chore(deps): update dependency org.springframework.modulith:spring-modulith-bom to v2

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
org.springframework.modulith:spring-modulith-bom (source)	1.4.5 -> 2.0.1

---

Release Notes

spring-projects/spring-modulith (org.springframework.modulith:spring-modulith-bom)

v2.0.1

Compare Source

💡 Improvements

• Allow resetting the shift in TimeMachine #​1491

🪲 Bugs

• @ApplicationModuleTest does not bootstrap beans from test configuration #​1495
• CGLib proxy created for JdbcEventPublicationRepositoryV2causing issues in native image #​1493
• ClassNotFoundException for package-info from JavaPackage during runtime bootstrap #​1487

🔨 Dependency Upgrades

• Upgrade to Spring Boot 4.0.1 #​1510
• Upgrade to jMolecules 2025.0.2 #​1509
• Upgrade to MongoDB 5.6.2 #​1508
• Upgrade to Testcontainers 2.0.3 #​1507
• Upgrade to Spring Framework 7.0.2 #​1506
• Upgrade to Micrometer Tracing 1.6.1 #​1505

v2.0.0: 2.0 GA

Compare Source

⭐ New Features

• Overhaul event publication lifecycle #​796 (Neo4j #​1337, MongoDB #​1336, JDBC #​1321, JPA #​1375, #​1389)
• Support for application-module-specific Flyway migrations #​1067, #​1440
• Allow serialized execution of event externalization #​1370
• Support to verify application module structure on startup #​1287
• Propagate named interface assignments of types to return and parameter types of methods declared #​1264
• Extract module description from a module's base package package-info.java Javadoc #​1430
• Remove deprecated @ApplicationEventListener annotation #​1397
• Support for Jackson 3 in event serialization #​1364, #​1369 (with Jackson 2 still supported)
• Migrate nullness verification to jSpecify #​1192

💡 Improvements

• Prevent application module misconfiguration due to invalid additional packages #​1251
• Expose additional application module metadata in application-modules.json #​1276
• Cleanup configuration metadata creation #​1455
• Improve bootstrap procedure for ApplicationModulesEndpoint #​1338
• Unnecessary context bootstrap triggered for application module tests due to overly constrained equals(…) and hashCode() in ModuleTypeExcludeFilter #​1216
• Register SQL schemas as native image resources #​1449
• Reflection metadata missing in JSONPath lookup for application module identifiers on GraalVM #​1254
• List module description before base package in canvas #​1447
• Update version compatibility matrix in reference docs #​1289
• Fix a typo in the overview docs #​1294
• Fix typo in reference documentation #​1394
• Improve Documentation on Change Aware Test Execution #​1382
• Switch automatic Hexagonal Architecture verification to lenient mode #​1366
• Resolve JUnit warnings regarding nested test classes [#​1326](https://github.com/spring-projects/ spring-modulith/issues/1326)
• Constrain access to internally used methods of ApplicationModuleSource #​1283
• Remove legacy reflection-based event handling in PersistentApplicationEventMulticaster #​1356
• Update copyright year in index.adoc #​1368
• Polish deprecations in PublishedEvents #​1448

🪲 Bugs

• Forward classloader in ConfigDataEnvironmentPostProcessor application in ApplicationModuleDetectionStrategy lookup #​1435
• Potential NullPointerException in annotation detection in JavaPackage #​1341
• Avoid ConcurrentModificationException in PackageName #​1319
• Potential stack overflow when looking up a module's dependencies if it's part of a cycle #​1299
• ApplicationModules.toString() should list all dependencies, marking bootstrap dependencies #​1285
• Named interfaces leaking from submodules into parent ones #​1279
• Inconsistent visibility of NamedInterface.of(String name, Classes classes) #​1272
• Repeated invocation of AOT phase breaks creation of application-modules.json #​1457
• Properly detect Maven test execution in BuildSystemUtils #​1432
• Properly disable APT execution for test sources when using KAPT #​1386
• Exception during file creation from APT module #​1263
• Incompatible path handling for KAPT with Maven #​1209
• Invalid type reference in check for jMolecules Onion Architecture integration presence #​1414
• Potential NoClassDefFoundError when jMolecules DDD artifact is missing from the classpath #​1333
• TestExecutionCondition should fall back to execute the test if more than one main class is found #​1391
• Potential ConcurrentModificationException when running @ApplicationModuleTest tests in parallel #​1295
• Version compatibility of 1.4 should state Boot 3.5 at compile target #​1331
• Remove reference to JGraphT from reference documentation #​1288

🔨 Dependency Upgrades

• Upgrade to Spring Boot 4.0
• Upgrade to Spring Framework 7.0
• Upgrade to jMolecules 2025.0
• Upgrade to Structurizr 5
• Upgrade to ArchUnit 1.4.1
• Upgrade to Testcontainers 2.0
• Upgrade to Micrometer 1.6
• Upgrade to Micrometer Tracing 1.6
• Upgrade to NullAway 0.12.10
• Upgrade to jGit 7.4
• Upgrade to Cute 1.9.0
• Upgrade to APTK 0.30.5 #​1372

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​jekutzsche, @​kitt51, @​patbaumgartner, @​tlarbals824, and @​val-beresneva

v1.4.6

Compare Source

🪲 Bugs

• @ApplicationModuleTest does not bootstrap beans from test configuration #​1494

🔨 Dependency Upgrades

• Upgrade to Spring Boot 3.5.9 #​1502
• Upgrade to Testcontainers 1.21.4 #​1501
• Upgrade to Spring Framework 6.2.15 #​1497
• Upgrade to Micrometer Tracing 1.5.7 #​1496

---

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" in timezone America/Havana, Automerge - "before 4am on the first day of the month" in timezone America/Havana.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[cloudflare-workers-and-pages]

Deploying cvix-app with    Cloudflare Pages

Latest commit:	1b64a9c
Status:	✅  Deploy successful!
Preview URL:	https://a3d6a2dd.cvix-app.pages.dev
Branch Preview URL:	https://renovate-major-springmodulit.cvix-app.pages.dev

View logs

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[github-actions]

Qodana for JVM

68 new problems were found

Inspection name	Severity	Problems
Unused symbol	🔶 Warning	42
Invalid YAML configuration	🔶 Warning	5
Unstable API Usage	🔶 Warning	4
Duplicated code fragment	◽️ Notice	9
Unknown HTTP header	◽️ Notice	5
Multi-dollar interpolation can be used in string literals (available since 2.1)	◽️ Notice	1
If-Null return/break/... foldable to '?:'	◽️ Notice	1
Vulnerable declared dependency	◽️ Notice	1

☁️ View the detailed Qodana report

Contact Qodana team

Contact us at [email protected]

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions

[github-actions]

Test Results

185 files  185 suites   58s ⏱️
846 tests 745 ✅ 0 💤 101 ❌
850 runs  749 ✅ 0 💤 101 ❌

For more details on these failures, see this check.

Results for commit 6c07433.

♻️ This comment has been updated with latest results.

[cloudflare-workers-and-pages]

Deploying cvix with    Cloudflare Pages

Latest commit:	6c07433
Status:	✅  Deploy successful!
Preview URL:	https://d2c96397.cvix.pages.dev
Branch Preview URL:	https://renovate-major-springmodulit.cvix.pages.dev

View logs

[github-actions]

Qodana for JVM

79 new problems were found

Inspection name	Severity	Problems
Unused symbol	🔶 Warning	43
Invalid YAML configuration	🔶 Warning	6
Potentially ambiguous 'kotlin.coroutine.coroutineContext' usage	🔶 Warning	4
Unstable API Usage	🔶 Warning	4
Unresolved reference in KDoc	🔶 Warning	2
Redundant qualifier name	🔶 Warning	2
Unknown HTTP header	◽️ Notice	10
Duplicated code fragment	◽️ Notice	2
Unnecessary type argument	◽️ Notice	2
Multi-dollar interpolation can be used in string literals (available since 2.1)	◽️ Notice	1
String concatenation that can be converted to string template	◽️ Notice	1
If-Null return/break/... foldable to '?:'	◽️ Notice	1
Vulnerable declared dependency	◽️ Notice	1

☁️ View the detailed Qodana report

Contact Qodana team

Contact us at [email protected]

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud