lingwei.kong/hawkbit
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
4,036 Commits 1 Branch 0 Tags
542e440ad7efea24573a5739d90879e8804eda4d
Commit Graph

4036 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
542e440ad7 Bump com.diffplug.spotless:spotless-maven-plugin from 3.5.0 to 3.5.1 (#3090) 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](https://github.com/diffplug/spotless/compare/maven/3.5.0...maven/3.5.1)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.5.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-19 09:59:27 +03:00
dependabot[bot]
f4323c18f0 Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.2 to 3.6.3 (#3089) 
Bumps [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.6.2 to 3.6.3.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.6.2...enforcer-3.6.3)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-version: 3.6.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-19 09:58:59 +03:00
Vasil Ilchev
2a4c12fd29 Fix/exception mapper (#3083) 
* Added mapping for OptimisticLockingFailureException in ExceptionMapper for proper propagation

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

* Added ExceptionMapperTest

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

---------

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>
 2026-05-18 09:22:49 +03:00
dependabot[bot]
60f006cfa1 Bump com.diffplug.spotless:spotless-maven-plugin from 3.4.0 to 3.5.0 (#3085) 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](https://github.com/diffplug/spotless/compare/maven/3.4.0...maven/3.5.0)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-18 09:11:44 +03:00
github-actions[bot]
c3a738528f [Release] Automated commit of .3rd-party/DEPENDENCIES changes 2026-05-18 03:13:04 +00:00
Stanislav Trailov
39aaa8c943 remove duplicate ref definition (#3084) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-05-15 12:03:10 +03:00
clayly
eba16e529e Add indexes on sp_action.rollout and rollout_group (#3045) 
* perf(repository): add indexes on sp_idx_action_rollout_group_status and sp_idx_action_rollout_status

Rollout monitoring queries (existsByRolloutId, getStatusCountByRolloutId, getStatusCountByRolloutGroupId) filter by rollout or rollout_group on sp_action. The flyway baseline did not index either column, so Postgres
falls back to Seq Scan on every monitoring poll. With 16k action rows this is meaningful — the group-count query takes ~500 ms without the index and ~27 ms with it (Index Only Scan, Heap Fetches: 0).

Bench (16k rows, 1000 iter):
- WHERE tenant=? AND rollout_group=?           18.6x faster on PG
                                               17.6x faster on YugabyteDB
- WHERE tenant=? AND rollout=? GROUP BY status  2.5x faster on PG
                                                1.5x faster on YugabyteDB

Adds V1_20_2 sibling migrations for POSTGRESQL, H2, and MYSQL.
 2026-05-15 10:54:39 +03:00
clayly
663737396c Fix range download: use real seek instead of read-and-discard (#3044) 
* perf(rest): fix range download to use real seek

FileStreamingUtil.copyStreams called IOUtils.skipFully(from, start),
which reads start bytes through a 2KB scratch buffer. Combined with
ArtifactStream not overriding skip(long), a Range request at offset
600MB on an 800MB artifact made the server read+discard 600MB before
serving any payload. With 80 concurrent devices this saturated CPU.

Fix:
- ArtifactStream.skip(long) now delegates to the wrapped stream so a
  FileInputStream can lseek(2). Non-seekable backends (CipherInputStream
  for encrypted artifacts, S3 streams) keep their existing behaviour.
- FileStreamingUtil.copyStreams uses InputStream.skipNBytes(start)
  instead of IOUtils.skipFully so the call chain reaches the underlying
  skip().

JMH (single thread, 600MB offset, 1MB read): 27.21 ms -> 0.034 ms (800x).
Real stack (80 parallel curl, 1MB range at 600MB offset): avg 728 ms ->
28 ms (26x), p99 966 ms -> 54 ms.

Adds JMH test-scope dep and FileStreamingBenchmark/BufferSizeBenchmark
for regression detection. Both gated on -Dperf=true so default test
runs stay fast.

* perf(rest): drop JMH benchmarks per upstream review

Eclipse hawkBit minimizes dependencies. Drop jmh-core / jmh-generator-annprocess
test-scope deps (also GPL-2.0 — not EPL-2.0 compatible) and the two
JMH benchmarks added with the seek fix. Move the BUFFER_SIZE rationale
into an inline comment in FileStreamingUtil so the empirical reasoning
behind keeping the 8 KiB constant stays discoverable.

