chore(deps): bump org.springframework.boot:spring-boot-starter-parent from 4.0.2 to 4.0.3 in /services/governance-api#21
Merged
DongDuong2001 merged 1 commit intofix/ci-mvnw-lintfrom Feb 24, 2026
Conversation
Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 4.0.2 to 4.0.3. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.2...v4.0.3) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-version: 4.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
dependabot
bot
deleted the
dependabot/maven/services/governance-api/org.springframework.boot-spring-boot-starter-parent-4.0.3
branch
DongDuong2001
added a commit
that referenced
this pull request
Feb 24, 2026
* fix(ci): fix mvnw permission denied and next lint workspace flag * fix(ci): set mvnw executable bit and normalize npm workspace flags * fix(ci): use working-directory for next lint/build, use mvn instead of mvnw * fix(ci): add eslint config for next lint and explicit jackson-databind dep * fix(ci): add H2 test config, fix contextLoads, fix CodeQL mvnw * fix(ci): resolve contextLoads failure and lint invalid directory error - Add WebEnvironment.NONE and @activeprofiles('test') to GovernanceApiApplicationTests to prevent ReactorResourceFactory from failing when loading the full application context in CI - Change ESLint step to run from repo root with --workspace=apps/web instead of working-directory to fix 'invalid project directory' error caused by npm appending '/lint' to the path * fix(ci): fix lint path passthrough and Spring Boot context load failure - ci.yml: simplify lint step to pm run lint from root; root package.json already delegates to apps/web workspace, so passing --workspace flag was forwarding it as a directory arg to next lint - Add TestSecurityConfig with a stub @primary JwtDecoder so SecurityConfig's .oauth2ResourceServer() does not attempt to fetch the OIDC discovery document from the issuer URI at startup in CI - Import TestSecurityConfig in GovernanceApiApplicationTests - Update test application.yml: replace autoconfigure exclusion with a localhost stub issuer-uri, and add nexusguard.service-token and nexusguard.cors.allowed-origins stubs for @value injection * Potential fix for code scanning alert no. 1: Unused variable, import, function or class (#20) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fix(ci): fix ESLint violations and Spring Boot OIDC discovery at startup - policies/page.tsx: remove unused Plus import; prefix unused typeBadge parameter with _ to satisfy no-unused-vars rule - test/application.yml: replace issuer-uri with jwk-set-uri so Spring Security skips OIDC discovery HTTP call during context refresh in CI * fix(ci): bypass npm workspace arg-forwarding bug and use @MockBean for JwtDecoder - ci.yml: run 'npx next lint' directly from apps/web working-directory instead of via root npm script (which appends workspace path as arg) - package.json: update lint script to use -w shorthand - GovernanceApiApplicationTests: replace @import+@primary with @MockBean JwtDecoder @MockBean always overrides auto-configured beans before context refresh, preventing any JWK/OIDC network calls in CI * chore(deps): bump eslint from 10.0.0 to 10.0.1 (#26) Bumps [eslint](https://github.com/eslint/eslint) from 10.0.0 to 10.0.1. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.0.0...v10.0.1) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.0.1 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump lucide-react from 0.574.0 to 0.575.0 (#25) Bumps [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) from 0.574.0 to 0.575.0. - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.575.0/packages/lucide-react) --- updated-dependencies: - dependency-name: lucide-react dependency-version: 0.575.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump @types/node from 25.2.3 to 25.3.0 (#24) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.2.3 to 25.3.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.3.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump the tailwind-ecosystem group with 2 updates (#23) Bumps the tailwind-ecosystem group with 2 updates: [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) and [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss). Updates `tailwindcss` from 4.1.18 to 4.2.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.0/packages/tailwindcss) Updates `@tailwindcss/postcss` from 4.1.18 to 4.2.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.0/packages/@tailwindcss-postcss) --- updated-dependencies: - dependency-name: tailwindcss dependency-version: 4.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: tailwind-ecosystem - dependency-name: "@tailwindcss/postcss" dependency-version: 4.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: tailwind-ecosystem ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Duong Phu Dong <dongduong840@gmail.com> * chore(deps): bump lucide-react from 0.574.0 to 0.575.0 in /apps/web (#22) Bumps [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) from 0.574.0 to 0.575.0. - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.575.0/packages/lucide-react) --- updated-dependencies: - dependency-name: lucide-react dependency-version: 0.575.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump org.springframework.boot:spring-boot-starter-parent (#21) Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 4.0.2 to 4.0.3. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.2...v4.0.3) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-version: 4.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps org.springframework.boot:spring-boot-starter-parent from 4.0.2 to 4.0.3.
Release notes
Sourced from org.springframework.boot:spring-boot-starter-parent's releases.
... (truncated)
Commits
1ab1436Release v4.0.35cc488dMerge branch '3.5.x' into 4.0.x9138ae2Next development version (v3.5.12-SNAPSHOT)a7e63a7Merge branch '3.5.x' into 4.0.x54ab3c5Align "noteworthy" issues in release notes with Spring Frameworkb3ae5b1Merge branch '3.5.x' into 4.0.x996664fTemporarily switch Docker to overlay21ce8743Revert "Temporarily disable containerd snapshotter"5ba88c6Temporarily disable containerd snapshotter1f1a88cRevert "Temporarily update system tests to use specific platform"Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)