Simplify dependency versions defined in spring-boot-dependencies (#3604)

duanemay · web-flow · commit ccd1ec078098 · 2025-09-05T12:56:38.000-04:00
diff --git a/dependencies.gradle b/dependencies.gradle
@@ -9,25 +9,17 @@ versions.bouncyCastleFipsVersion = "2.1.1"
 versions.bouncyCastlePkixFipsVersion = "2.1.9"
 versions.bouncyCastleTlsFipsVersion = "2.1.20"
 versions.springBootVersion = "3.5.5"
-versions.springFrameworkVersion = "6.2.10"
-versions.springSecurityVersion = "6.5.3"
 versions.tomcatCargoVersion = "10.1.44"
 versions.guavaVersion = "33.4.8-jre"
 versions.seleniumVersion = "4.35.0"
 versions.braveVersion = "6.3.0"
-versions.jacksonVersion = "2.19.2"
 versions.opensaml = "4.0.1"
-versions.byteBuddyVersion = "1.17.7"
 
 // Versions we're overriding from the Spring Boot Bom (Dependabot does not issue PRs to bump these versions, so we need to manually bump them)
 ext["mariadb.version"] = "2.7.12" // Bumping to v3 breaks some pipeline jobs (and compatibility with Amazon Aurora MySQL), so pinning to v2 for now. v2 (current version) is stable and will be supported until about September 2025 (https://mariadb.com/kb/en/about-mariadb-connector-j/).
 ext["flyway.version"] = "7.15.0" // the next major (v8)'s community edition drops support with MySQL 5.7, which UAA still needs to support. Can bump to v8 once we solve this issue.
-ext["snakeyaml.version"] = "2.4" // manual update, see because of missing in spring boot https://github.com/spring-projects/spring-boot/issues/32221
-ext["jackson-bom.version"] = "${versions.jacksonVersion}" // Bumping to latest version because of compatiblity to snakeyaml 2.0
 ext["hsqldb.version"] = "2.7.4" // HSQL-DB used for tests but not supported for productive usage
 ext["selenium.version"] = "${versions.seleniumVersion}" // Selenium for integration tests only
-ext["spring-framework.version"] = "${versions.springFrameworkVersion}" // Maintain spring until upgrade to spring boot 3.x, https://github.com/cloudfoundry/uaa/issues/2115
-ext["spring-security.version"] = "${versions.springSecurityVersion}" // Maintain spring until upgrade to spring boot 3.x, https://github.com/cloudfoundry/uaa/issues/2115
 ext["tomcat.version"] = "${versions.tomcatCargoVersion}" // Maintain tomcat until upgrade to spring boot 3.x, https://github.com/cloudfoundry/uaa/issues/2115
 
 ext {
@@ -57,9 +49,9 @@ libraries.guavaTestLib = "com.google.guava:guava-testlib:${versions.guavaVersion
 libraries.hamcrest = "org.hamcrest:hamcrest"
 libraries.hibernateValidator = "org.hibernate.validator:hibernate-validator"
 libraries.hsqldb = "org.hsqldb:hsqldb"
-libraries.jacksonAnnotations = "com.fasterxml.jackson.core:jackson-annotations:${versions.jacksonVersion}"
-libraries.jacksonDatabind = "com.fasterxml.jackson.core:jackson-databind:${versions.jacksonVersion}"
-libraries.jacksonDataformatYaml = "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:${versions.jacksonVersion}"
+libraries.jacksonAnnotations = "com.fasterxml.jackson.core:jackson-annotations"
+libraries.jacksonDatabind = "com.fasterxml.jackson.core:jackson-databind"
+libraries.jacksonDataformatYaml = "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml"
 libraries.jakartaValidationApi = "jakarta.validation:jakarta.validation-api"
 libraries.jacocoAgent = "org.jacoco:org.jacoco.agent:0.8.13"
 libraries.jodaTime = "joda-time:joda-time:2.14.0"
@@ -73,12 +65,12 @@ libraries.log4jCore = "org.apache.logging.log4j:log4j-core"
 libraries.lombok = "org.projectlombok:lombok"
 libraries.mariaJdbcDriver = "org.mariadb.jdbc:mariadb-java-client"
 libraries.mockitoJunit5 = "org.mockito:mockito-junit-jupiter"
-libraries.bytebuddy = "net.bytebuddy:byte-buddy:${versions.byteBuddyVersion}"
-libraries.bytebuddyagent = "net.bytebuddy:byte-buddy-agent:${versions.byteBuddyVersion}"
+libraries.bytebuddy = "net.bytebuddy:byte-buddy"
+libraries.bytebuddyagent = "net.bytebuddy:byte-buddy-agent"
 libraries.openSamlApi = "org.opensaml:opensaml-saml-api:${versions.opensaml}"
 libraries.orgJson = "org.json:json:20250517"
 libraries.passay = "org.passay:passay:1.6.6"
-libraries.postgresql = "org.postgresql:postgresql:42.7.7"
+libraries.postgresql = "org.postgresql:postgresql"
 libraries.selenium = "org.seleniumhq.selenium:selenium-java:${versions.seleniumVersion}"
 libraries.seleniumRemoteDriver = "org.seleniumhq.selenium:selenium-remote-driver:${versions.seleniumVersion}"
 libraries.slf4jApi = "org.slf4j:slf4j-api"
@@ -110,7 +102,7 @@ libraries.springTx = "org.springframework:spring-tx"
 libraries.springWeb = "org.springframework:spring-web"
 libraries.springWebMvc = "org.springframework:spring-webmvc"
 libraries.statsdClient = "com.timgroup:java-statsd-client:3.1.0"
-libraries.thymeleafDialect = "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect:3.4.0" // bumped to 3.4.0 in spring boot 3.5.0
+libraries.thymeleafDialect = "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect"
 libraries.thymeleafExtrasSpringSecurity = "org.thymeleaf.extras:thymeleaf-extras-springsecurity6"
 libraries.thymeLeaf = "org.thymeleaf:thymeleaf"
 libraries.thymeleafSpring = "org.thymeleaf:thymeleaf-spring6"
