From dc76840568b224c3c1334b7c9b9d38ff0a1b9ea5 Mon Sep 17 00:00:00 2001
From: "stirlingbot[bot]" <195170888+stirlingbot[bot]@users.noreply.github.com>
Date: Fri, 1 Aug 2025 14:24:21 +0100
Subject: [PATCH 1/7] :globe_with_meridians: Sync Translations + Update README
 Progress Table (#4041)

### Description of Changes

This Pull Request was automatically generated to synchronize updates to
translation files and documentation. Below are the details of the
changes made:

#### **1. Synchronization of Translation Files**
- Updated translation files (`messages_*.properties`) to reflect changes
in the reference file `messages_en_GB.properties`.
- Ensured consistency and synchronization across all supported language
files.
- Highlighted any missing or incomplete translations.

#### **2. Update README.md**
- Generated the translation progress table in `README.md`.
- Added a summary of the current translation status for all supported
languages.
- Included up-to-date statistics on translation coverage.

#### **Why these changes are necessary**
- Keeps translation files aligned with the latest reference updates.
- Ensures the documentation reflects the current translation progress.

---

Auto-generated by [create-pull-request][1].

[1]: https://github.com/peter-evans/create-pull-request

Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>
---
 README.md                       | 2 +-
 scripts/ignore_translation.toml | 3 ---
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 836762158..b0a563fa5 100644
--- a/README.md
+++ b/README.md
@@ -152,7 +152,7 @@ Stirling-PDF currently supports 40 languages!
 | Swedish (Svenska) (sv_SE)                    | ![67%](https://geps.dev/progress/67)   |
 | Thai (ไทย) (th_TH)                           | ![60%](https://geps.dev/progress/60)   |
 | Tibetan (བོད་ཡིག་) (bo_CN)                     | ![66%](https://geps.dev/progress/66) |
-| Traditional Chinese (繁體中文) (zh_TW)        | ![77%](https://geps.dev/progress/77)   |
+| Traditional Chinese (繁體中文) (zh_TW)        | ![99%](https://geps.dev/progress/99)   |
 | Turkish (Türkçe) (tr_TR)                     | ![82%](https://geps.dev/progress/82)   |
 | Ukrainian (Українська) (uk_UA)               | ![72%](https://geps.dev/progress/72)   |
 | Vietnamese (Tiếng Việt) (vi_VN)              | ![58%](https://geps.dev/progress/58)   |
diff --git a/scripts/ignore_translation.toml b/scripts/ignore_translation.toml
index fde2da33f..9a379eb84 100644
--- a/scripts/ignore_translation.toml
+++ b/scripts/ignore_translation.toml
@@ -1026,8 +1026,5 @@ ignore = [
 
 [zh_TW]
 ignore = [
-    'lang.dzo',
-    'lang.iku',
-    'lang.que',
     'language.direction',
 ]

From 31ade3e496bae0d4784543db8eeba6264e2f3523 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Aug 2025 14:24:40 +0100
Subject: [PATCH 2/7] build(deps): bump actions/ai-inference from 1.1.0 to
 1.2.3 (#4006)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/ai-inference](https://github.com/actions/ai-inference)
from 1.1.0 to 1.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/ai-inference/releases">actions/ai-inference's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump super-linter/super-linter from 7.4.0 to 8.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/ai-inference/pull/62">actions/ai-inference#62</a></li>
<li>Add GitHub Actions workflow for releasing new version by <a
href="https://github.com/sgoedecke"><code>@​sgoedecke</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/59">actions/ai-inference#59</a></li>
<li>Update readme to say MCP needs a PAT by <a
href="https://github.com/sgoedecke"><code>@​sgoedecke</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/60">actions/ai-inference#60</a></li>
<li>Support .prompt.yml files by <a
href="https://github.com/sgoedecke"><code>@​sgoedecke</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/61">actions/ai-inference#61</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/ai-inference/compare/v1.2.2...v1.2.3">https://github.com/actions/ai-inference/compare/v1.2.2...v1.2.3</a></p>
<h2>v1.2.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixup bundle by <a
href="https://github.com/sgoedecke"><code>@​sgoedecke</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/58">actions/ai-inference#58</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/ai-inference/compare/v1.2.1...v1.2.2">https://github.com/actions/ai-inference/compare/v1.2.1...v1.2.2</a></p>
<h2>v1.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Ensure pkce-challenge is bundled in dist instead of treated as
external by <a
href="https://github.com/sgoedecke"><code>@​sgoedecke</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/57">actions/ai-inference#57</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/ai-inference/compare/v1.2.0...v1.2.1">https://github.com/actions/ai-inference/compare/v1.2.0...v1.2.1</a></p>
<h2>v1.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Setup licensed on the codespace by <a
href="https://github.com/maraisr"><code>@​maraisr</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/29">actions/ai-inference#29</a></li>
<li>Bump the npm-development group across 1 directory with 11 updates by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/ai-inference/pull/36">actions/ai-inference#36</a></li>
<li>Update readme by <a
href="https://github.com/sgoedecke"><code>@​sgoedecke</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/41">actions/ai-inference#41</a></li>
<li>Bump <code>@​jest/globals</code> from 29.7.0 to 30.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/ai-inference/pull/46">actions/ai-inference#46</a></li>
<li>Make actual inference in CI optional, since it depends on org
settings by <a
href="https://github.com/sgoedecke"><code>@​sgoedecke</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/55">actions/ai-inference#55</a></li>
<li>fix: improve error handling for AI service responses by <a
href="https://github.com/ainoya"><code>@​ainoya</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/49">actions/ai-inference#49</a></li>
<li>Add read-only GitHub MCP support by <a
href="https://github.com/sgoedecke"><code>@​sgoedecke</code></a> in <a
href="https://redirect.github.com/actions/ai-inference/pull/56">actions/ai-inference#56</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ainoya"><code>@​ainoya</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/ai-inference/pull/49">actions/ai-inference#49</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/ai-inference/compare/v1.1.0...v1.2.0">https://github.com/actions/ai-inference/compare/v1.1.0...v1.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/ai-inference/commit/9693b137b6566bb66055a713613bf4f0493701eb"><code>9693b13</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/ai-inference/issues/61">#61</a>
from actions/sgoedecke/prompt-file</li>
<li><a
href="https://github.com/actions/ai-inference/commit/d0b2f23c43311aaad7b4a02894c649a1d6571b53"><code>d0b2f23</code></a>
Merge branch 'main' into sgoedecke/prompt-file</li>
<li><a
href="https://github.com/actions/ai-inference/commit/0df96479bcb4ea24c63144c03be8b6ae7b11003f"><code>0df9647</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/ai-inference/issues/60">#60</a>
from actions/sgoedecke/update-readme</li>
<li><a
href="https://github.com/actions/ai-inference/commit/446f075e3b11fd0afca78c8d0df8d04942161497"><code>446f075</code></a>
Merge branch 'main' into sgoedecke/update-readme</li>
<li><a
href="https://github.com/actions/ai-inference/commit/ce58b26ac7f47baf89dc3d2aeaea560107e25277"><code>ce58b26</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/ai-inference/issues/59">#59</a>
from actions/sgoedecke-patch-1</li>
<li><a
href="https://github.com/actions/ai-inference/commit/1cf96b0212eda48166c54df14085910a7c1f1faf"><code>1cf96b0</code></a>
Merge branch 'main' into sgoedecke/update-readme</li>
<li><a
href="https://github.com/actions/ai-inference/commit/f79e4e11cbdac29de8a9db3b227468308bdc7897"><code>f79e4e1</code></a>
regenerate dist</li>
<li><a
href="https://github.com/actions/ai-inference/commit/72102e50bfcdb3f04447929bf2b2fb23e2db81cf"><code>72102e5</code></a>
Update src/prompt.ts</li>
<li><a
href="https://github.com/actions/ai-inference/commit/2bc30a525a2d4893b4836711c397c64122da23c6"><code>2bc30a5</code></a>
regenerate dist</li>
<li><a
href="https://github.com/actions/ai-inference/commit/8f64ac12840ea5f874555d8a5f663a339e4c3cd6"><code>8f64ac1</code></a>
Fixup types and tests</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/ai-inference/compare/d645f067d89ee1d5d736a5990e327e504d1c5a4a...9693b137b6566bb66055a713613bf4f0493701eb">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/ai-inference&package-manager=github_actions&previous-version=1.1.0&new-version=1.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/ai_pr_title_review.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ai_pr_title_review.yml b/.github/workflows/ai_pr_title_review.yml
index 7c47b8d58..b7d944c34 100644
--- a/.github/workflows/ai_pr_title_review.yml
+++ b/.github/workflows/ai_pr_title_review.yml
@@ -87,7 +87,7 @@ jobs:
       - name: AI PR Title Analysis
         if: steps.actor.outputs.is_repo_dev == 'true'
         id: ai-title-analysis
-        uses: actions/ai-inference@d645f067d89ee1d5d736a5990e327e504d1c5a4a # v1.1.0
+        uses: actions/ai-inference@9693b137b6566bb66055a713613bf4f0493701eb # v1.2.3
         with:
           model: openai/gpt-4o
           system-prompt-file: ".github/config/system-prompt.txt"

From 1eb96f08df8defb2c630402bcc544bb810f181e1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Aug 2025 14:25:23 +0100
Subject: [PATCH 3/7] build(deps): bump github/codeql-action from 3.29.3 to
 3.29.5 (#4061)

Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.29.3 to 3.29.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.29.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li>
</ul>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/51f77329afa6477de8c49fc9c7046c15b9a4e79d"><code>51f7732</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2997">#2997</a>
from github/update-v3.29.5-80a09d7b0</li>
<li><a
href="https://github.com/github/codeql-action/commit/8e90243ddbe0de3f12f4fa361675387b7f94c48d"><code>8e90243</code></a>
Update changelog for v3.29.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/80a09d7b0b5468297f127c81b43cb7335eed0f30"><code>80a09d7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2996">#2996</a>
from github/dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="https://github.com/github/codeql-action/commit/8388115dc8d6af25bf915cc8455a7d6a77253970"><code>8388115</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2994">#2994</a>
from github/mergeback/changelog/v3.28.21</li>
<li><a
href="https://github.com/github/codeql-action/commit/401ecaf503b1a19fc0fbd253cc5afe7759870068"><code>401ecaf</code></a>
Merge branch 'main' into mergeback/changelog/v3.28.21</li>
<li><a
href="https://github.com/github/codeql-action/commit/ab5c0c5fa56442a68c2d51b194ccc93faaaaa639"><code>ab5c0c5</code></a>
Merge branch 'main' into dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="https://github.com/github/codeql-action/commit/cd264d4dcdc5ee89d8590821e29c66a1bdcaa968"><code>cd264d4</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2986">#2986</a>
from github/update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/4599055b1e273f63344615ade2c46c852c6d5c63"><code>4599055</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/fd7ad511e6bd5985ebbc84944e0e173d39a968b8"><code>fd7ad51</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2971">#2971</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/ac0c9bfe1e34d6a76860325c1b4abe8208ce98a6"><code>ac0c9bf</code></a>
Merge branch 'main' into
update-supported-enterprise-server-versions</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/d6bbdef45e766d081b84a2def353b0055f728d3e...51f77329afa6477de8c49fc9c7046c15b9a4e79d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.29.3&new-version=3.29.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
---
 .github/workflows/scorecards.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 120a223ad..47fae4f83 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -74,6 +74,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@d6bbdef45e766d081b84a2def353b0055f728d3e # v3.29.3
+        uses: github/codeql-action/upload-sarif@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
         with:
           sarif_file: results.sarif

From 1399a306a6c30fb013e33f4469512d0a7d7918ed Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Aug 2025 14:25:36 +0100
Subject: [PATCH 4/7] build(deps): bump edu.sc.seis.launch4j from 3.0.6 to
 3.0.7 (#4062)

Bumps edu.sc.seis.launch4j from 3.0.6 to 3.0.7.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=edu.sc.seis.launch4j&package-manager=gradle&previous-version=3.0.6&new-version=3.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 897e0ef38..4b2b2c31b 100644
--- a/build.gradle
+++ b/build.gradle
@@ -5,7 +5,7 @@ plugins {
     id "org.springframework.boot" version "3.5.3"
     id "org.springdoc.openapi-gradle-plugin" version "1.9.0"
     id "io.swagger.swaggerhub" version "1.3.2"
-    id "edu.sc.seis.launch4j" version "3.0.6"
+    id "edu.sc.seis.launch4j" version "3.0.7"
     id "com.diffplug.spotless" version "7.2.1"
     id "com.github.jk1.dependency-license-report" version "2.9"
     //id "nebula.lint" version "19.0.3"

From 213949d499417dff79e07dd0186f79de894ea21c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Aug 2025 14:25:48 +0100
Subject: [PATCH 5/7] build(deps): bump com.opencsv:opencsv from 5.11.2 to
 5.12.0 (#4060)

Bumps com.opencsv:opencsv from 5.11.2 to 5.12.0.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.opencsv:opencsv&package-manager=gradle&previous-version=5.11.2&new-version=5.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 app/core/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/core/build.gradle b/app/core/build.gradle
index ca7a007b7..d37ee9354 100644
--- a/app/core/build.gradle
+++ b/app/core/build.gradle
@@ -62,7 +62,7 @@ dependencies {
         exclude group: 'com.google.code.gson', module: 'gson'
     }
     implementation 'org.apache.pdfbox:jbig2-imageio:3.0.4'
-    implementation 'com.opencsv:opencsv:5.11.2' // https://mvnrepository.com/artifact/com.opencsv/opencsv
+    implementation 'com.opencsv:opencsv:5.12.0' // https://mvnrepository.com/artifact/com.opencsv/opencsv
 
     // Batik
     implementation 'org.apache.xmlgraphics:batik-all:1.19'

From 6aa474596ee7544ae3b76ed2d903e36c76d1b54a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Aug 2025 14:26:03 +0100
Subject: [PATCH 6/7] build(deps): bump org.springframework.boot from 3.5.3 to
 3.5.4 (#4059)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[org.springframework.boot](https://github.com/spring-projects/spring-boot)
from 3.5.3 to 3.5.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's
releases</a>.</em></p>
<blockquote>
<h2>v3.5.4</h2>
<h2>:lady_beetle: Bug Fixes</h2>
<ul>
<li>LambdaSafe.withFilter is not public <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46474">#46474</a></li>
<li>Executable JAR application class encounters performance issues when
used with Palo Alto Network Cortex XDR agent <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46402">#46402</a></li>
<li>Runtime dependencies are missing from aotCompileClasspath and
aotTestCompileClasspath when using Kotlin <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46398">#46398</a></li>
<li>Additional fields for structured JSON logging incompatible with
nested ecs logging in 3.5.x <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46351">#46351</a></li>
<li>Change in DefaultErrorAttributes alters the shape of API validation
error responses <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46260">#46260</a></li>
<li>jdbc.connections.active and jdbc.connections.idle metrics are not
available when using Hikari in a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46225">#46225</a></li>
<li>developmentOnly and testAndDevelopmentOnly dependencies may prevent
implementation dependencies from being included in the uber-jar <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46205">#46205</a></li>
<li>Hash calculation for uber archive entries that require unpacking is
inefficient <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46203">#46203</a></li>
<li>Permissions are applied inconsistently when building uber archives
with Gradle <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46194">#46194</a></li>
<li>Environment variables using legacy dash format can no longer be
bound <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46184">#46184</a></li>
<li>EmbeddedWebServerFactoryCustomizerAutoConfiguration fails when
undertow-core is on the classpath and undertow-servlet is not <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46180">#46180</a></li>
<li>Executable JAR application class encounters performance issues <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46177">#46177</a></li>
<li>Executable JAR application class encounters performance issues <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46176">#46176</a></li>
<li>Setting spring.reactor.context-propagation has no effect when lazy
initialization is enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46174">#46174</a></li>
<li>Setting spring.netty.leak-detection has no effect when lazy
initialization is enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46170">#46170</a></li>
<li>SslInfo does not use its Clock when checking certificate validity <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46011">#46011</a></li>
</ul>
<h2>:notebook_with_decorative_cover: Documentation</h2>
<ul>
<li>Fix description of spring.batch.job.enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46247">#46247</a></li>
<li>Fix broken Kotlin examples in reference documentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46168">#46168</a></li>
<li>Add Logback Access Reactor Netty to community starters <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/46060">#46060</a></li>
</ul>
<h2>:hammer: Dependency Upgrades</h2>
<ul>
<li>Upgrade to ActiveMQ 6.1.7 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46373">#46373</a></li>
<li>Upgrade to Caffeine 3.2.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46432">#46432</a></li>
<li>Upgrade to Couchbase Client 3.8.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46460">#46460</a></li>
<li>Upgrade to GraphQL Java 24.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46395">#46395</a></li>
<li>Upgrade to Groovy 4.0.28 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46516">#46516</a></li>
<li>Upgrade to Hibernate 6.6.22.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46492">#46492</a></li>
<li>Upgrade to HikariCP 6.3.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46493">#46493</a></li>
<li>Upgrade to Infinispan 15.2.5.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46461">#46461</a></li>
<li>Upgrade to Jackson Bom 2.19.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46494">#46494</a></li>
<li>Upgrade to Jetty 12.0.23 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46375">#46375</a></li>
<li>Upgrade to MariaDB 3.5.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46376">#46376</a></li>
<li>Upgrade to Maven Invoker Plugin 3.9.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46377">#46377</a></li>
<li>Upgrade to Micrometer 1.15.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46280">#46280</a></li>
<li>Upgrade to Micrometer Tracing 1.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46281">#46281</a></li>
<li>Upgrade to MSSQL JDBC 12.10.1.jre11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46378">#46378</a></li>
<li>Upgrade to MySQL 9.3.0 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46371">#46371</a></li>
<li>Upgrade to Neo4j Java Driver 5.28.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46434">#46434</a></li>
<li>Upgrade to Netty 4.1.123.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46435">#46435</a></li>
<li>Upgrade to Prometheus Client 1.3.10 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46379">#46379</a></li>
<li>Upgrade to Reactor Bom 2024.0.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46282">#46282</a></li>
<li>Upgrade to RxJava3 3.1.11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46380">#46380</a></li>
<li>Upgrade to Spring AMQP 3.2.6 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46283">#46283</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/925f9bc6ba99f0eaffce1e357282d3672b88e2a5"><code>925f9bc</code></a>
Release v3.5.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d82fb358acc9e99af28303ccd922df634e1d69ee"><code>d82fb35</code></a>
Merge branch '3.4.x' into 3.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/4b6064f4aaf8f00633d29f3777e531f2f0aebd0e"><code>4b6064f</code></a>
Next development version (v3.4.9-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/a39c8f034a2ba187b4ddb703666531b8689cadcc"><code>a39c8f0</code></a>
Merge branch '3.4.x' into 3.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/99d53dec18924d5b07f528b00a37ced110602341"><code>99d53de</code></a>
Upgrade to Spring Integration 6.5.1</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/1b4aad592e62335ef3c290414bc6bf4f8daf2a2b"><code>1b4aad5</code></a>
Upgrade to Groovy 4.0.28</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/3f0f79b982b6847893ecf086875461223288bb0e"><code>3f0f79b</code></a>
Upgrade to Spring Integration 6.4.6</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ff8443c016ec1c7fe140c6ce6a58978af05025a8"><code>ff8443c</code></a>
Upgrade to Groovy 4.0.28</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/aed85504210a7c79fbc49831f2fb09f77661bce6"><code>aed8550</code></a>
Merge branch '3.4.x' into 3.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/5406976ee99187d2b6d69d5759f75a72ae757c82"><code>5406976</code></a>
Apply commercial input consistently</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.5.3...v3.5.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.boot&package-manager=gradle&previous-version=3.5.3&new-version=3.5.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 4b2b2c31b..4c210ef64 100644
--- a/build.gradle
+++ b/build.gradle
@@ -2,7 +2,7 @@ plugins {
     id "java"
     id "jacoco"
     id "io.spring.dependency-management" version "1.1.7"
-    id "org.springframework.boot" version "3.5.3"
+    id "org.springframework.boot" version "3.5.4"
     id "org.springdoc.openapi-gradle-plugin" version "1.9.0"
     id "io.swagger.swaggerhub" version "1.3.2"
     id "edu.sc.seis.launch4j" version "3.0.7"

