Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Update dependency org.apache.tomcat.embed:tomcat-embed-jasper to v10.1.53
• Update dependency org.apache.tomcat.embed:tomcat-embed-websocket to v10.1.53
• Update dependency org.postgresql:postgresql to v42.7.10
• Update dependency org.springdoc:springdoc-openapi-starter-webmvc-ui to v2.8.16
• Update logback monorepo to v1.5.32 (ch.qos.logback:logback-classic, ch.qos.logback:logback-core)
• Update dependency com.azure.spring:spring-cloud-azure-starter-active-directory to v5.25.0
• Update dependency com.mchange:c3p0 to v0.12.0
• Update dependency joda-time:joda-time to v2.14.1
• Update dependency org.apache.cxf:cxf-spring-boot-starter-jaxrs to v4.2.0
• Update dependency org.apache.xmlgraphics:batik-css to v1.19
• Update dependency org.easymock:easymock to v5.6.0
• Update dependency org.htmlunit:neko-htmlunit to v4.21.0
• Update dependency org.mockito:mockito-junit-jupiter to v5.23.0
• Update dependency org.owasp.esapi:esapi to v2.7.0.0
• Update dependency org.yaml:snakeyaml to v2.6
• Update Gradle to v8.14.4
• Update jackson monorepo to v2.21.2 (com.fasterxml.jackson.datatype:jackson-datatype-jsr310, com.fasterxml.jackson.datatype:jackson-datatype-joda)
• Update junit-framework monorepo to v5.14.3 (org.junit.jupiter:junit-jupiter, org.junit:junit-bom)
• Update log4j2 monorepo to v2.25.4 (org.apache.logging.log4j:log4j-to-slf4j, org.apache.logging.log4j:log4j-api)
• Update plugin com.github.ben-manes.versions to v0.53.0
• Update plugin io.freefair.lombok to v8.14.4
• Update spring data to v3.5.10 (org.springframework.data:spring-data-jpa, org.springframework.data:spring-data-commons)
• Update spring security (org.springframework.security:spring-security-oauth2-authorization-server, org.springframework.security:spring-security-oauth2-jose, org.springframework.security:spring-security-web, org.springframework.security:spring-security-taglibs, org.springframework.security:spring-security-core)
• Update actions/checkout action to v6
• Update actions/setup-java action to v5
• Update dependency checkstyle to v13
• Update dependency com.azure.spring:spring-cloud-azure-starter-active-directory to v7
• Update dependency com.github.hmcts.java-logging:logging to v8
• Update dependency org.springdoc:springdoc-openapi-starter-webmvc-ui to v3
• Update github/codeql-action action to v4
• Update Gradle to v9
• Update junit-framework monorepo to v6 (major) (org.junit.jupiter:junit-jupiter, org.junit:junit-bom)
• Update plugin io.freefair.lombok to v9
• Update plugin org.owasp.dependencycheck to v12
• Update plugin org.sonarqube to v7
• Update spring boot to v4 (major) (org.springframework.boot:spring-boot-starter-tomcat, org.springframework.boot:spring-boot-starter-test, org.springframework.boot:spring-boot-starter-security, org.springframework.boot:spring-boot-starter-jersey, org.springframework.boot:spring-boot-starter-data-jpa, org.springframework.boot:spring-boot-starter-web, org.springframework.boot:spring-boot-starter-actuator, org.springframework.boot)
• Update spring core to v7 (major) (org.springframework:spring-context-support, org.springframework:spring-context, org.springframework:spring-tx)
• Update spring data to v4 (major) (org.springframework.data:spring-data-jpa, org.springframework.data:spring-data-commons)
• Update spring security to v7 (major) (org.springframework.security:spring-security-oauth2-authorization-server, org.springframework.security:spring-security-oauth2-jose, org.springframework.security:spring-security-web, org.springframework.security:spring-security-taglibs, org.springframework.security:spring-security-core)
• 🔐 Create all rate-limited PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency org.apache.tomcat.embed:tomcat-embed-core to v10.1.53
• Update dependency org.quartz-scheduler:quartz to v2.5.2
• Update dependency io.jsonwebtoken:jjwt to v0.13.0
• Update spring boot to v3.5.13 (org.springframework.boot:spring-boot-starter-tomcat, org.springframework.boot:spring-boot-starter-test, org.springframework.boot:spring-boot-starter-security, org.springframework.boot:spring-boot-starter-jersey, org.springframework.boot:spring-boot-starter-data-jpa, org.springframework.boot:spring-boot-starter-web, org.springframework.boot:spring-boot-starter-actuator, org.springframework.boot)
• Update spring core to v6.2.17 (org.springframework:spring-context-support, org.springframework:spring-context, org.springframework:spring-tx)
• Update dependency org.apache.tomcat.embed:tomcat-embed-core to v11
• Update dependency org.apache.tomcat.embed:tomcat-embed-jasper to v11
• Update dependency org.apache.tomcat.embed:tomcat-embed-websocket to v11
• Update dependency org.dbunit:dbunit to v3
• Update dependency pmd to v7.23.0
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

docker-compose (2)

docker-compose.yml

mockipdmanager/docker-compose.yml

dockerfile (2)

Dockerfile (1)

• hmctspublic.azurecr.io/base/java 21-distroless

mockipdmanager/Dockerfile (1)

• hmctspublic.azurecr.io/base/java 21-distroless

github-actions (3)

.github/workflows/ci.yml (2)

• actions/checkout v4 → [Updates: v6]
• actions/setup-java v4 → [Updates: v5]

.github/workflows/codeql.yml (5)

• actions/checkout v4 → [Updates: v6]
• github/codeql-action v3 → [Updates: v4]
• actions/setup-java v4 → [Updates: v5]
• github/codeql-action v3 → [Updates: v4]
• github/codeql-action v3 → [Updates: v4]

.github/workflows/publish-openapi.yaml (1)

• hmcts/workflow-publish-openapi-spec v1

gradle (4)

build.gradle (59)

• io.spring.dependency-management 1.1.7
• org.springframework.boot 3.3.5 → [Updates: 3.5.13, 4.0.5]
• com.github.ben-manes.versions 0.52.0 → [Updates: 0.53.0]
• org.owasp.dependencycheck 10.0.4 → [Updates: 12.2.0]
• org.sonarqube 5.1.0.4882 → [Updates: 7.2.3.7755]
• io.freefair.lombok 8.13 → [Updates: 8.14.4, 9.2.0]
• checkstyle 10.26.1 → [Updates: 13.4.0]
• pmd 7.5.0 → [Updates: 7.23.0]
• org.springframework.boot:spring-boot-starter-actuator 3.3.5 → [Updates: 3.5.13, 4.0.5]
• org.springframework.boot:spring-boot-starter-web 3.3.5 → [Updates: 3.5.13, 4.0.5]
• org.springframework.boot:spring-boot-starter-data-jpa 3.3.5 → [Updates: 3.5.13, 4.0.5]
• org.springframework.data:spring-data-commons 3.4.3 → [Updates: 3.5.10, 4.0.4]
• org.springframework.data:spring-data-jpa 3.4.3 → [Updates: 3.5.10, 4.0.4]
• org.hibernate:hibernate-entitymanager 5.6.15.Final
• org.postgresql:postgresql 42.7.8 → [Updates: 42.7.10]
• org.springframework.security:spring-security-core 6.4.3 → [Updates: 6.5.9, 7.0.4]
• org.thymeleaf.extras:thymeleaf-extras-springsecurity5 3.1.3.RELEASE
• org.apache.httpcomponents:httpclient 4.5.14
• io.jsonwebtoken:jjwt 0.9.1 → [Updates: 0.13.0]
• org.springframework:spring-tx 6.1.14 → [Updates: 6.2.17, 7.0.6]
• org.dbunit:dbunit 2.8.0 → [Updates: 3.0.0]
• joda-time:joda-time 2.13.1 → [Updates: 2.14.1]
• org.springframework.security:spring-security-taglibs 6.4.3 → [Updates: 6.5.9, 7.0.4]
• org.springframework.security:spring-security-web 6.4.3 → [Updates: 6.5.9, 7.0.4]
• org.quartz-scheduler:quartz 2.5.0 → [Updates: 2.5.2]
• org.apache.cxf:cxf-spring-boot-starter-jaxrs 4.1.4 → [Updates: 4.2.0]
• com.github.hmcts.java-logging:logging 6.1.9 → [Updates: 8.0.0]
• org.apache.logging.log4j:log4j-api 2.24.3 → [Updates: 2.25.4]
• org.apache.logging.log4j:log4j-to-slf4j 2.24.3 → [Updates: 2.25.4]
• javax.servlet:servlet-api 3.0-alpha-1
• com.fasterxml.jackson.datatype:jackson-datatype-joda 2.20.1 → [Updates: 2.21.2]
• org.springframework.boot:spring-boot-starter-jersey 3.3.5 → [Updates: 3.5.13, 4.0.5]
• org.owasp.esapi:esapi 2.6.0.0 → [Updates: 2.7.0.0]
• org.jasypt:jasypt 1.9.3
• org.springframework:spring-context 6.1.14 → [Updates: 6.2.17, 7.0.6]
• org.springframework:spring-context-support 6.1.14 → [Updates: 6.2.17, 7.0.6]
• org.apache.tomcat.embed:tomcat-embed-jasper 10.1.50 → [Updates: 10.1.53, 11.0.20]
• org.glassfish.web:jakarta.servlet.jsp.jstl 3.0.1
• jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api 3.0.2
• org.yaml:snakeyaml 2.4 → [Updates: 2.6]
• org.apache.tomcat.embed:tomcat-embed-core 10.1.50 → [Updates: 10.1.53, 11.0.20]
• org.apache.tomcat.embed:tomcat-embed-websocket 10.1.52 → [Updates: 10.1.53, 11.0.20]
• org.apache.xmlgraphics:batik-css 1.18 → [Updates: 1.19]
• com.mchange:c3p0 0.11.2 → [Updates: 0.12.0]
• com.fasterxml.jackson.datatype:jackson-datatype-jsr310 2.18.3 → [Updates: 2.21.2]
• org.htmlunit:neko-htmlunit 4.10.0 → [Updates: 4.21.0]
• ch.qos.logback:logback-core 1.5.23 → [Updates: 1.5.32]
• ch.qos.logback:logback-classic 1.5.23 → [Updates: 1.5.32]
• javax.validation:validation-api 2.0.1.Final
• org.springframework.boot:spring-boot-starter-security 3.3.5 → [Updates: 3.5.13, 4.0.5]
• org.owasp.antisamy:antisamy 1.7.8
• com.azure.spring:spring-cloud-azure-starter-active-directory 5.23.0 → [Updates: 5.25.0, 7.1.0]
• org.springframework.security:spring-security-oauth2-jose 6.4.3 → [Updates: 6.5.9, 7.0.4]
• org.springframework.security:spring-security-oauth2-authorization-server 1.4.2 → [Updates: 1.5.6, 7.0.4]
• org.springframework.boot:spring-boot-starter-test 3.3.5 → [Updates: 3.5.13, 4.0.5]
• org.easymock:easymock 5.5.0 → [Updates: 5.6.0]
• org.mockito:mockito-junit-jupiter 5.16.0 → [Updates: 5.23.0]
• org.junit.jupiter:junit-jupiter 5.12.0 → [Updates: 5.14.3, 6.0.3]
• org.springframework.boot:spring-boot-starter-tomcat 3.3.5 → [Updates: 3.5.13, 4.0.5]

