build(deps): bump the all group across 1 directory with 5 updates

[dependabot]

Bumps the all group with 5 updates in the /tickethub/server/springboot directory:

Package	From	To
jakarta.xml.bind:jakarta.xml.bind-api	4.0.2	4.0.4
org.hibernate:hibernate-core	7.0.5.Final	7.2.1.Final
com.styra:opa	2.0.3	2.1.1
org.springframework.boot	3.5.3	4.0.2
gradle-wrapper	8.7	9.3.0

Updates jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4

Commits

• 1df980a Update API version of : to 4.0.4
• 5548633 fix #315
• b44c5ca activation-api 2.1.4
• b106241 Create TCK challenge template
• d91e825 Merge pull request #322 from jakartaee/4.0.3-RELEASE
• 85e2fb6 Update API version of : to 4.0.4-SNAPSHOT
• cae8cae Update API version of : to 4.0.3
• 256b24e fix: Unmarshalling hexBinary with leading whitespaces yields null (#313)
• 57884ff Fix #316, Unable to override JAXBContextFactory through properties (#317)
• 3cb177a Handle empty string input for parseBase64Binary instead of throwing IllegalAr...
• Additional commits viewable in compare view

Updates org.hibernate:hibernate-core from 7.0.5.Final to 7.2.1.Final

Release notes

Sourced from org.hibernate:hibernate-core's releases.

Release 7.2.1

Hibernate ORM 7.2.1.Final released

Today, we published a new release of Hibernate ORM 7.2: 7.2.1.Final.

You can find the full list of 7.2.1.Final changes here.

What's new

• See the website for requirements and compatibilities.
• See the What's New guide for details about new features and capabilities.
• See the Migration Guide for details about migration.

Conclusion

For additional details, see:

• the release page
• the Migration Guide
• the Introduction Guide
• the User Guide
• the API docs

See also the following resources related to supported APIs:

• the compatibility policy
• the incubating API report (@Incubating)
• the deprecated API report (@Deprecated + @Remove)
• the internal API report (internal packages, @Internal)

Visit the website for details on getting in touch with us.

Release 7.2.0

Hibernate ORM 7.2.0.Final released

Today, we published a new release of Hibernate ORM 7.2: 7.2.0.Final.

You can find the full list of 7.2.0.Final changes here.

What's new

• See the website for requirements and compatibilities.
• See the What's New guide for details about new features and capabilities.
• See the Migration Guide for details about migration.

Conclusion

... (truncated)

Changelog

Sourced from org.hibernate:hibernate-core's changelog.

Changes in 7.2.1.Final (January 15, 2026)

https://hibernate.atlassian.net/projects/HHH/versions/36872

** Bug * HHH-20048 ByteArrayJavaType#isInstance wrongly considers byte[] instead of Byte[] to be an instance * HHH-20041 DB2 for z IN tuple list predicate performs badly * HHH-20037 MappedSuperClasses can be enhanced more than once resulting in Duplicate annotation interface org...EnhancementInfo Exception * HHH-20032 SubSequence.subSequence violates CharSequence contract for start == end == length() * HHH-20027 Fix failing parsing of PostgreSQL canonical lock_timeout formats (0, ms, s, min, h) * HHH-20015 Hibernate Maven Plugin 7.x does not include maven project dependencies in the enhancement classpath * HHH-20008 Bad performance of MEMBER OF translation * HHH-20005 SchemaUpdateGeneratingOnlyScriptFileTest fails if executed after PrimaryKeyColumnOrderTest * HHH-19985 Subquery embedded value selection uses wrong nested attribute type for extraction * HHH-19976 AdjustableBasicType wrongly creates derived type with existing name causing trouble for Envers * HHH-19964 ClassCastException in AbstractJsonFormatMapper * HHH-19962 Wrong Values used with Subquery and same name Attributes * HHH-19935 UuidVersion7Strategy can generate cosecutive UUIDs that are equal * HHH-19929 DB2iDialect problem with supportsRowValueConstructorSyntaxInInSubQuery * HHH-19855 at entity level is ignored in orm.xml * HHH-19075 SqmFunction.appendHqlString(…) fails with IndexOutOfBoundsException for trim rendering

