Bump the prod-deps group across 1 directory with 6 updates

[dependabot]

Bumps the prod-deps group with 5 updates in the / directory:

Package	From	To
org.springframework.boot:spring-boot-starter-parent	3.4.6	3.5.6
org.springdoc:springdoc-openapi-starter-webmvc-ui	2.8.8	2.8.13
org.springframework.modulith:spring-modulith-bom	1.3.5	1.4.3
org.jmolecules:jmolecules-bom	2023.3.1	2023.3.4
org.apache.maven.plugins:maven-compiler-plugin	3.14.0	3.14.1

Updates org.springframework.boot:spring-boot-starter-parent from 3.4.6 to 3.5.6

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.5.6

🐞 Bug Fixes

• Quoted -D arguments break system property resolution on Linux with Spring AOT #47166
• Groovy Templates fails with an NPE when rendering an auto new line #47139
• available() does not behave correctly when reading stored entries from a NestedJarFile #47057
• spring-boot-docker-compose doesn't create service connections when image has registry host but not project #47019
• Flyway Ignore Migration Patterns setting can't be set to an empty string #47013

📔 Documentation

• Default value of server.tomcat.resource.cache-ttl is not documented #47253
• Document Java 25 support #47245
• Fix links to Flyway reference documentation #46988
• Clarify Javadoc of Customizer interfaces about overriding behavior #46942

🔨 Dependency Upgrades

• Upgrade to Ehcache3 3.10.9 #47106
• Upgrade to Elasticsearch Client 8.18.6 #47094
• Upgrade to Gson 2.13.2 #47158
• Upgrade to Hibernate 6.6.29.Final #47216
• Upgrade to HikariCP 6.3.3 #47187
• Upgrade to HttpCore5 5.3.5 #47108
• Upgrade to Infinispan 15.2.6.Final #47109
• Upgrade to Jakarta Activation 2.1.4 #47188
• Upgrade to Jakarta Mail 2.1.4 #47110
• Upgrade to Jaybird 6.0.3 #47111
• Upgrade to Jetty 12.0.27 #47159
• Upgrade to jOOQ 3.19.26 #47160
• Upgrade to Lombok 1.18.40 #47113
• Upgrade to MariaDB 3.5.6 #47189
• Upgrade to Maven Failsafe Plugin 3.5.4 #47190
• Upgrade to Maven Shade Plugin 3.6.1 #47191
• Upgrade to Maven Surefire Plugin 3.5.4 #47192
• Upgrade to Micrometer 1.15.4 #47083
• Upgrade to Micrometer Tracing 1.5.4 #47084
• Upgrade to Netty 4.1.127.Final #47127
• Upgrade to R2DBC MSSQL 1.0.3.RELEASE #47193
• Upgrade to Reactor Bom 2024.0.10 #47085
• Upgrade to Spring AMQP 3.2.7 #47086
• Upgrade to Spring Batch 5.2.3 #47087
• Upgrade to Spring Data Bom 2025.0.4 #47088
• Upgrade to Spring Framework 6.2.11 #47089
• Upgrade to Spring GraphQL 1.4.2 #47090
• Upgrade to Spring Integration 6.5.2 #47091
• Upgrade to Spring Kafka 3.3.10 #47092
• Upgrade to Spring Pulsar 1.2.10 #47093
• Upgrade to Spring Security 6.5.5 #47257
• Upgrade to Tomcat 10.1.46 #47194

... (truncated)

Commits

• 23bcd7b Release v3.5.6
• d96267f Merge branch '3.4.x' into 3.5.x
• 9363f03 Next development version (v3.4.11-SNAPSHOT)
• a465cdb Revert "Upgrade to Jakarta XML Bind 4.0.4"
• 391e745 Merge branch '3.4.x' into 3.5.x
• ad9a7ee Revert "Upgrade to Jakarta XML Bind 4.0.4"
• 66ba918 Document support for Java 25
• 943f0ae Merge branch '3.4.x' into 3.5.x
• 43fee16 Upgrade to Spring Batch 5.2.3
• 11de7d1 Upgrade to Spring Batch 5.2.3
• Additional commits viewable in compare view

Updates org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.8 to 2.8.13

Release notes

Sourced from org.springdoc:springdoc-openapi-starter-webmvc-ui's releases.

springdoc-openapi v2.8.13 released!

Added

• #3084 - Add Scalar Support

Changed

• Upgrade swagger-ui to v5.28.1

Fixed

• #3076 - With oneOf the response schema contains an extra type: string

Full Changelog: springdoc/springdoc-openapi@v2.8.12...v2.8.13

springdoc-openapi v2.8.12 released!

Changed

• Upgrade swagger-ui to v5.28.0

Fixed

• #3073 - Duplicate key class Parameter when documenting two GET methods with same path and PathVariable.
• #3071 - @​io.swagger.v3.oas.annotations.parameters.RequestBody does not work well with @​RequestPart
• #3066 - Parameter is now required after upgrading to springdoc-openapi 2.8.10

Full Changelog: springdoc/springdoc-openapi@v2.8.11...v2.8.12

springdoc-openapi v2.8.11 released!

Added

• #3065 - javadoc and overall performance optimization

Changed

• Upgrade spring-boot to v3.5.5

Fixed

• #3064 -ClassNotFoundException: kotlin.reflect.full.KClasses

New Contributors

• @​rayuuuu made their first contribution in springdoc/springdoc-openapi#3065

Full Changelog: springdoc/springdoc-openapi@v2.8.10...v2.8.11

springdoc-openapi v2.8.10 released!

What's Changed

• Fix unexpected merging of media types by @​Mattias-Sehlstedt in springdoc/springdoc-openapi#3026
• Fixed "desciption" typo by @​lc-nyovchev in springdoc/springdoc-openapi#3036

... (truncated)

Changelog

Sourced from org.springdoc:springdoc-openapi-starter-webmvc-ui's changelog.

[2.8.13] - 2025-09-07

Added

• #3084 - Add Scalar Support

Changed

• Upgrade swagger-ui to v5.28.1

Fixed

• #3076 - With oneOf the response schema contains an extra type: string

[2.8.12] - 2025-09-01

Changed

• Upgrade swagger-ui to v5.28.0

Fixed

• #3073 - Duplicate key class Parameter when documenting two GET methods with same path and PathVariable.
• #3071 - @​io.swagger.v3.oas.annotations.parameters.RequestBody does not work well with @​RequestPart
• #3066 - Parameter is now required after upgrading to springdoc-openapi 2.8.10

[2.8.11] - 2025-08-23

Added

• #3065 - javadoc and overall performance optimization

Changed

• Upgrade spring-boot to v3.5.5

Fixed

• #3064 -ClassNotFoundException: kotlin.reflect.full.KClasses

[2.8.10] - 2025-08-20

Added

• #3046 - Feature Request: Support @​jakarta.annotation.Nonnull.
• #3042 - Support externalDocs configure on SpecPropertiesCustomizer
• #3057 - Refactor webhook discovery and scanning mechanism

Changed

... (truncated)

Commits

• 7ddac7d [maven-release-plugin] prepare release v2.8.13
• a66dfdb dependency review and prepare for the next release
• 5c46afb Add logic to skipPublishing Tests to Maven Central
• 92b5080 skip tests deploy
• 672b42c Adding Scalar to springdoc-bom. Fixes #3084
• e0feb04 Adding initial Scalar Support. Fixes #3084
• 31ba90b Update pom.xml
• 2c55b9d Update CHANGELOG.md
• 4ca2601 With 'oneOf' the response schema contains an extra 'type: string. Fixes #3076
• ea14088 [maven-release-plugin] prepare for next development iteration
• Additional commits viewable in compare view

Updates org.projectlombok:lombok from 1.18.38 to 1.18.40

Changelog

Sourced from org.projectlombok:lombok's changelog.

v1.18.40 (September 4th, 2025)

• PLATFORM: JDK25 support added #3859.
• BUGFIX: Recent versions of eclipse (or the eclipse-based java lang server for VSCode) caused java.lang.IllegalArgumentException: Document does not match the AST. [Issue #3886](projectlombok/lombok#3886).
• PERFORMANCE: @ExtensionMethod is now significantly faster [Issue #3866](projectlombok/lombok#3866).
• BUGFIX: the command line config tool would emit incorrect output for nullity annotations. [Issue #3931](projectlombok/lombok#3931).
• FEATURE: @Jacksonized @Accessors(fluent=true) automatically creates the relevant annotations such that Jackson correctly identifies fluent accessors. [Issue #3265](projectlombok/lombok#3265), [Issue #3270](projectlombok/lombok#3270).
• IMPROBABLE BREAKING CHANGE: From versions 1.18.16 to 1.18.38, lombok automatically copies certain Jackson annotations (e.g., @JsonProperty) from fields to the corresponding accessors (getters/setters). However, it turned out to be harmful in certain situations. Thus, Lombok does not automatically copy those annotations any more. You can restore the old behavior using the config key lombok.copyJacksonAnnotationsToAccessors = true.

Commits

• 0187946 [release] pre-release version bump for v1.18.40
• 3c0b6a8 [changelog] Replace PRs with issues, add #3866 fi and #3931 fix.
• 4ae2db7 Merge pull request #3889 from Rawi01/extensionmethod-name-check
• 7eee00a [fixes #3931] Proper output for config tool addNullAnnotations
• 3392bb9 [fixes #3866] Check extension method name before resolving types
• 87e8af4 [comment] Added explanation: We skip ecj check on `NonNullOnRecordExistingCon...
• 1255ae0 [optimisation] Avoid making a pointless arraylist in 90% of cases.
• 7aa264e Merge pull request #3888 from Rawi01/eclipse-record-refactoring
• fb4651b [changelog] Logged: JDK25 support.
• 6648115 Merge branch 'jdk25'
• Additional commits viewable in compare view

Updates org.springframework.modulith:spring-modulith-bom from 1.3.5 to 1.4.3

Release notes

Sourced from org.springframework.modulith:spring-modulith-bom's releases.

1.4.3

🪲 Bugs

• Potential NullPointerException in annotation detection in JavaPackage #1342
• Potential NoClassDefFoundError when jMolecules DDD artifact is missing from the classpath #1340
• Version compatibility of 1.4 should state Boot 3.5 at compile target #1339
• Avoid ConcurrentModificationException in PackageName #1324
• Remove reference to JGraphT from reference documentation #1323

🔨 Dependency Upgrades

• Upgrade to Spring Boot 3.5.5 #1350
• Upgrade to Spring Framework 6.2.10 #1349
• Upgrade to Micrometer Tracing 1.5.3 #1348

1.4.2

💡 Improvements

• Update version compatibility matrix in reference docs #1290
• Expose additional application module metadata in application-modules.json #1277
• Unnecessary context bootstrap triggered for application module tests due to overly constrained equals(…) and hashCode() in ModuleTypeExcludeFilter #1261

🪲 Bugs

• Potential ConcurrentModificationException when running @ApplicationModuleTest tests in parallel #1302
• Potential stack overflow when looking up a module's dependencies if it's part of a cycle #1300
• ApplicationModules.toString() should list *all* dependencies marking bootstrap dependencies #1286
• Exception during file creation from APT module #1284
• Named interfaces leaking from submodules into parent ones #1280

🔨 Dependency Upgrades

• Upgrade to Spring Boot 3.5.4 #1320
• Upgrade jMolecules to 2023.2.2 in examples #1315
• Upgrade to Testcontainers 1.21.3 #1314
• Upgrade to Micrometer 1.15.2 #1313
• Upgrade to Spring Framework 6.2.9 #1308
• Upgrade to Micrometer Tracing 1.5.2 #1307
• Upgrade to jMolecules 2023.3.2 #1306

1.4.1

💡 Improvements

• Reflection metadata missing in JSONPath lookup for application module identifiers on GraalVM #1250
• Prevent application module misconfiguration due to invalid additional packages #1247

🪲 Bugs

• Incompatible path handling for KAPT with Maven #1255
• Fix automatic module name of Moments artifact #1220

... (truncated)

Commits

• 364912d GH-1347 - Release version 1.4.3.
• 22ee848 GH-1347 - Remove obsolete artifact references from BOM.
• f687776 GH-1350 - Upgrade to Spring Boot 3.5.5.
• 47406cd GH-1349 - Update to Spring Framework 6.2.10.
• da779e7 GH-1348 - Update to Micrometer Tracing 1.5.3.
• 9d512b6 GH-1347 - Let preparing release build step build with release profile.
• 9d7abb0 GH-1342 - Avoid potential NullPointerException in annotation lookup for JavaP...
• ec7022c GH-1340 - Guard against missing jMolecules DDD artifacts for architectural ve...
• 6e5f090 GH-1339 - Fix documentation on Spring Boot compatibility.
• c14577d GH-1324 - Avoid ConcurrentModificationException in PackageName.
• Additional commits viewable in compare view

Updates org.jmolecules:jmolecules-bom from 2023.3.1 to 2023.3.4

Commits

• 22eb078 Release version 2023.3.4.
• 4ef78b1 Upgrade to jMolecules Integrations 0.30.
• d5fe175 Upgrade to jMolecules Integrations 0.30 snapshots.
• 66ecf5c Prepare next development iteration.
• b73da86 Release version 2023.3.3.
• c64b763 Upgrade to jMolecules Integrations 0.29.
• e80c809 Switch to Maven Central artifact deployment.
• 1b85969 Upgrade to jMolecules Integrations 0.29 snapshots.
• 7d3fbbc Prepare next development iteration.
• 26cf01e Release version 2023.3.2.
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.14.0 to 3.14.1

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.14.1

🚀 New features and improvements

• Improve DeltaList behavior for large projects (#335) @​gsmet
• Allow to not use --module-version for the Java compiler (#331) @​pzygielo

🐛 Bug Fixes

• Add generatedSourcesPath back to the maven project (#312) @​mensinda
• [MCOMPILER-538] - Do not add target/generated-sources/annotations to the source roots (#191) @​mensinda

📦 Dependency updates

• Enforce asm version used here, to not depend on brittle transitive (#964) @​olamy
• Bump mavenVersion from 3.9.10 to 3.9.11 (#952) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 44 to 45 (#935) @dependabot[bot]
• Bump mavenVersion from 3.9.9 to 3.9.10 (#336) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#324) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 43 to 44 (#316) @dependabot[bot]

Commits

• 0df6940 [maven-release-plugin] prepare release maven-compiler-plugin-3.14.1
• 1bf9e5a Enforce asm version used here, to not depend on brittle transitive (#964)
• f5161c4 Bump mavenVersion from 3.9.10 to 3.9.11 (#952)
• 63846f1 Improve DeltaList behavior for large projects (#335)
• ab3f845 Bump org.apache.maven.plugins:maven-plugins from 44 to 45
• 164bad4 Allow to not use --module-version for the Java compiler
• 0b76ccd Bump mavenVersion from 3.9.9 to 3.9.10
• 5dbc9c3 Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0
• 17949d1 Bump org.apache.maven.plugins:maven-plugins from 43 to 44 (#316)
• d44d1be Add generatedSourcesPath back to the maven project
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions