Update to Spring Boot 3.5.8 and align dependencies#3398
Open
justin-tay wants to merge 1 commit intoyahoo:masterfrom
Open
Update to Spring Boot 3.5.8 and align dependencies#3398justin-tay wants to merge 1 commit intoyahoo:masterfrom
justin-tay wants to merge 1 commit intoyahoo:masterfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This PR upgrades Spring Boot from 3.4.1 to 3.5.8 and updates numerous dependencies to their latest versions, including GraphQL, Jersey, Hibernate, and various Apache Commons libraries. The changes ensure compatibility with newer versions while addressing security vulnerabilities.
Key changes:
- Dependency version bumps across ~40 libraries with emphasis on major version updates for GraphQL (22.0 → 24.3), Jersey (3.1.8 → 3.1.11), and Spring Framework (6.1.10 → 6.2.14)
- Modified GraalVM native image support to work with GraalVM 21+ which no longer sets
java.class.path - Updated exception handling in
ExportApiEndpointto throw Jersey exceptions instead of usingsendError - Removed
javax.annotation.Nullableannotation due to Guava's removal of jsr305 dependency - Updated test expectations to match new GraphQL error message format
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| pom.xml | Updates ~40 dependency versions including Spring Boot 3.5.8, adds separate version property for graphql-java-extended-scalars |
| FetcherFetchTest.java | Updates expected error message to match new GraphQL validation error format with HTML entity encoding |
| ClassScannerCache.java | Adds getter method to expose cached annotation names for GraalVM feature |
| ElideFeature.java | Refactors to scan classes using GraalVM's ApplicationClassPath, adds lifecycle hook binding resolution |
| ExceptionMapper.java | Removes @Nullable annotation from interface method |
| ExportApiEndpoint.java | Replaces sendError calls with Jersey exception throwing (NotFoundException, InternalServerErrorException) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Upgrade the dependencies while making it still compatible with Spring Boot 3.5.8.
Motivation and Context
ExportApiEndpointto throw exceptions is due to newer version of Jersey which fails when usingsendErrorExceptionMapperto remove thejavax.annotation.Nullableannotation is because the latest version of Guava removed the jsr305 jarElideFeatureis due to GraalVM 21+ no longer settingjava.class.pathso ClassGraph cannot find classes during native build timeFetcherFetchTestis to update the expectation as the GraphQL error message has changedHow Has This Been Tested?
All existing tests pass.
Native compilation using Spring Boot was tested with the example compiling using GraalVM 21.
Manual testing was done using the example to ensure it is working.
License
I confirm that this contribution is made under an Apache 2.0 license and that I have the authority necessary to make this contribution on behalf of its copyright owner.