mockipdmanager/build.gradle (13)

• io.spring.dependency-management 1.1.7
• org.springframework.boot 3.3.5 → [Updates: 3.5.13, 4.0.5]
• org.owasp.dependencycheck 10.0.4 → [Updates: 12.2.0]
• com.github.ben-manes.versions 0.52.0 → [Updates: 0.53.0]
• org.sonarqube 5.1.0.4882 → [Updates: 7.2.3.7755]
• checkstyle 10.26.1 → [Updates: 13.4.0]
• pmd 6.55.0 → [Updates: 7.23.0]
• org.springdoc:springdoc-openapi-starter-webmvc-ui 2.8.14 → [Updates: 2.8.16, 3.0.2]
• com.github.hmcts.java-logging:logging 6.1.9 → [Updates: 8.0.0]
• org.apache.logging.log4j:log4j-api 2.24.3 → [Updates: 2.25.4]
• org.apache.logging.log4j:log4j-to-slf4j 2.24.3 → [Updates: 2.25.4]
• jakarta.ws.rs:jakarta.ws.rs-api 4.0.0
• org.junit:junit-bom 5.12.0 → [Updates: 5.14.3, 6.0.3]

mockipdmanager/settings.gradle

settings.gradle

gradle-wrapper (2)

gradle/wrapper/gradle-wrapper.properties (1)

• gradle 8.13 → [Updates: 8.14.4, 9.4.1]

mockipdmanager/gradle/wrapper/gradle-wrapper.properties (1)

• gradle 8.13 → [Updates: 8.14.4, 9.4.1]

helm-values (1)

charts/pdda-public-display-manager/values.yaml

helmv3 (1)

charts/pdda-public-display-manager/Chart.yaml (1)

• java 5.3.0

renovate-config-presets (1)

.github/renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository