(3.4.x): Bump org.springframework.boot:spring-boot-dependencies from 3.4.7 to 3.4.8 #391

dependabot · 2025-07-25T06:29:50Z

Bumps org.springframework.boot:spring-boot-dependencies from 3.4.7 to 3.4.8.

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.4.8

🐞 Bug Fixes

LambdaSafe.withFilter is not public #46472

Executable JAR application class encounters performance issues when used with Palo Alto Network Cortex XDR agent #46401

Runtime dependencies are missing from aotCompileClasspath and aotTestCompileClasspath when using Kotlin #46397

jdbc.connections.active and jdbc.connections.idle metrics are not available when using Hikari in a native image #46214

Hash calculation for uber archive entries that require unpacking is inefficient #46202

Permissions are applied inconsistently when building uber archives with Gradle #46193

EmbeddedWebServerFactoryCustomizerAutoConfiguration fails when undertow-core is on the classpath and undertow-servlet is not #46178

Setting spring.netty.leak-detection has no effect when lazy initialization is enabled #46164

Executable JAR application class encounters performance issues #46063

developmentOnly and testAndDevelopmentOnly dependencies may prevent implementation dependencies from being included in the uber-jar #46043

Binder context does not restore previous source causing missing data on Spring Boot 3.5 or above #46039

Setting spring.reactor.context-propagation has no effect when lazy initialization is enabled #45846

📔 Documentation

Fix description of spring.batch.job.enabled #46228

Fix broken Kotlin examples in reference documentation #46064

🔨 Dependency Upgrades

Upgrade to ActiveMQ 6.1.7 #46385

Upgrade to GraphQL Java 22.4 #46394

Upgrade to Groovy 4.0.28 #46512

Upgrade to Hibernate 6.6.22.Final #46491

Upgrade to Infinispan 15.0.18.Final #46462

Upgrade to Jetty 12.0.23 #46388

Upgrade to Micrometer 1.14.9 #46273

Upgrade to Micrometer Tracing 1.4.8 #46274

Upgrade to MySQL 9.3.0 #46370

Upgrade to Neo4j Java Driver 5.28.9 #46430

Upgrade to Netty 4.1.123.Final #46431

Upgrade to Prometheus Client 1.3.10 #46389

Upgrade to Reactor Bom 2024.0.8 #46275

Upgrade to RxJava3 3.1.11 #46390

Upgrade to Spring AMQP 3.2.6 #46276

Upgrade to Spring Data Bom 2024.1.8 #46277

Upgrade to Spring Framework 6.2.9 #46278

Upgrade to Spring GraphQL 1.3.6 #46391

Upgrade to Spring Integration 6.4.6 #46361

Upgrade to Spring Kafka 3.3.8 #46363

Upgrade to Spring Pulsar 1.2.8 #46279

Upgrade to Spring Security 6.4.8 #46476

Upgrade to Tomcat 10.1.43 #46392

Upgrade to XmlUnit2 2.10.3 #46393

❤️ Contributors

... (truncated)

Commits

0e63169 Release v3.4.8
3f0f79b Upgrade to Spring Integration 6.4.6
ff8443c Upgrade to Groovy 4.0.28
5406976 Apply commercial input consistently
0959f86 Upgrade to Hibernate 6.6.22.Final
5cc58bf Correct version policy value for MySQL
b19ba3a Configure MySQL with a same-major upgrade policy
585adab Migrate to spring-io/central-publish-action
3e6e64e Use build instead of temp dir for Gradle TestKit directories
a8172e2 Revert "Polish"
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 3.4.7 to 3.4.8. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.4.7...v3.4.8) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-dependencies dependency-version: 3.4.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependency-upgrade label Jul 25, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

(3.4.x): Bump org.springframework.boot:spring-boot-dependencies from 3.4.7 to 3.4.8 #391

(3.4.x): Bump org.springframework.boot:spring-boot-dependencies from 3.4.7 to 3.4.8 #391

Uh oh!

dependabot bot commented on behalf of github Jul 25, 2025

Uh oh!

Uh oh!

(3.4.x): Bump org.springframework.boot:spring-boot-dependencies from 3.4.7 to 3.4.8 #391

Are you sure you want to change the base?

(3.4.x): Bump org.springframework.boot:spring-boot-dependencies from 3.4.7 to 3.4.8 #391

Uh oh!

Conversation

dependabot bot commented on behalf of github Jul 25, 2025

v3.4.8

🐞 Bug Fixes

📔 Documentation

🔨 Dependency Upgrades

❤️ Contributors

Uh oh!

Uh oh!