Bump the prod-deps group across 1 directory with 3 updates

[dependabot]

Bumps the prod-deps group with 3 updates in the / directory: org.springframework.boot:spring-boot-starter-parent, org.springframework.cloud:spring-cloud-dependencies and org.apache.maven.plugins:maven-release-plugin.

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.7 to 4.0.0

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v4.0.0

Full release notes for Spring Boot 4.0 are available on the wiki. There is also a migration guide to help you upgrade from Spring Boot 3.5.

⭐ New Features

• Change tomcat and jetty runtime modules to starters #48175
• Rename spring-boot-kotlin-serialization to align with the name of the Kotlinx module that it pulls in #48076

🐞 Bug Fixes

• Error properties are a general web concern and should not be located beneath server.* #48201
• With both Jackson 2 and 3 on the classpath, @JsonTest fails due to duplicate jacksonTesterFactoryBean #48198
• Gradle war task does not exclude starter POMs from lib-provided #48197
• spring.test.webclient.mockrestserviceserver.enabled is not aligned with its module's name #48193
• SslMeterBinder doesn't register metrics for dynamically added bundles if no bundles exist at bind time #48182
• Properties bound in the child management context ignore the parent's environment prefix #48177
• ssl.chain.expiry metrics doesn't update for dynamically registered SSL bundles #48171
• Starter for spring-boot-micrometer-metrics is missing #48161
• Elasticsearch client's sniffer functionality should not be enabled by default #48155
• spring-boot-starter-elasticsearch should depend on elasticsearch-java #48141
• Auto-configuration exclusions are checked using a different class loader to the one that loads auto-configuration classes #48132
• New arm64 macbooks fail to bootBuildImage due to incorrect platform image #48128
• Properties for configuring an isolated JsonMapper or ObjectMapper are incorrectly named #48116
• Buildpack fails with recent Docker installs due to hardcoded version in URL #48103
• Image building may fail when specifying a platform if an image has already been built with a different platform #48099
• Default values of Kotlinx Serialization JSON configuration properties are not documented #48097
• Custom XML converters should override defaults in HttpMessageConverters #48096
• Kotlin serialization is used too aggressively when other JSON libraries are available #48070
• PortInUseException incorrectly thrown on failure to bind port due to Netty IP misconfiguration #48059
• Auto-configured JCacheMetrics cannot be customized #48057
• WebSecurityCustomizer beans are excluded by WebMvcTest #48055
• Deprecated EnvironmentPostProcessor does not resolve arguments #48047
• RetryPolicySettings should refer to maxRetries, not maxAttempts #48023
• Devtools Restarter does not work with a parameterless main method #47996
• Dependency management for Kafka should not manage Scala 2.12 libraries #47991
• spring-boot-mail should depend on jakarta.mail:jakarta.mail-api and org.eclipse.angus:angus-mail instead of org.eclipse.angus:jakarta.mail #47983
• spring-boot-starter-data-mongodb-reactive has dependency on reactor-test #47982
• Support for ReactiveElasticsearchClient is in the wrong module #47848

📔 Documentation

• Removed property spring.test.webclient.register-rest-template is still documented #48199
• Mention support for detecting AWS ECS in "Deploying to the Cloud" #48170
• Revise AWS section of "Deploying to the Cloud" in reference manual #48163
• Fix typo in PortInUseException Javadoc #48134
• Correct section about required setters in "Type-safe Configuration Properties" #48131
• Use since attribute in configuration properties deprecation consistently #48122
• Document EndpointJsonMapper and management.endpoints.jackson.isolated-json-mapper #48115
• Document support for configuring servlet context init parameters using properties #48112
• Some configuration properties are not documented in the appendix #48095

... (truncated)

Commits

• 1c0e08b Release v4.0.0
• 3487928 Merge branch '3.5.x'
• 29b8e96 Switch make-default in preparation for Spring Boot 4.0.0
• 88da0dd Merge branch '3.5.x'
• 56feeaa Next development version (v3.5.9-SNAPSHOT)
• 3becdc7 Move server.error properties to spring.web.error
• 2b30632 Merge branch '3.5.x'
• 4f03b44 Merge branch '3.4.x' into 3.5.x
• 3d15c13 Next development version (v3.4.13-SNAPSHOT)
• dc140df Upgrade to Spring Framework 7.0.1
• Additional commits viewable in compare view

Updates org.springframework.cloud:spring-cloud-dependencies from 2025.0.0 to 2025.1.0

Commits

• fad431d Update SNAPSHOT to 2025.1.0
• 922da91 Merge pull request #444 from spring-cloud/dependabot/github_actions/main/acti...
• 56207f4 Bump actions/checkout from 5 to 6
• f9e1a3a Updates GenerateReleaseTrainDocs to use property from bom for boot version.
• 36f42b2 Removes spring-cloud-starter-parent
• 250329c Bumping versions
• ef9f533 Updates boot to 4.0.0
• 3c1ebc0 Bumping versions
• 35cf36e Going back to snapshots
• bd1fc81 Update SNAPSHOT to 2025.1.0-RC1
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-release-plugin from 3.2.0 to 3.3.0

Release notes

Sourced from org.apache.maven.plugins:maven-release-plugin's releases.

3.3.0

💥 Breaking changes

• Include "[ci skip]" by default in scmReleaseCommitComment (#1423) @​kwin

🚀 New features and improvements

• Fixed #1426 : Replace archived org.semver:api with custom SemVer implementation (#1430) @​HarshMehta112
• Introduce new SemVer policies (#1424) @​slawekjaranowski
• Include "[ci skip]" by default in scmReleaseCommitComment (#1423) @​kwin

🐛 Bug Fixes

• Check all project parents for SCM information. (#1421) @​slawekjaranowski

👻 Maintenance

• Fix license header in xml files (#1443) @​slawekjaranowski
• Make implementation of new SemVer policies private for project (#1440) @​slawekjaranowski
• Resolve todo that led to pointless asserts (#1442) @​elharo
• Prefer JDK join method (#1434) @​elharo
• Remove old-style plexus annotation (#1432) @​elharo
• Clean up exceptions (#1433) @​elharo
• Replace deprecated classes (#1438) @​elharo
• Simplify code (#1429) @​elharo
• Fix spelling typo (#1431) @​elharo
• Prefer JDK join method (#1428) @​elharo
• Fixed #1410 [DOCS] Update Javadoc return tags in ReleaseDescriptor.java (#1427) @​HarshMehta112
• Remove manual configuration for plugin requirementsHistories (#1425) @​slawekjaranowski
• Correct misleading @​return descriptions in Javadoc (#1413) @​HarshMehta112
• Migrate JUnit 3/4 to JUnit 5 (#1414) @​slawekjaranowski
• Add tag-template to release-drafter configuration (#1415) @​slawekjaranowski
• Fix assertions and cleanups in Mojo Tests (#1412) @​slawekjaranowski
• Fix Javadoc issues per Oracle conventions (#1408) @​elharo
• Migrate JUnit 3/4 to JUnit 5 (#1411) @​slawekjaranowski

📦 Dependency updates

• Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#1419) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-interactivity-api from 1.4 to 1.5.1 (#1417) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-interpolation from 1.28 to 1.29 (#1418) @dependabot[bot]
• Bump org.xmlunit:xmlunit-core from 2.10.4 to 2.11.0 (#1395) @dependabot[bot]
• Declare used dependencies (#1407) @​elharo
• Use Maven 3.9.11 in dependencies, still required 3.6.3 (#1406) @​slawekjaranowski
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.3.0 to 3.4.0 (#1398) @dependabot[bot]

Commits

• 2b8adaa [maven-release-plugin] prepare release maven-release-3.3.0
• 88630f9 Fixed #1426 : Replace archived org.semver:api with custom SemVer implemen...
• 7af8ace Fix license header in xml files
• 8914b84 Make implementation of new SemVer policies private for project
• 7e861f0 Resolve todo that led to pointless asserts (#1442)
• 422f895 Prefer JDK join method (#1434)
• 70f56ad Remove old-style plexus annotation (#1432)
• a06c6f8 Clean up exceptions (#1433)
• 227215b Replace deprecated classes (#1438)
• 311ecf5 Back project version to 3.3.0-SNAPSHOT
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
org.springframework.cloud:spring-cloud-dependencies	[>= 2023.a, < 2024]
org.springframework.boot:spring-boot-starter-parent	[>= 3.2.a, < 3.3]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.