** Improvement * HHH-3192 SchemaValidator nullability check

Changes in 7.2.0.Final (December 12, 2025)

https://hibernate.atlassian.net/projects/HHH/versions/36806

Changes in 7.2.0.CR4 (December 10, 2025)

https://hibernate.atlassian.net/projects/HHH/versions/36476

** Bug * HHH-19980 In JTA after-completion callbacks may get ignored * HHH-19979 processor should handle @​NamedEntityGraph with defaulted name * HHH-19975 Calling entityManager.find(clazz, id) with null id throws NullPointerException * HHH-19972 OptionalTableUpdateOperation can fail on PostgreSQL < 15 and CockroachDB * HHH-19963 Wrong references in entity fields with circular associations * HHH-19958 <generated> tag in orm.xml is not implemented * HHH-19955 Thread-safety issue in EntityEntryContext resulting in NullPointerException for Session.contains() calls. * HHH-19843 Bean Validation may fail on operations with stateless session * HHH-18871 Nested NativeQuery mappings causing 'Could not locate TableGroup' exception after migration * HHH-18217 StatelessSession.upsert() for entity with all-null non-id fields, or no non-id field

... (truncated)

Commits

• 38d9dea [Jenkins release job] Preparing release 7.2.1.Final
• 994dd51 [Jenkins release job] changelog.txt updated by release build 7.2.1.Final
• 1cbb4b7 HHH-20071 Exclude Guava from maven plugin dependencies / Update maven depende...
• eb75359 Fix build.sh condition to avoid running pre-verify on Jenkins CI
• 7df4ec7 HHH-20048 - add test for issue
• 633dff9 HHH-20048 - correct BytaArrayJavaType.isInstance()
• 23ec40d HHH-19075 Fix IndexOutOfBoundsException in trim function rendering
• b1889a5 fix minor typos in whats new
• 396c4a9 Add Quarkus testing to the 7.2 branch
• c6d8ad9 Make the 7.2 branch a limited maintenance branch
• Additional commits viewable in compare view

Updates com.styra:opa from 2.0.3 to 2.1.1

Release notes

Sourced from com.styra:opa's releases.

java - v2.1.1 - 2025-04-24 18:33:07

Generated by Speakeasy CLI

2025-04-24 18:26:03

Changes

Based on:

• OpenAPI Doc
• Speakeasy CLI 1.538.0 (2.591.1) https://github.com/speakeasy-api/speakeasy

Generated

• [java v2.1.1] .

Releases

• [Maven Central v2.1.1] https://central.sonatype.com/artifact/com.styra.opa/openapi/2.1.1 - .

java - v2.1.0 - 2025-04-24 17:26:36

Generated by Speakeasy CLI

2025-04-24 00:26:52

Changes

Based on:

• OpenAPI Doc
• Speakeasy CLI 1.538.0 (2.591.1) https://github.com/speakeasy-api/speakeasy

Generated

• [java v2.1.0] .

Releases

• [Maven Central v2.1.0] https://central.sonatype.com/artifact/com.styra.opa/openapi/2.1.0 - .

Changelog

Sourced from com.styra:opa's changelog.

2.1.1

This release is the first release of the OPA Java SDK after its donation to the open-policy-agent Github Organization. No significant code changes are included in this release, as most changes were localized to the release workflows.

1.6.0

• Fixed omission of jackson-databind dependency type change to api, which was supposed to go out with 1.5.3.

1.5.3

• Marked jackson-databind as an api dependency in addition to jackson-core.
• Fixed a bug where OPALatencyMeasuringHTTPClient would report results in ns rather than ms.

1.5.2

• Fixed a bug where instantiating OPALatencyMeasuringHTTPClient with the default constructor could result in a null pointer exception while formatting messages.

1.5.1

• Regenerated low-level API with Speakeasy 1.351.2
• Release OPALatencyMeasuringHTTPClient

Commits

• 82968bc Merge pull request #85 from StyraInc/speakeasy-sdk-regen-1745519178
• 6974ad7 post-generation for speakeasy-sdk-regen-1745519178 at Thu Apr 24 18:27:39 UTC...
• 02cb7ea empty commit to trigger [run-tests] workflow
• f4c10ce ci: regenerated with OpenAPI Doc , Speakeasy CLI 1.538.0
• 66fc8d5 Update group and artifactId that's generated by speakeasy which is now used b...
• 68fefb1 Merge pull request #84 from StyraInc/speakeasy-sdk-regen-1744299558
• 997d31f post-generation for speakeasy-sdk-regen-1744299558 at Thu Apr 24 00:28:22 UTC...
• 714429a empty commit to trigger [run-tests] workflow
• f044e36 ci: regenerated with OpenAPI Doc , Speakeasy CLI 1.538.0
• aa73d24 Prepare for migrating to Sonatype central
• See full diff in compare view

Updates org.springframework.boot from 3.5.3 to 4.0.2

Release notes

Sourced from org.springframework.boot's releases.

v4.0.2

⚠️ Noteworthy Changes

• The dependency on org.eclipse.jetty.ee11:jetty-ee11-servlets has been removed from spring-boot-jetty as it was unnecessary and unused. If your application code depends on a class from jetty-ee11-servlets, declare a dependency on it in your build configuration. #48677

🐞 Bug Fixes

• No TransactionAutoConfiguration with spring-boot-starter-kafka for Spring Boot 4 #48880
• Evaluation of bean conditions unnecessarily queries the bean factory for types that are not present #48840
• When a bean condition references a type that is not present, it appears as ? in the condition evaluation report #48838
• SessionAutoConfiguration creates a DefaultCookieSerializer with a default SameSite of null instead of Lax #48830
• Setting graphql schema location to "classpath*:graphql/**/" causes failure due to incorrectly packaged test resource #48829
• Message interpolation by MVC and WebFlux's Validators does not work correctly in a native image #48828
• CloudFoundry integration fails in Servlet-based web app without a dependency on spring-boot-starter-restclient #48826
• RestTestClientAutoConfiguration and TestRestTemplateAutoConfiguration should be package-private #48820
• SSL metrics are no longer auto-configured #48819
• Actuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) #48812
• DataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image #48703
• The spring-boot-cloudfoundry module should only have an optional dependency on spring-boot-security #48685
• Application JAR created by extract command is not reproductible #48678
• AOT processing of tests should not be disabled when 'skipTests' is set #48662
• @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) is no longer applied to the management server #48653
• Fix zero-length byte buffer in InspectedContent #48650
• Can no longer override JacksonJsonHttpMessageConverter with ServerHttpMessageConvertersCustomizer #48635
• HttpServiceClientProperties incorrectly uses the @ConfigurationProperties annotation on a LinkedHashMap class #48616
• spring-boot-micrometer-tracing-opentelemetry fails if spring-boot-opentelemetry isn't there #48585
• App fails to start with starter-webmvc and starter-zipkin #48581
• Micrometer test modules should have an api dependency on micrometer-observation-test #48386

📔 Documentation

• Fix typo in REST client documentation #48907
• Remove duplicate word #48874
• Document support for configuring arguments passed to Docker Compose #48806
• The documentation related to EnvironmentPostProcessor links to deprecated interface #48803
• Update documentation for Buildpack's AOT Cache support #48769
• Correct docs to use new location for error handling configuration properties #48767
• Document spring-boot-starter-cloudfoundry on Cloud Foundry Support Page #48675
• Clarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file #48659
• Example using excludeDevtools property should document that optional dependencies should be enabled #48641
• Fix grammar and typos in the reference guide #48601
• Update Tracing section for Spring Boot 4's modularity #48576

🔨 Dependency Upgrades

• Upgrade to Classmate 1.7.3 #48783
• Upgrade to Elasticsearch Client 9.2.3 #48721
• Upgrade to Hibernate 7.2.1.Final #48857
• Upgrade to HttpClient5 5.5.2 #48784
• Upgrade to Jackson 2 Bom 2.20.2 #48910

... (truncated)

Commits

• fae3545 Release v4.0.2
• 9fde744 Merge branch '3.5.x' into 4.0.x
• 650236d Remove breaking and unnecessary Undertow TLS with RSA test
• 547bc77 Upgrade to Spring Batch 6.0.2
• 4387cbb Upgrade to Jackson Bom 3.0.4
• abec26e Polish
• f677fba Upgrade to Spring Integration 7.0.2
• 849c2ee Upgrade to Spring GraphQL 2.0.2
• facd456 Upgrade to Nullability Plugin 0.0.10
• e99c08f Merge branch '3.5.x' into 4.0.x
• Additional commits viewable in compare view

Updates gradle-wrapper from 8.7 to 9.3.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions