Skip to content

PR for v1.3.7#469

Open
ThomasJejkal wants to merge 83 commits into
mainfrom
development
Open

PR for v1.3.7#469
ThomasJejkal wants to merge 83 commits into
mainfrom
development

Conversation

@ThomasJejkal
Copy link
Copy Markdown
Contributor

@ThomasJejkal ThomasJejkal commented Oct 24, 2025
edited by coderabbitai Bot
Loading

Summary by CodeRabbit

  • Chores
    • Updated core libraries and frameworks (including Spring Boot, SpringDoc/OpenAPI, Jackson, Nimbus JOSE JWT, Commons libraries and JAXB) to recent patch/minor releases for security and stability.
    • Bumped Gradle wrapper and build tooling versions.
    • Updated CI workflow action versions used in build, analysis, and publish pipelines.
    • No functional changes or public API modifications.

Review Change Stack

renovate Bot and others added 2 commits October 23, 2025 14:38
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Oct 24, 2025
edited
Loading

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

Bumped Gradle plugin and library versions (Spring Boot, SpringDoc, Jackson, Nimbus, Apache Commons), updated Gradle wrapper distribution to 9.5.1, and upgraded GitHub Actions steps to actions/checkout@v6 and actions/setup-java@v5.2.0. No application code or public API signatures changed.

Changes

Build & dependency updates

Layer / File(s) Summary
Gradle plugins and Spring ext versions
build.gradle		 Updated Gradle plugin versions (io.freefair.lombok, io.freefair.maven-publish-java, org.owasp.dependencycheck) and bumped springBootVersion 3.5.6→3.5.14 and springDocVersion 2.8.13→2.8.17.
Library dependency upgrades
build.gradle		 Upgraded Spring Cloud Gateway MVC to 4.3.4; aligned Springdoc artifacts to ${springDocVersion}; updated Jackson JAX-RS/afterburner/datatypes and jackson-core/jackson-databind; bumped Nimbus JOSE JWT, commons-lang3, commons-validator, commons-io, and com.sun.xml.bind JAXB runtime libs.
Gradle wrapper distribution
gradle/wrapper/gradle-wrapper.properties		 Updated distributionUrl to gradle-9.5.1-bin.zip.
CI workflows: checkout & setup-java updates
.github/workflows/codeql-analysis.yml, .github/workflows/gradle.yml, .github/workflows/publishRelease.yml		 Replaced actions/checkout@v5actions/checkout@v6 and actions/setup-java@v5.0.0actions/setup-java@v5.2.0; workflow logic unchanged.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

Poem

🐇 I hopped through builds and bumped a line,
Versions tended, dependencies fine.
Wrappers zipped and workflows tuned with care,
Tags aligned — a quiet rabbit’s care.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The title 'PR for v1.3.7' is vague and generic, using non-descriptive phrasing that does not convey meaningful information about the actual changes in the pull request. Replace with a descriptive title that summarizes the main changes, such as 'Upgrade dependencies and GitHub Actions workflow versions for v1.3.7' or 'Update Gradle plugins, dependencies, and CI workflows'.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch development

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

renovate Bot and others added 27 commits October 29, 2025 16:16
@renovate
Update dependency gradle to v9.2.0
0b7650c
@renovate
Update dependency com.fasterxml.jackson.core:jackson-core to v2.20.1
c376033
@renovate
Update dependency com.fasterxml.jackson.datatype:jackson-datatype-jsr…
6ff240d 
…310 to v2.20.1
@renovate
Update dependency com.fasterxml.jackson.module:jackson-module-afterbu…
f777e0e 
…rner to v2.20.1
@renovate
Update springDocVersion to v2.8.14
3399534
@ThomasJejkal
Merge pull request #477 from kit-data-manager/renovate/springdocversion
6e2e1ab 
Update springDocVersion to v2.8.14
@ThomasJejkal
Merge pull request #470 from kit-data-manager/renovate/gradle-9.x
91af769 
Update dependency gradle to v9.2.0
@ThomasJejkal
Merge pull request #476 from kit-data-manager/renovate/com.fasterxml.…
1d95d38 
…jackson.module-jackson-module-afterburner-2.x

Update dependency com.fasterxml.jackson.module:jackson-module-afterburner to v2.20.1
@renovate
Update dependency com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-prov…
895dbf0 
…ider to v2.20.1
@ThomasJejkal
Merge pull request #475 from kit-data-manager/renovate/com.fasterxml.…
3be5ff3 
…jackson.jaxrs-jackson-jaxrs-json-provider-2.x

Update dependency com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider to v2.20.1
@ThomasJejkal
Merge pull request #474 from kit-data-manager/renovate/com.fasterxml.…
62f4092 
…jackson.datatype-jackson-datatype-jsr310-2.x

Update dependency com.fasterxml.jackson.datatype:jackson-datatype-jsr310 to v2.20.1
@renovate
Update dependency com.fasterxml.jackson.datatype:jackson-datatype-jod…
4473249 
…a to v2.20.1
@ThomasJejkal
Merge pull request #473 from kit-data-manager/renovate/com.fasterxml.…
95f804c 
…jackson.datatype-jackson-datatype-joda-2.x

Update dependency com.fasterxml.jackson.datatype:jackson-datatype-joda to v2.20.1
@ThomasJejkal
Merge pull request #471 from kit-data-manager/renovate/com.fasterxml.…
5721c9e 
…jackson.core-jackson-core-2.x

Update dependency com.fasterxml.jackson.core:jackson-core to v2.20.1
@renovate
Update dependency com.fasterxml.jackson.core:jackson-databind to v2.20.1
34f827c
@ThomasJejkal
Merge pull request #472 from kit-data-manager/renovate/com.fasterxml.…
07946a1 
…jackson.core-jackson-databind-2.x

Update dependency com.fasterxml.jackson.core:jackson-databind to v2.20.1
@renovate
Update dependency com.nimbusds:nimbus-jose-jwt to v10.6
b2426fa
@renovate
Update dependency commons-io:commons-io to v2.21.0
44f3b27
@renovate
Update plugin io.freefair.lombok to v9.1.0
02cc1b3
@renovate
Update plugin io.freefair.maven-publish-java to v9.1.0
7827943
@ThomasJejkal
Merge pull request #481 from kit-data-manager/renovate/io.freefair.ma…
b86cd69 
…ven-publish-java-9.x

Update plugin io.freefair.maven-publish-java to v9.1.0
@ThomasJejkal
Merge branch 'development' into renovate/io.freefair.lombok-9.x
9bad853
@ThomasJejkal
Merge pull request #480 from kit-data-manager/renovate/io.freefair.lo…
b2ba368 
…mbok-9.x

Update plugin io.freefair.lombok to v9.1.0
@ThomasJejkal
Merge pull request #479 from kit-data-manager/renovate/commons-io-com…
76619f6 
…mons-io-2.x

Update dependency commons-io:commons-io to v2.21.0
@ThomasJejkal
Merge pull request #478 from kit-data-manager/renovate/com.nimbusds-n…
38af872 
…imbus-jose-jwt-10.x

Update dependency com.nimbusds:nimbus-jose-jwt to v10.6
@renovate
Update plugin org.owasp.dependencycheck to v12.1.9
51f244c
@ThomasJejkal
Merge pull request #483 from kit-data-manager/renovate/org.owasp.depe…
cb30578 
…ndencycheck-12.x

Update plugin org.owasp.dependencycheck to v12.1.9
renovate Bot and others added 13 commits May 18, 2026 07:20
@renovate
Update dependency org.springframework.boot:spring-boot-dependencies t…
9cae8ad 
…o v3.5.14
@ThomasJejkal
Merge pull request #492 from kit-data-manager/renovate/org.springfram…
903e1d1 
…ework.cloud-spring-cloud-gateway-mvc-4.x

Update dependency org.springframework.cloud:spring-cloud-gateway-mvc to v4.3.4
@ThomasJejkal
Update Lombok plugin version to 9.5.0
57bf359
@ThomasJejkal
Merge branch 'development' into renovate/gradle-9.x
0439d3a
@ThomasJejkal
Merge pull request #500 from kit-data-manager/renovate/com.sun.xml.bi…
4408630 
…nd-jaxb-core-4.x

Update dependency com.sun.xml.bind:jaxb-core to v4.0.8
@renovate
Update dependency com.sun.xml.bind:jaxb-impl to v4.0.8
b1ed864
@ThomasJejkal
Merge pull request #501 from kit-data-manager/renovate/com.sun.xml.bi…
b31f132 
…nd-jaxb-impl-4.x

Update dependency com.sun.xml.bind:jaxb-impl to v4.0.8
@ThomasJejkal
Merge pull request #499 from kit-data-manager/renovate/gradle-9.x
4b0df42 
Update dependency gradle to v9.5.1
@ThomasJejkal
Merge pull request #493 from kit-data-manager/renovate/springbootversion
9fef851 
Update dependency org.springframework.boot:spring-boot-dependencies to v3.5.14
@renovate
Update actions/setup-java action to v5.2.0
c710e46
@renovate
Update dependency com.fasterxml.jackson.core:jackson-core to v2.21.3
7999495
@ThomasJejkal
Merge pull request #502 from kit-data-manager/renovate/actions-setup-…
83d8b79 
…java-5.x

Update actions/setup-java action to v5.2.0
@ThomasJejkal
Merge pull request #503 from kit-data-manager/renovate/com.fasterxml.…
b0d5668 
…jackson.core-jackson-core-2.x

Update dependency com.fasterxml.jackson.core:jackson-core to v2.21.3
coderabbitai[bot]
coderabbitai Bot reviewed May 18, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@build.gradle`:
- Around line 92-93: The Jackson artifacts are using mismatched versions
(jackson-core:2.21.3 vs jackson-databind:2.20.1); update the build to
consolidate all Jackson dependencies to a single version by introducing and
using a shared property (e.g., jacksonVersion) and change the implementation
declarations for "com.fasterxml.jackson.core:jackson-core" and
"com.fasterxml.jackson.core:jackson-databind" (and any other Jackson modules) to
reference that property so they all resolve to the same release line.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: e8f3b675-2097-46bd-8b3b-70ad177df18e

📥 Commits

Reviewing files that changed from the base of the PR and between a2b2722 and b0d5668.

📒 Files selected for processing (5)
  • .github/workflows/codeql-analysis.yml
  • .github/workflows/gradle.yml
  • .github/workflows/publishRelease.yml
  • build.gradle
  • gradle/wrapper/gradle-wrapper.properties
🚧 Files skipped from review as they are similar to previous changes (3)
  • .github/workflows/publishRelease.yml
  • .github/workflows/codeql-analysis.yml
  • .github/workflows/gradle.yml

Comment thread build.gradle Outdated
renovate Bot and others added 16 commits May 18, 2026 09:49
@renovate
Update dependency com.fasterxml.jackson.core:jackson-databind to v2.21.3
03f0244
@renovate
Update dependency com.fasterxml.jackson.datatype:jackson-datatype-jod…
570a3d8 
…a to v2.21.3
@renovate
Update dependency com.fasterxml.jackson.module:jackson-module-afterbu…
04654aa 
…rner to v2.21.3
@renovate
Update dependency commons-io:commons-io to v2.22.0
184d4ac
@renovate
Update dependency org.javassist:javassist to v3.31.0-GA
376f56c
@renovate
Update codecov/codecov-action action to v6
b2db576
@ThomasJejkal
Merge pull request #511 from kit-data-manager/renovate/codecov-codeco…
282ce0a 
…v-action-6.x

Update codecov/codecov-action action to v6
@ThomasJejkal
Merge pull request #510 from kit-data-manager/renovate/org.javassist-…
cda1064 
…javassist-3.x

Update dependency org.javassist:javassist to v3.31.0-GA
@ThomasJejkal
Merge pull request #509 from kit-data-manager/renovate/commons-io-com…
66d5f2f 
…mons-io-2.x

Update dependency commons-io:commons-io to v2.22.0
@ThomasJejkal
Merge pull request #508 from kit-data-manager/renovate/com.fasterxml.…
337cea2 
…jackson.module-jackson-module-afterburner-2.x

Update dependency com.fasterxml.jackson.module:jackson-module-afterburner to v2.21.3
@ThomasJejkal
Merge pull request #504 from kit-data-manager/renovate/com.fasterxml.…
77310df 
…jackson.core-jackson-databind-2.x

Update dependency com.fasterxml.jackson.core:jackson-databind to v2.21.3
@renovate
Update dependency com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-prov…
14fbb9b 
…ider to v2.21.3
@ThomasJejkal
Merge pull request #505 from kit-data-manager/renovate/com.fasterxml.…
fc7fa25 
…jackson.datatype-jackson-datatype-joda-2.x

Update dependency com.fasterxml.jackson.datatype:jackson-datatype-joda to v2.21.3
@ThomasJejkal
Merge pull request #507 from kit-data-manager/renovate/com.fasterxml.…
d01df3f 
…jackson.jaxrs-jackson-jaxrs-json-provider-2.x

Update dependency com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider to v2.21.3
@renovate
Update dependency com.fasterxml.jackson.datatype:jackson-datatype-jsr…
308e807 
…310 to v2.21.3
@ThomasJejkal
Merge pull request #506 from kit-data-manager/renovate/com.fasterxml.…
9cc746b 
…jackson.datatype-jackson-datatype-jsr310-2.x

Update dependency com.fasterxml.jackson.datatype:jackson-datatype-jsr310 to v2.21.3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ThomasJejkal @VolkerHartmann