The benchmarks may be reintroduced as a separate PR if upstream wants a
perf-regression harness later.
 2026-05-14 11:17:32 +03:00
Avgustin Marinov
6311e64ea9 Clean up distribution lock (#3081) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-05-14 09:10:17 +03:00
Vasil Ilchev
275348d524 Fix JdbcLockRegistry ttl (#3080) 
Signed-off-by: vasilchev <vasil.ilchev@bosch.com>
 2026-05-13 11:51:29 +03:00
Stanislav Trailov
f7f94291ad Add ref & sha to upload sarif in trivy workflow (#3079) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-05-13 09:36:01 +03:00
dependabot[bot]
d4c95ca5e0 Bump io.swagger.core.v3:swagger-annotations-jakarta (#3078) 
Bumps io.swagger.core.v3:swagger-annotations-jakarta from 2.2.49 to 2.2.50.

---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-annotations-jakarta
  dependency-version: 2.2.50
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-13 08:43:27 +03:00
Avgustin Marinov
601e770cc5 Restrict 1.0 org.springframework.shell versions (#3074) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-05-12 10:27:19 +03:00
Avgustin Marinov
94b32ae75b Fix vaadin 1.0 constaring in dependabot (#3073) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-05-12 09:58:08 +03:00
Avgustin Marinov
7ccba8ef86 Restrict updates for 1.0 branch (#3067) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-05-12 09:34:50 +03:00
dependabot[bot]
895463899e Bump org.springframework.ai:spring-ai-bom from 1.1.5 to 1.1.6 (#3061) 
Bumps [org.springframework.ai:spring-ai-bom](https://github.com/spring-projects/spring-ai) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/spring-projects/spring-ai/releases)
- [Commits](https://github.com/spring-projects/spring-ai/compare/v1.1.5...v1.1.6)

---
updated-dependencies:
- dependency-name: org.springframework.ai:spring-ai-bom
  dependency-version: 1.1.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-12 08:40:20 +03:00
Florian BEZANNIER
8d83218dc8 Improve oauth2 (#3014) 
* feat: add custom header to oauth2 req

* fix: current.getClass() raise NPE

* fix: use access token instead of id token

* fix: missing dependency

* feat: add oauth2 login from swagger-ui

* docs: update oauth2 configuration
 2026-05-11 14:50:47 +03:00
Stanislav Trailov
394048a583 Allow input ref parameter in order to see a branch in the reports (#3060) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-05-11 10:50:19 +03:00
github-actions[bot]
0fff8c2660 [Release] Automated commit of .3rd-party/DEPENDENCIES changes 2026-05-11 03:11:31 +00:00
Desislava Marinova
792746728f Update java docker image version to 21.0.11_10 (#3057) 2026-05-08 11:05:22 +03:00
Stanislav Trailov
b28071933c Fix netty vulnerabilities (#3056) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-05-08 10:12:13 +03:00
dependabot[bot]
bbf71da6de Bump vaadin.version from 25.1.4 to 25.1.5 (#3047) 
Bumps `vaadin.version` from 25.1.4 to 25.1.5.

Updates `com.vaadin:vaadin-bom` from 25.1.4 to 25.1.5

Updates `com.vaadin:vaadin-maven-plugin` from 25.1.4 to 25.1.5
- [Release notes](https://github.com/vaadin/platform/releases)
- [Commits](https://github.com/vaadin/platform/compare/25.1.4...25.1.5)

---
updated-dependencies:
- dependency-name: com.vaadin:vaadin-bom
  dependency-version: 25.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.vaadin:vaadin-maven-plugin
  dependency-version: 25.1.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-08 09:15:15 +03:00
Stanislav Trailov
976106c75f Enable trivy and dependabot on 1.0 branch (#3046) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-05-07 09:59:37 +03:00
github-actions[bot]
111658a548 [Release] Automated commit of .3rd-party/DEPENDENCIES changes 2026-05-04 03:10:53 +00:00
dependabot[bot]
eb53cfaaa2 Bump vaadin.version from 25.1.3 to 25.1.4 (#3043) 
Bumps `vaadin.version` from 25.1.3 to 25.1.4.

Updates `com.vaadin:vaadin-bom` from 25.1.3 to 25.1.4

Updates `com.vaadin:vaadin-maven-plugin` from 25.1.3 to 25.1.4
- [Release notes](https://github.com/vaadin/platform/releases)
- [Commits](https://github.com/vaadin/platform/compare/25.1.3...25.1.4)

---
updated-dependencies:
- dependency-name: com.vaadin:vaadin-bom
  dependency-version: 25.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.vaadin:vaadin-maven-plugin
  dependency-version: 25.1.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-30 09:26:09 +03:00
dependabot[bot]
47e14cf042 Bump io.swagger.core.v3:swagger-annotations-jakarta (#3042) 
Bumps io.swagger.core.v3:swagger-annotations-jakarta from 2.2.48 to 2.2.49.

---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-annotations-jakarta
  dependency-version: 2.2.49
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-29 08:33:02 +03:00
dependabot[bot]
a73b1ab3cf Bump org.springframework.ai:spring-ai-bom from 1.1.4 to 1.1.5 (#3040) 
Bumps [org.springframework.ai:spring-ai-bom](https://github.com/spring-projects/spring-ai) from 1.1.4 to 1.1.5.
- [Commits](https://github.com/spring-projects/spring-ai/compare/v1.1.4...v1.1.5)

---
updated-dependencies:
- dependency-name: org.springframework.ai:spring-ai-bom
  dependency-version: 1.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-28 13:14:54 +03:00
Vasil Ilchev
4b83c78618 Fix cleaner clean reference to service before call on it - chain api (#3041) 
* Fix cleaner clean reference to service before call on it - chain api

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

* style and comment fix

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

---------

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>
 2026-04-28 13:13:35 +03:00
dependabot[bot]
ce444f9934 Bump spring-shell.version from 4.0.0 to 4.0.2 (#3037) 
Bumps `spring-shell.version` from 4.0.0 to 4.0.2.

Updates `org.springframework.shell:spring-shell-starter` from 4.0.0 to 4.0.2
- [Release notes](https://github.com/spring-projects/spring-shell/releases)
- [Commits](https://github.com/spring-projects/spring-shell/compare/v4.0.0...v4.0.2)

Updates `org.springframework.shell:spring-shell-jline` from 4.0.0 to 4.0.2
- [Release notes](https://github.com/spring-projects/spring-shell/releases)
- [Commits](https://github.com/spring-projects/spring-shell/compare/v4.0.0...v4.0.2)

---
updated-dependencies:
- dependency-name: org.springframework.shell:spring-shell-starter
  dependency-version: 4.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.shell:spring-shell-jline
  dependency-version: 4.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 08:36:05 +03:00
github-actions[bot]
5362dbeb9a [Release] Automated commit of .3rd-party/DEPENDENCIES changes 2026-04-27 03:29:14 +00:00
Stanislav Trailov
b63ded1b2b Use AccessContext.actor() in getApprovalUser in default rollout approval strategy (#3036) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-04-24 16:20:53 +03:00
Avgustin Marinov
160576baac Bump Spring Boot to 4.0.6 (#3034) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-24 09:01:55 +03:00
dependabot[bot]
897256a042 Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#3033) 
Bumps commons-io:commons-io from 2.21.0 to 2.22.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-version: 2.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-24 08:27:31 +03:00
dependabot[bot]
7441e87751 Bump aquasecurity/trivy-action from 0.35.0 to 0.36.0 (#3032) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.35.0 to 0.36.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-24 08:27:08 +03:00
clayly
2e53a66b79 Fix test assertions that depend on undefined row ordering (#3007) 
* Fix test assertions that depend on undefined row ordering

Several tests use containsExactly() or index-based comparison on query
results that have no ORDER BY clause. SQL does not guarantee row ordering
without explicit ORDER BY, and databases like YugabyteDB return results
in a different (but valid) order than PostgreSQL/H2.

These tests verify set membership (correct targets assigned, correct
actions stored), not ordering. Changed to order-independent assertions:

- AutoAssignTest: containsExactly -> containsExactlyInAnyOrder
- ControllerManagementTest: index-based loop -> containsExactlyInAnyOrderElementsOf
- TargetFilterQueryManagementTest: containsExactly -> containsExactlyInAnyOrder

Verified passing on H2 (default) and YugabyteDB (PostgreSQL-compatible).

* Trigger ECA re-check
 2026-04-21 17:21:38 +03:00
clayly
bdb87a95d9 Fix LIKE on non-String fields failing on PostgreSQL (#3008) 
* Fix LIKE on non-String fields failing on PostgreSQL-compatible databases

The like() and notLike() methods in SpecificationBuilder relied on
catching a Hibernate-specific CoercionException when LIKE was applied
to non-String fields (e.g. bigint) with a wildcard-only value. However,
with EclipseLink the invalid SQL is sent directly to the database,
where PostgreSQL and compatible databases (YugabyteDB, CockroachDB)
reject it with "operator does not exist: bigint ~~ text".

Move the non-String field check before building the SQL predicate,
making it database-agnostic and JPA-provider-agnostic. A wildcard-only
LIKE on a non-String field is semantically equivalent to IS NOT NULL
(and NOT LIKE to IS NULL), which is what the fallback already produced.

* Trigger ECA re-check
 2026-04-21 15:45:02 +03:00
dependabot[bot]
4cb5b161f1 Bump org.jsoup:jsoup from 1.22.1 to 1.22.2 (#3031) 
Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.22.1 to 1.22.2.
- [Release notes](https://github.com/jhy/jsoup/releases)
- [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES.md)
- [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.22.1...jsoup-1.22.2)

---
updated-dependencies:
- dependency-name: org.jsoup:jsoup
  dependency-version: 1.22.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-21 13:52:46 +03:00
dependabot[bot]
f6ece97b81 Bump io.github.openfeign:feign-hc5 from 13.11 to 13.12 (#3030) 
Bumps [io.github.openfeign:feign-hc5](https://github.com/openfeign/feign) from 13.11 to 13.12.
- [Release notes](https://github.com/openfeign/feign/releases)
- [Changelog](https://github.com/OpenFeign/feign/blob/master/CHANGELOG.md)
- [Commits](https://github.com/openfeign/feign/compare/13.11...13.12)

---
updated-dependencies:
- dependency-name: io.github.openfeign:feign-hc5
  dependency-version: '13.12'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-21 13:52:22 +03:00
Avgustin Marinov
c029c88db6 Improved AccessContext (#3029) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-21 13:51:37 +03:00
Stanislav Trailov
f2edc36e11 Add verify with Postgre (#3005) 
* Add verify with Postgre

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* make them only on trigger manually

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-04-20 10:04:12 +03:00
dependabot[bot]
8473212f59 Bump vaadin.version from 25.1.2 to 25.1.3 (#3028) 
Bumps `vaadin.version` from 25.1.2 to 25.1.3.

Updates `com.vaadin:vaadin-bom` from 25.1.2 to 25.1.3

Updates `com.vaadin:vaadin-maven-plugin` from 25.1.2 to 25.1.3
- [Release notes](https://github.com/vaadin/platform/releases)
- [Commits](https://github.com/vaadin/platform/compare/25.1.2...25.1.3)

---
updated-dependencies:
- dependency-name: com.vaadin:vaadin-bom
  dependency-version: 25.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.vaadin:vaadin-maven-plugin
  dependency-version: 25.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 08:38:51 +03:00
Avgustin Marinov
e9aa13e68f Improved SDK Setup - defaults (#3027) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-17 16:48:43 +03:00
dependabot[bot]
b4a171b4db Bump io.swagger.core.v3:swagger-annotations-jakarta (#3026) 
Bumps io.swagger.core.v3:swagger-annotations-jakarta from 2.2.47 to 2.2.48.

---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-annotations-jakarta
  dependency-version: 2.2.48
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-17 08:52:29 +03:00
dependabot[bot]
311e08744e Bump vaadin.version from 25.0.3 to 25.1.2 (#3025) 
Bumps `vaadin.version` from 25.0.3 to 25.1.2.

Updates `com.vaadin:vaadin-bom` from 25.0.3 to 25.1.2

Updates `com.vaadin:vaadin-maven-plugin` from 25.0.3 to 25.1.2
- [Release notes](https://github.com/vaadin/platform/releases)
- [Commits](https://github.com/vaadin/platform/compare/25.0.3...25.1.2)

---
updated-dependencies:
- dependency-name: com.vaadin:vaadin-bom
  dependency-version: 25.1.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.vaadin:vaadin-maven-plugin
  dependency-version: 25.1.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-17 08:52:03 +03:00
Avgustin Marinov
37559cdedc Cleanup/fix jackson 2 -> 3 migration (#3024) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-16 13:29:26 +03:00
Avgustin Marinov
000dd97bbc Bump some action versions (#3023) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-16 09:37:36 +03:00
Avgustin Marinov
82ee1cc4e6 Fix sonar findings on 21 style (#3020) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 16:57:10 +03:00
Avgustin Marinov
643e96b7b1 Add explicit codeql workflow (#3019) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 16:01:23 +03:00
Avgustin Marinov
8a078f8ee7 Fix requireJavaVersion -> 21 (#3018) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 15:42:05 +03:00
Avgustin Marinov
aca64df61c Bump JDK requirements to 21 (#3017) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 15:17:53 +03:00