Skip to content

Bump org.springframework.boot:spring-boot-starter from 3.3.12 to 3.3.13 in the development-dependencies group #3981

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: 3.3.x
Choose a base branch
from
Open

Bump org.springframework.boot:spring-boot-starter from 3.3.12 to 3.3.13 in the development-dependencies group #3981

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 19, 2025
edited
Loading

Bumps the development-dependencies group with 1 update: org.springframework.boot:spring-boot-starter.

Updates org.springframework.boot:spring-boot-starter from 3.3.12 to 3.3.13

Release notes

Sourced from org.springframework.boot:spring-boot-starter's releases.

v3.3.13

⚠️ Noteworthy Changes

  • This release upgrades to Tomcat 10.1.42 which has introduced limits for part count and header size in multipart/form-data requests. These limits can be customized using server.tomcat.max-part-count and server.tomcat.max-part-header-size respectively.

🐞 Bug Fixes

  • Executable JAR application class encounters performance issues when classpath URLs reference a host #46015
  • Loading from spring.factories may fail with a ClassNotFoundException when the TCCL changes between calls #45984
  • DataSouceBuilder can fail with a NPE when the driver is null #45976
  • Actuator heapdump endpoint is failing on modern OpenJ9 JVMs #45973

📔 Documentation

  • Fix Docker security options links in Packaging OCI images sections #46016
  • Timestamps in Retrieving Audit Events examples do not match the accompanying text #45995
  • Links to Testcontainers javadoc for many classes not in the core testcontainers module do not work #45802
  • Gradle Shadow Plugin link in the reference guide is outdated #45720
  • Document use of git-commit-id-maven-plugin consistently #45677
  • Improve documentation for configuring Spring Security with '/error' #45663
  • Clarify the situation with support for Prometheus PushGateway and the deprecated simpleclient #44392
  • Update javadoc of Configurer classes that apply sensible defaults to describe how they're typically used #42878

🔨 Dependency Upgrades

  • Upgrade to Groovy 4.0.27 #45805
  • Upgrade to Infinispan 15.0.15.Final #45806
  • Upgrade to Jaybird 5.0.8.java11 #45807
  • Upgrade to Jetty 12.0.22 #45809
  • Upgrade to Jetty Reactive HTTPClient 4.0.10 #45808
  • Upgrade to jOOQ 3.19.24 #45940
  • Upgrade to Micrometer 1.13.15 #45749
  • Upgrade to Micrometer Tracing 1.3.13 #45750
  • Upgrade to Netty 4.1.122.Final #45810
  • Upgrade to Postgresql 42.7.7 #45941
  • Upgrade to Reactor Bom 2023.0.19 #45751
  • Upgrade to Spring AMQP 3.1.12 #45752
  • Upgrade to Spring Authorization Server 1.3.7 #45753
  • Upgrade to Spring Data Bom 2024.0.13 #45754
  • Upgrade to Spring Framework 6.1.21 #45755
  • Upgrade to Spring Integration 6.3.11 #45756
  • Upgrade to Spring Kafka 3.2.10 #45757
  • Upgrade to Spring LDAP 3.2.13 #45758
  • Upgrade to Spring Pulsar 1.1.13 #45759
  • Upgrade to Spring RESTDocs 3.0.4 #45760
  • Upgrade to Spring Security 6.3.10 #45761
  • Upgrade to Spring WS 4.0.15 #45762
  • Upgrade to Tomcat 10.1.42 #45869

❤️ Contributors

... (truncated)

Commits
  • be14679 Release v3.3.13
  • c63eba3 Revert "Publish releases using Central Portal"
  • 206785f Only cache JarFile URL keys that are cheap to lookup
  • 8681b94 Publish releases using Central Portal
  • 13d265c Merge pull request #46016 from davidlj95
  • f4e0422 Fix Docker security options broken link in OCI images packaging docs
  • bab9071 Revert "Work around Spring Framework cache pollution bug"
  • f6c8884 Upgrade to Spring Integration 6.3.11
  • 6ef1830 Document that /error is secured by default
  • d9e4b66 Add properties for new max part count and max part header size
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added the type: dependency-upgrade Pull requests that update a dependency file label Jun 19, 2025
@github-actions github-actions bot added type: task and removed type: dependency-upgrade Pull requests that update a dependency file labels Jun 19, 2025
@dependabot
Bump org.springframework.boot:spring-boot-starter
23a7976 
Bumps the development-dependencies group with 1 update: [org.springframework.boot:spring-boot-starter](https://github.com/spring-projects/spring-boot).


Updates `org.springframework.boot:spring-boot-starter` from 3.3.12 to 3.3.13
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.3.12...v3.3.13)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter
  dependency-version: 3.3.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/gradle/3.3.x/development-dependencies-9f49b18a0a branch from b7e89be to 23a7976 Compare June 21, 2025 10:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
type: task
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants