.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 java/pom.xml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/java/pom.xml b/java/pom.xml
index 87c03022..80deba0a 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -7,7 +7,7 @@
   <parent>
     <groupId>com.ensono.stacks.modules</groupId>
     <artifactId>stacks-modules-parent</artifactId>
-    <version>3.0.111</version>
+    <version>3.0.139</version>
   </parent>
 
   <groupId>com.amido.stacks.workloads</groupId>
@@ -28,15 +28,15 @@
     <applicationinsights.version>2.6.4</applicationinsights.version>
     <azure.springboot.version>4.0.0</azure.springboot.version>
     <au.com.dius.pact-jvm-provider-spring.version>4.0.10</au.com.dius.pact-jvm-provider-spring.version>
-    <au.com.dius.pact.consumer-version>4.6.17</au.com.dius.pact.consumer-version>
-    <au.com.dius.pact.provider.maven-version>4.6.17</au.com.dius.pact.provider.maven-version>
-    <aws-java-sdk-s3.version>1.12.788</aws-java-sdk-s3.version>
+    <au.com.dius.pact.consumer-version>4.6.19</au.com.dius.pact.consumer-version>
+    <au.com.dius.pact.provider.maven-version>4.6.19</au.com.dius.pact.provider.maven-version>
+    <aws-java-sdk-s3.version>1.12.797</aws-java-sdk-s3.version>
     <aspectjweaver.version>1.9.9.1</aspectjweaver.version>
-    <exec-maven-plugin.version>3.5.1</exec-maven-plugin.version>
-    <spring.cloud.dependencies.version>2025.0.0</spring.cloud.dependencies.version>
+    <exec-maven-plugin.version>3.6.3</exec-maven-plugin.version>
+    <spring.cloud.dependencies.version>2025.1.1</spring.cloud.dependencies.version>
     <pact.version>3.5.24</pact.version>
     <spring.data.commons>3.5.2</spring.data.commons>
-    <owasp-dependency-check-plugin.version>12.1.9</owasp-dependency-check-plugin.version>
+    <owasp-dependency-check-plugin.version>12.2.0</owasp-dependency-check-plugin.version>
     <junit-jupiter.version>5.13.4</junit-jupiter.version>
     <junit-platform.version>1.13.4</junit-platform.version>
 
@@ -398,7 +398,7 @@
           <dependency>
             <groupId>org.pitest</groupId>
             <artifactId>pitest-junit5-plugin</artifactId>
-            <version>1.2.1</version>
+            <version>1.2.3</version>
           </dependency>
           <dependency>
             <groupId>org.junit.platform</groupId>

From a041f78a7830b3e20505f5f299f4253dc693b53f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 23 Feb 2026 13:11:54 +0000
Subject: [PATCH 3/9] build(deps): bump the low-risk group across 1 directory
 with 25 updates

Bumps the low-risk group with 25 updates in the /api-tests directory:

| Package | From | To |
| --- | --- | --- |
| [com.google.code.gson:gson](https://github.com/google/gson) | `2.13.1` | `2.13.2` |
| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.32` |
| [io.cucumber:cucumber-java](https://github.com/cucumber/cucumber-jvm) | `7.33.0` | `7.34.2` |
| [io.cucumber:cucumber-junit-platform-engine](https://github.com/cucumber/cucumber-jvm) | `7.33.0` | `7.34.2` |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.4` | `3.27.7` |
| [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.17.6` | `1.18.5` |
| com.fasterxml.jackson.core:jackson-core | `2.19.2` | `2.21` |
| com.fasterxml.jackson.core:jackson-databind | `2.19.2` | `2.21` |
| [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.19.2` | `2.21` |
| [io.netty:netty-codec-http](https://github.com/netty/netty) | `4.2.8.Final` | `4.2.10.Final` |
| [io.netty:netty-codec-http2](https://github.com/netty/netty) | `4.2.3.Final` | `4.2.10.Final` |
| [io.netty:netty-transport-native-epoll](https://github.com/netty/netty) | `4.2.3.Final` | `4.2.10.Final` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.5.0-jre` |
| [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.38` | `1.18.42` |
| [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) | `5.5` | `5.6` |
| [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.19.0` | `1.21.0` |
| [com.github.spotbugs:spotbugs](https://github.com/spotbugs/spotbugs) | `4.9.4` | `4.9.8` |
| [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) | `12.1.9` | `12.2.0` |
| [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) | `3.5.1` | `3.6.3` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.5` |
| [org.apache.maven.plugins:maven-failsafe-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.5` |
| [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.14.0` | `3.15.0` |
| [au.com.dius.pact.provider:maven](https://github.com/pact-foundation/pact-jvm) | `4.6.17` | `4.6.20` |
| [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) | `3.27.0` | `3.28.0` |
| [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.3.2` | `4.9.8.2` |



Updates `com.google.code.gson:gson` from 2.13.1 to 2.13.2
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.13.1...gson-parent-2.13.2)

Updates `ch.qos.logback:logback-classic` from 1.5.18 to 1.5.32
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.18...v_1.5.32)

Updates `io.cucumber:cucumber-java` from 7.33.0 to 7.34.2
- [Release notes](https://github.com/cucumber/cucumber-jvm/releases)
- [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/cucumber/cucumber-jvm/compare/v7.33.0...v7.34.2)

Updates `io.cucumber:cucumber-junit-platform-engine` from 7.33.0 to 7.34.2
- [Release notes](https://github.com/cucumber/cucumber-jvm/releases)
- [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/cucumber/cucumber-jvm/compare/v7.33.0...v7.34.2)

Updates `io.cucumber:cucumber-junit-platform-engine` from 7.33.0 to 7.34.2
- [Release notes](https://github.com/cucumber/cucumber-jvm/releases)
- [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/cucumber/cucumber-jvm/compare/v7.33.0...v7.34.2)

Updates `org.assertj:assertj-core` from 3.27.4 to 3.27.7
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.4...assertj-build-3.27.7)

Updates `net.bytebuddy:byte-buddy` from 1.17.6 to 1.18.5
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.17.6...byte-buddy-1.18.5)

Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.21

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.21

Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.19.2 to 2.21
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `io.netty:netty-codec-http` from 4.2.8.Final to 4.2.10.Final
- [Commits](https://github.com/netty/netty/compare/netty-4.2.8.Final...netty-4.2.10.Final)

Updates `io.netty:netty-codec-http2` from 4.2.3.Final to 4.2.10.Final
- [Commits](https://github.com/netty/netty/compare/netty-4.2.3.Final...netty-4.2.10.Final)

Updates `io.netty:netty-transport-native-epoll` from 4.2.3.Final to 4.2.10.Final
- [Commits](https://github.com/netty/netty/compare/netty-4.2.3.Final...netty-4.2.10.Final)

Updates `com.google.guava:guava` from 33.4.8-jre to 33.5.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `org.projectlombok:lombok` from 1.18.38 to 1.18.42
- [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown)
- [Commits](https://github.com/projectlombok/lombok/compare/v1.18.38...v1.18.42)

Updates `org.apache.httpcomponents.client5:httpclient5` from 5.5 to 5.6
- [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt)
- [Commits](https://github.com/apache/httpcomponents-client/compare/rel/v5.5...rel/v5.6)

Updates `commons-codec:commons-codec` from 1.19.0 to 1.21.0
- [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt)
- [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.19.0...rel/commons-codec-1.21.0)

Updates `com.github.spotbugs:spotbugs` from 4.9.4 to 4.9.8
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spotbugs/spotbugs/compare/4.9.4...4.9.8)

Updates `org.owasp:dependency-check-maven` from 12.1.9 to 12.2.0
- [Release notes](https://github.com/dependency-check/DependencyCheck/releases)
- [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md)
- [Commits](https://github.com/dependency-check/DependencyCheck/compare/v12.1.9...v12.2.0)

Updates `org.codehaus.mojo:exec-maven-plugin` from 3.5.1 to 3.6.3
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](https://github.com/mojohaus/exec-maven-plugin/compare/3.5.1...3.6.3)

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.5
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.5.3...surefire-3.5.5)

Updates `org.apache.maven.plugins:maven-failsafe-plugin` from 3.5.3 to 3.5.5
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.5.3...surefire-3.5.5)

Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.14.0 to 3.15.0
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.14.0...maven-compiler-plugin-3.15.0)

Updates `au.com.dius.pact.provider:maven` from 4.6.17 to 4.6.20
- [Release notes](https://github.com/pact-foundation/pact-jvm/releases)
- [Changelog](https://github.com/pact-foundation/pact-jvm/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pact-foundation/pact-jvm/commits)

Updates `org.apache.maven.plugins:maven-pmd-plugin` from 3.27.0 to 3.28.0
- [Release notes](https://github.com/apache/maven-pmd-plugin/releases)
- [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.27.0...maven-pmd-plugin-3.28.0)

Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.3.2 to 4.9.8.2
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.9.3.2...spotbugs-maven-plugin-4.9.8.2)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-version: 2.13.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.32
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: io.cucumber:cucumber-java
  dependency-version: 7.34.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: io.cucumber:cucumber-junit-platform-engine
  dependency-version: 7.34.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: io.cucumber:cucumber-junit-platform-engine
  dependency-version: 7.34.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.fasterxml.jackson.core:jackson-core
  dependency-version: '2.21'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: '2.21'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.fasterxml.jackson.core:jackson-annotations
  dependency-version: '2.21'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: io.netty:netty-codec-http
  dependency-version: 4.2.10.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: io.netty:netty-codec-http2
  dependency-version: 4.2.10.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: io.netty:netty-transport-native-epoll
  dependency-version: 4.2.10.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: com.google.guava:guava
  dependency-version: 33.5.0-jre
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.projectlombok:lombok
  dependency-version: 1.18.42
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-version: '5.6'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: commons-codec:commons-codec
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.github.spotbugs:spotbugs
  dependency-version: 4.9.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.owasp:dependency-check-maven
  dependency-version: 12.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-version: 3.6.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.apache.maven.plugins:maven-failsafe-plugin
  dependency-version: 3.5.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-version: 3.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: au.com.dius.pact.provider:maven
  dependency-version: 4.6.20
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
- dependency-name: org.apache.maven.plugins:maven-pmd-plugin
  dependency-version: 3.28.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: low-risk
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-version: 4.9.8.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: low-risk
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 api-tests/pom.xml | 44 ++++++++++++++++++++++----------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/api-tests/pom.xml b/api-tests/pom.xml
index 4fb422a9..e9d6995e 100644
--- a/api-tests/pom.xml
+++ b/api-tests/pom.xml
@@ -13,12 +13,12 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <serenity.version>4.3.4</serenity.version>
     <serenity.maven.version>4.3.4</serenity.maven.version>
-    <cucumber.version>7.33.0</cucumber.version>
-    <logback.version>1.5.18</logback.version>
+    <cucumber.version>7.34.2</cucumber.version>
+    <logback.version>1.5.32</logback.version>
     <encoding>UTF-8</encoding>
     <parallel.tests>4</parallel.tests>
     <webdriver.base.url/>
-    <jackson.version>2.19.2</jackson.version>
+    <jackson.version>2.21</jackson.version>
     <java.version>17</java.version>
     <cucumber.filter.tags>(@Functional or @Smoke or @Performance) and not @Ignore</cucumber.filter.tags>
 
@@ -29,41 +29,41 @@
     <pact.jvm.consumer.junit.version>4.0.10</pact.jvm.consumer.junit.version>
     <pact.jvm.consumer.version>4.0.10</pact.jvm.consumer.version>
     <pact.jvm.provider.junit.version>4.0.10</pact.jvm.provider.junit.version>
-    <spotbugs.version>4.9.4</spotbugs.version>
+    <spotbugs.version>4.9.8</spotbugs.version>
     <puppycrawl-tools-checkstyle.version>11.0.0</puppycrawl-tools-checkstyle.version>
     <junit-jupiter.version>5.13.4</junit-jupiter.version>
-    <assertj.core.version>3.27.4</assertj.core.version>
+    <assertj.core.version>3.27.7</assertj.core.version>
     <hamcrest.version>3.0</hamcrest.version>
-    <byte.buddy.version>1.17.6</byte.buddy.version>
+    <byte.buddy.version>1.18.5</byte.buddy.version>
     <springfox.swagger2.version>3.0.0</springfox.swagger2.version>
     <springfox.swagger-ui.version>3.0.0</springfox.swagger-ui.version>
-    <guava.version>33.4.8-jre</guava.version>
+    <guava.version>33.5.0-jre</guava.version>
     <json.version>20250517</json.version>
-    <netty.codec.http.version>4.2.8.Final</netty.codec.http.version>
-    <netty.codec.http2.version>4.2.3.Final</netty.codec.http2.version>
-    <netty.transport.native.epoll.version>4.2.3.Final</netty.transport.native.epoll.version>
-    <httpclient5.version>5.5</httpclient5.version>
+    <netty.codec.http.version>4.2.10.Final</netty.codec.http.version>
+    <netty.codec.http2.version>4.2.10.Final</netty.codec.http2.version>
+    <netty.transport.native.epoll.version>4.2.10.Final</netty.transport.native.epoll.version>
+    <httpclient5.version>5.6</httpclient5.version>
     <xerces.version>2.12.2</xerces.version>
-    <commons.codec.version>1.19.0</commons.codec.version>
+    <commons.codec.version>1.21.0</commons.codec.version>
     <spring.web.version>6.2.9</spring.web.version>
     <freemarker.version>2.3.34</freemarker.version>
-    <gson.version>2.13.1</gson.version>
+    <gson.version>2.13.2</gson.version>
     <rest-assured.version>5.5.5</rest-assured.version>
     <net.thucydides.core.version>0.9.275</net.thucydides.core.version>
-    <org.projectlombok.version>1.18.38</org.projectlombok.version>
+    <org.projectlombok.version>1.18.42</org.projectlombok.version>
 
     <!-- Maven plugins -->
-    <spotbugs-maven-plugin.version>4.9.3.2</spotbugs-maven-plugin.version>
-    <owasp-dependency-check-plugin.version>12.1.9</owasp-dependency-check-plugin.version>
+    <spotbugs-maven-plugin.version>4.9.8.2</spotbugs-maven-plugin.version>
+    <owasp-dependency-check-plugin.version>12.2.0</owasp-dependency-check-plugin.version>
     <fmt-maven-plugin.version>2.13</fmt-maven-plugin.version>
     <maven-checkstyle-plugin.version>3.6.0</maven-checkstyle-plugin.version>
-    <maven-surefire-plugin.version>3.5.3</maven-surefire-plugin.version>
-    <maven-failsafe-plugin.version>3.5.3</maven-failsafe-plugin.version>
-    <maven-compiler-plugin.version>3.14.0</maven-compiler-plugin.version>
-    <pact.provider-plugin.version>4.6.17</pact.provider-plugin.version>
-    <maven-pmd-plugin.version>3.27.0</maven-pmd-plugin.version>
+    <maven-surefire-plugin.version>3.5.5</maven-surefire-plugin.version>
+    <maven-failsafe-plugin.version>3.5.5</maven-failsafe-plugin.version>
+    <maven-compiler-plugin.version>3.15.0</maven-compiler-plugin.version>
+    <pact.provider-plugin.version>4.6.20</pact.provider-plugin.version>
+    <maven-pmd-plugin.version>3.28.0</maven-pmd-plugin.version>
     <findbugs-maven-plugin.version>3.0.5</findbugs-maven-plugin.version>
-    <exec-maven-plugin.version>3.5.1</exec-maven-plugin.version>
+    <exec-maven-plugin.version>3.6.3</exec-maven-plugin.version>
   </properties>
 
   <dependencyManagement>

From 88d4394797522a55f4dc32cfce9432a13125c5c1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 1 Mar 2026 23:58:05 +0000
Subject: [PATCH 4/9] build(deps): bump com.fasterxml.jackson.core:jackson-core
 in /api-tests

Bumps [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) from 2.19.2 to 2.21.1.
- [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.19.2...jackson-core-2.21.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-core
  dependency-version: 2.21.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 api-tests/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api-tests/pom.xml b/api-tests/pom.xml
index 4fb422a9..2147000d 100644
--- a/api-tests/pom.xml
+++ b/api-tests/pom.xml
@@ -18,7 +18,7 @@
     <encoding>UTF-8</encoding>
     <parallel.tests>4</parallel.tests>
     <webdriver.base.url/>
-    <jackson.version>2.19.2</jackson.version>
+    <jackson.version>2.21.1</jackson.version>
     <java.version>17</java.version>
     <cucumber.filter.tags>(@Functional or @Smoke or @Performance) and not @Ignore</cucumber.filter.tags>
 

From 915b2a455268a5482593a93202cd0022a682ee78 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 5 Mar 2026 00:37:00 +0000
Subject: [PATCH 5/9] build(deps): bump svgo in /build/azDevOps/azure/coverage

Bumps [svgo](https://github.com/svg/svgo) from 3.3.2 to 3.3.3.
- [Release notes](https://github.com/svg/svgo/releases)
- [Commits](https://github.com/svg/svgo/compare/v3.3.2...v3.3.3)

---
updated-dependencies:
- dependency-name: svgo
  dependency-version: 3.3.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .../azDevOps/azure/coverage/package-lock.json | 45 ++++++++++++-------
 1 file changed, 30 insertions(+), 15 deletions(-)

diff --git a/build/azDevOps/azure/coverage/package-lock.json b/build/azDevOps/azure/coverage/package-lock.json
index 30a9bb79..acc17d6a 100644
--- a/build/azDevOps/azure/coverage/package-lock.json
+++ b/build/azDevOps/azure/coverage/package-lock.json
@@ -270,16 +270,6 @@
         "node": ">=10"
       }
     },
-    "node_modules/@trysound/sax": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/@trysound/sax/-/sax-0.2.0.tgz",
-      "integrity": "sha512-L7z9BgrNEcYyUYtF+HaEfiS5ebkh9jXqbszz7pC0hRBPaatV0XjSD3+eHrpqFemQfgwiFF0QPIarnIihIDn7OA==",
-      "dev": true,
-      "license": "ISC",
-      "engines": {
-        "node": ">=10.13.0"
-      }
-    },
     "node_modules/@types/cacheable-request": {
       "version": "6.0.3",
       "resolved": "https://registry.npmjs.org/@types/cacheable-request/-/cacheable-request-6.0.3.tgz",
@@ -1443,6 +1433,21 @@
         "node": ">=10.13.0"
       }
     },
+    "node_modules/fsevents": {
+      "version": "2.3.3",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
+      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
     "node_modules/function-bind": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
@@ -3168,6 +3173,16 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/sax": {
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/sax/-/sax-1.5.0.tgz",
+      "integrity": "sha512-21IYA3Q5cQf089Z6tgaUTr7lDAyzoTPx5HRtbhsME8Udispad8dC/+sziTNugOEx54ilvatQ9YCzl4KQLPcRHA==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "engines": {
+        "node": ">=11.0.0"
+      }
+    },
     "node_modules/semver": {
       "version": "5.7.2",
       "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz",
@@ -3418,19 +3433,19 @@
       }
     },
     "node_modules/svgo": {
-      "version": "3.3.2",
-      "resolved": "https://registry.npmjs.org/svgo/-/svgo-3.3.2.tgz",
-      "integrity": "sha512-OoohrmuUlBs8B8o6MB2Aevn+pRIH9zDALSR+6hhqVfa6fRwG/Qw9VUMSMW9VNg2CFc/MTIfabtdOVl9ODIJjpw==",
+      "version": "3.3.3",
+      "resolved": "https://registry.npmjs.org/svgo/-/svgo-3.3.3.tgz",
+      "integrity": "sha512-+wn7I4p7YgJhHs38k2TNjy1vCfPIfLIJWR5MnCStsN8WuuTcBnRKcMHQLMM2ijxGZmDoZwNv8ipl5aTTen62ng==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@trysound/sax": "0.2.0",
         "commander": "^7.2.0",
         "css-select": "^5.1.0",
         "css-tree": "^2.3.1",
         "css-what": "^6.1.0",
         "csso": "^5.0.5",
-        "picocolors": "^1.0.0"
+        "picocolors": "^1.0.0",
+        "sax": "^1.5.0"
       },
       "bin": {
         "svgo": "bin/svgo"

From ec5602144ecf980f38d7eb0d5d05824bcc5e89e5 Mon Sep 17 00:00:00 2001
From: Richard Slater <richard.slater@ensono.com>
Date: Fri, 20 Mar 2026 10:52:36 +0000
Subject: [PATCH 6/9] disable: OWASP Dependency Check temporarily

---
 build/azDevOps/azure/azure-pipelines-javaspring-k8s.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/build/azDevOps/azure/azure-pipelines-javaspring-k8s.yml b/build/azDevOps/azure/azure-pipelines-javaspring-k8s.yml
index 4abac5ac..31695cf5 100644
--- a/build/azDevOps/azure/azure-pipelines-javaspring-k8s.yml
+++ b/build/azDevOps/azure/azure-pipelines-javaspring-k8s.yml
@@ -7,6 +7,12 @@
 #############################################################################################################################
 name: $(version_major).$(version_minor).$(version_patch)-$(Build.SourceBranchName)-$(Rev:r)
 
+parameters:
+  - name: runVulnerabilityScan
+    displayName: Run OWASP Dependency Check
+    type: boolean
+    default: false
+
 pr:
   - master
 
@@ -138,7 +144,7 @@ variables:
 
   # Vulnerability Scan
   - name: vulnerability_scan
-    value: true
+    value: ${{ parameters.runVulnerabilityScan }}
   - name: vulnerability_scan_report
     value: "target/dependency-check-report.html"
   - name: oss_index_username

From dd171af823c84041f80df833ce48ef85f3c98de0 Mon Sep 17 00:00:00 2001
From: Richard Slater <richard.slater@ensono.com>
Date: Fri, 20 Mar 2026 11:34:18 +0000
Subject: [PATCH 7/9] fix: spring boot 3.5 migration

---
 docs/spring-boot-3.5-migration.md             | 26 +++++++-------
 java/pom.xml                                  |  2 +-
 .../DomainToDtoMapperMapstructTest.java       | 36 ++++++++++---------
 3 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/docs/spring-boot-3.5-migration.md b/docs/spring-boot-3.5-migration.md
index aee1a94b..a3cef876 100644
--- a/docs/spring-boot-3.5-migration.md
+++ b/docs/spring-boot-3.5-migration.md
@@ -11,7 +11,7 @@ The `stacks-modules-parent:3.0.98` brings in Spring Boot 3.5.7, which introduces
 **Problem:**  
 The current Spring Cloud version (`2022.0.4`) is incompatible with Spring Boot 3.5.7.
 
-```
+```text
 Spring Boot [3.5.7] is not compatible with this Spring Cloud release train.
 Change Spring Boot version to one of the following versions [3.0.x, 3.1.x].
 ```
@@ -24,7 +24,7 @@ Update `spring.cloud.dependencies.version` to a version compatible with Spring B
 | 3.0.x, 3.1.x        | 2022.0.x (Kilburn)              |
 | 3.2.x               | 2023.0.x (Leyton)               |
 | 3.3.x, 3.4.x        | 2024.0.x                        |
-| 3.5.x               | 2025.0.x                        |
+| 3.5.x               | 2024.0.x in this repository     |
 
 **Workaround (current):**  
 Projects can disable the compatibility verifier in `application-test.yml`:
@@ -36,7 +36,7 @@ spring:
       enabled: false
 ```
 
-**Action Required:** Update parent POM to use Spring Cloud 2024.0.x or later (once 2025.0.x is available for Spring Boot 3.5.x support).
+**Action Required:** Keep this repository on Spring Cloud 2024.0.x while it remains on the current parent POM and Spring Boot 3.5.x line. This repository now uses Spring Cloud 2024.0.3 because Spring Cloud 2025.1.1 pulled in `spring-cloud-config-client 5.0.1`, which is not compatible with the Spring Framework 6.2.x line provided by the current parent.
 
 ---
 
@@ -45,7 +45,7 @@ spring:
 **Problem:**  
 Spring Boot 3.5.x has stricter validation for Spring Security filter chains. Multiple `SecurityFilterChain` beans matching "any request" now throw an error:
 
-```
+```text
 UnreachableFilterChainException: A filter chain that matches any request
 [...ApplicationConfig...] has already been configured, which means that this
 filter chain [...ApplicationNoSecurity...] will never get invoked.
@@ -81,7 +81,7 @@ public class ApplicationNoSecurity {
 **Problem:**  
 Spring Boot 3.5.x has stricter bean resolution when multiple beans of the same type exist through inheritance:
 
-```
+```text
 NoUniqueBeanDefinitionException: expected single matching bean but found 2:
 menuService, menuServiceV2
 ```
@@ -111,7 +111,7 @@ public class MenuServiceV2 extends MenuService {
 **Problem:**  
 Property placeholders like `@aws.profile.name@` in `application.yml` are not being replaced because Maven resource filtering is not enabled by default.
 
-```
+```text
 Profile '@aws.profile.name@' must start and end with a letter or digit
 ```
 
@@ -149,9 +149,9 @@ Enable resource filtering in `pom.xml`:
 
 ### Recommended (Should Add)
 
-2. **Add default resource filtering configuration** so child projects don't need to configure it manually
+1. **Add default resource filtering configuration** so child projects don't need to configure it manually
 
-3. **Update documentation** to note the following breaking changes for downstream projects:
+2. **Update documentation** to note the following breaking changes for downstream projects:
    - Security filter chain mutual exclusivity requirements
    - Bean resolution changes for inheritance hierarchies
    - Profile annotation requirements for conditional configurations
@@ -160,12 +160,10 @@ Enable resource filtering in `pom.xml`:
 
 Until the parent POM is updated, the following workarounds have been applied:
 
-| Issue                          | Workaround                      | File                                      |
-|--------------------------------|---------------------------------|-------------------------------------------|
-| Spring Cloud incompatibility   | Disabled compatibility verifier | `src/test/resources/application-test.yml` |
-| Security filter chain conflict | Added `@Profile("!test")`       | `ApplicationConfig.java`                  |
-| Bean resolution conflict       | Added `@Primary`                | `MenuService.java`                        |
-| Resource filtering             | Added filtering config          | `pom.xml`                                 |
+- Spring Cloud incompatibility: pin the BOM to `2024.0.3` and avoid Spring bootstrapping in mapper unit tests. Files: `java/pom.xml`, `java/src/test/java/com/amido/stacks/workloads/menu/mappers/DomainToDtoMapperMapstructTest.java`
+- Security filter chain conflict: added `@Profile("!test")`. File: `ApplicationConfig.java`
+- Bean resolution conflict: added `@Primary`. File: `MenuService.java`
+- Resource filtering: added filtering config. File: `pom.xml`
 
 ## Testing Verification
 
diff --git a/java/pom.xml b/java/pom.xml
index 80deba0a..94cbd91f 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -33,7 +33,7 @@
     <aws-java-sdk-s3.version>1.12.797</aws-java-sdk-s3.version>
     <aspectjweaver.version>1.9.9.1</aspectjweaver.version>
     <exec-maven-plugin.version>3.6.3</exec-maven-plugin.version>
-    <spring.cloud.dependencies.version>2025.1.1</spring.cloud.dependencies.version>
+    <spring.cloud.dependencies.version>2024.0.3</spring.cloud.dependencies.version>
     <pact.version>3.5.24</pact.version>
     <spring.data.commons>3.5.2</spring.data.commons>
     <owasp-dependency-check-plugin.version>12.2.0</owasp-dependency-check-plugin.version>
diff --git a/java/src/test/java/com/amido/stacks/workloads/menu/mappers/DomainToDtoMapperMapstructTest.java b/java/src/test/java/com/amido/stacks/workloads/menu/mappers/DomainToDtoMapperMapstructTest.java
index 9b4a573b..81360651 100644
--- a/java/src/test/java/com/amido/stacks/workloads/menu/mappers/DomainToDtoMapperMapstructTest.java
+++ b/java/src/test/java/com/amido/stacks/workloads/menu/mappers/DomainToDtoMapperMapstructTest.java
@@ -15,30 +15,32 @@
 import java.util.UUID;
 import org.junit.jupiter.api.Tag;
 import org.junit.jupiter.api.Test;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.util.ReflectionTestUtils;
 
 @Tag("Unit")
-@SpringBootTest(
-    classes = {
-      MenuMapper.class,
-      MenuMapperImpl.class,
-      CategoryMapper.class,
-      CategoryMapperImpl.class,
-      ItemMapper.class,
-      ItemMapperImpl.class,
-      SearchMenuResultItemMapper.class,
-      SearchMenuResultItemMapperImpl.class
-    })
 class DomainToDtoMapperMapstructTest {
 
-  @Autowired private MenuMapper menuMapper;
+  private final MenuMapper menuMapper;
 
-  @Autowired private CategoryMapper categoryMapper;
+  private final CategoryMapper categoryMapper;
 
-  @Autowired private ItemMapper itemMapper;
+  private final ItemMapper itemMapper;
 
-  @Autowired private SearchMenuResultItemMapper searchMenuResultItemMapper;
+  private final SearchMenuResultItemMapper searchMenuResultItemMapper;
+
+  DomainToDtoMapperMapstructTest() {
+    itemMapper = new ItemMapperImpl();
+
+    CategoryMapperImpl categoryMapperImpl = new CategoryMapperImpl();
+    ReflectionTestUtils.setField(categoryMapperImpl, "itemMapper", itemMapper);
+    categoryMapper = categoryMapperImpl;
+
+    MenuMapperImpl menuMapperImpl = new MenuMapperImpl();
+    ReflectionTestUtils.setField(menuMapperImpl, "categoryMapper", categoryMapper);
+    menuMapper = menuMapperImpl;
+
+    searchMenuResultItemMapper = new SearchMenuResultItemMapperImpl();
+  }
 
   @Test
   void menuToMenuDto() {

From 2af53fb129f139f60c296cc66551c97978abbead Mon Sep 17 00:00:00 2001
From: Richard Slater <richard.slater@ensono.com>
Date: Fri, 20 Mar 2026 12:00:06 +0000
Subject: [PATCH 8/9] fix: acctuator tests

---
 .../com/amido/stacks/workloads/actuator/ActuatorTest.java   | 2 ++
 java/src/test/resources/application-test.yml                | 6 ++++++
 2 files changed, 8 insertions(+)
 create mode 100644 java/src/test/resources/application-test.yml

diff --git a/java/src/test/java/com/amido/stacks/workloads/actuator/ActuatorTest.java b/java/src/test/java/com/amido/stacks/workloads/actuator/ActuatorTest.java
index db8f210d..d5193c0f 100644
--- a/java/src/test/java/com/amido/stacks/workloads/actuator/ActuatorTest.java
+++ b/java/src/test/java/com/amido/stacks/workloads/actuator/ActuatorTest.java
@@ -12,12 +12,14 @@
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.web.client.TestRestTemplate;
 import org.springframework.http.HttpStatus;
+import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.TestPropertySource;
 
 @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
 @TestPropertySource(properties = {"management.port=0"})
 @EnableAutoConfiguration
 @Tag("Component")
+@ActiveProfiles("test")
 class ActuatorTest {
 
   @Value("${local.management.port}")
diff --git a/java/src/test/resources/application-test.yml b/java/src/test/resources/application-test.yml
new file mode 100644
index 00000000..650e4848
--- /dev/null
+++ b/java/src/test/resources/application-test.yml
@@ -0,0 +1,6 @@
+spring:
+  cloud:
+    compatibility-verifier:
+      enabled: false
+    config:
+      enabled: false

From e0c67a996a43ebaab8988f75f6db98160f3fd67c Mon Sep 17 00:00:00 2001
From: Richard Slater <richard.slater@ensono.com>
Date: Fri, 20 Mar 2026 12:25:18 +0000
Subject: [PATCH 9/9] fix: api-tests dependency resolution

---
 api-tests/pom.xml                                              | 3 ++-
 .../java/com/amido/stacks/tests/api/CucumberTestSuite.java     | 2 ++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/api-tests/pom.xml b/api-tests/pom.xml
index 391448d9..f2e36add 100644
--- a/api-tests/pom.xml
+++ b/api-tests/pom.xml
@@ -19,6 +19,7 @@
     <parallel.tests>4</parallel.tests>
     <webdriver.base.url/>
     <jackson.version>2.21.1</jackson.version>
+    <jackson.annotations.version>2.21</jackson.annotations.version>
     <java.version>17</java.version>
     <cucumber.filter.tags>(@Functional or @Smoke or @Performance) and not @Ignore</cucumber.filter.tags>
 
@@ -259,7 +260,7 @@
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-annotations</artifactId>
-      <version>${jackson.version}</version>
+      <version>${jackson.annotations.version}</version>
     </dependency>
     <dependency>
       <groupId>io.netty</groupId>
diff --git a/api-tests/src/test/java/com/amido/stacks/tests/api/CucumberTestSuite.java b/api-tests/src/test/java/com/amido/stacks/tests/api/CucumberTestSuite.java
index 8ab26026..223735f6 100644
--- a/api-tests/src/test/java/com/amido/stacks/tests/api/CucumberTestSuite.java
+++ b/api-tests/src/test/java/com/amido/stacks/tests/api/CucumberTestSuite.java
@@ -1,6 +1,7 @@
 package com.amido.stacks.tests.api;
 
 import static io.cucumber.junit.platform.engine.Constants.FEATURES_PROPERTY_NAME;
+import static io.cucumber.junit.platform.engine.Constants.GLUE_PROPERTY_NAME;
 
 import org.junit.jupiter.api.Tag;
 import org.junit.jupiter.api.condition.DisabledIfSystemProperty;
@@ -18,4 +19,5 @@
 @DisabledIfSystemProperty(named = "untagged.test.check", matches = "true")
 @IncludeEngines("cucumber")
 @ConfigurationParameter(key = FEATURES_PROPERTY_NAME, value = "classpath:cucumber/features")
+@ConfigurationParameter(key = GLUE_PROPERTY_NAME, value = "com.amido.stacks.tests.api.stepdefinitions")
 public class CucumberTestSuite {}