From 31598f3f1e160d7010cf34e23dbe6af0876edbc5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Aug 2025 14:26:25 +0100
Subject: [PATCH 7/7] build(deps): bump
 org.springframework.boot:spring-boot-dependencies from 3.5.3 to 3.5.4 (#4058)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot)
from 3.5.3 to 3.5.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-dependencies's
releases</a>.</em></p>
<blockquote>
<h2>v3.5.4</h2>
<h2>:lady_beetle: Bug Fixes</h2>
<ul>
<li>LambdaSafe.withFilter is not public <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46474">#46474</a></li>
<li>Executable JAR application class encounters performance issues when
used with Palo Alto Network Cortex XDR agent <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46402">#46402</a></li>
<li>Runtime dependencies are missing from aotCompileClasspath and
aotTestCompileClasspath when using Kotlin <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46398">#46398</a></li>
<li>Additional fields for structured JSON logging incompatible with
nested ecs logging in 3.5.x <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46351">#46351</a></li>
<li>Change in DefaultErrorAttributes alters the shape of API validation
error responses <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46260">#46260</a></li>
<li>jdbc.connections.active and jdbc.connections.idle metrics are not
available when using Hikari in a native image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46225">#46225</a></li>
<li>developmentOnly and testAndDevelopmentOnly dependencies may prevent
implementation dependencies from being included in the uber-jar <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46205">#46205</a></li>
<li>Hash calculation for uber archive entries that require unpacking is
inefficient <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46203">#46203</a></li>
<li>Permissions are applied inconsistently when building uber archives
with Gradle <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46194">#46194</a></li>
<li>Environment variables using legacy dash format can no longer be
bound <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46184">#46184</a></li>
<li>EmbeddedWebServerFactoryCustomizerAutoConfiguration fails when
undertow-core is on the classpath and undertow-servlet is not <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46180">#46180</a></li>
<li>Executable JAR application class encounters performance issues <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46177">#46177</a></li>
<li>Executable JAR application class encounters performance issues <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46176">#46176</a></li>
<li>Setting spring.reactor.context-propagation has no effect when lazy
initialization is enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46174">#46174</a></li>
<li>Setting spring.netty.leak-detection has no effect when lazy
initialization is enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46170">#46170</a></li>
<li>SslInfo does not use its Clock when checking certificate validity <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46011">#46011</a></li>
</ul>
<h2>:notebook_with_decorative_cover: Documentation</h2>
<ul>
<li>Fix description of spring.batch.job.enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46247">#46247</a></li>
<li>Fix broken Kotlin examples in reference documentation <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46168">#46168</a></li>
<li>Add Logback Access Reactor Netty to community starters <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/46060">#46060</a></li>
</ul>
<h2>:hammer: Dependency Upgrades</h2>
<ul>
<li>Upgrade to ActiveMQ 6.1.7 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46373">#46373</a></li>
<li>Upgrade to Caffeine 3.2.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46432">#46432</a></li>
<li>Upgrade to Couchbase Client 3.8.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46460">#46460</a></li>
<li>Upgrade to GraphQL Java 24.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46395">#46395</a></li>
<li>Upgrade to Groovy 4.0.28 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46516">#46516</a></li>
<li>Upgrade to Hibernate 6.6.22.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46492">#46492</a></li>
<li>Upgrade to HikariCP 6.3.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46493">#46493</a></li>
<li>Upgrade to Infinispan 15.2.5.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46461">#46461</a></li>
<li>Upgrade to Jackson Bom 2.19.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46494">#46494</a></li>
<li>Upgrade to Jetty 12.0.23 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46375">#46375</a></li>
<li>Upgrade to MariaDB 3.5.4 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46376">#46376</a></li>
<li>Upgrade to Maven Invoker Plugin 3.9.1 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46377">#46377</a></li>
<li>Upgrade to Micrometer 1.15.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46280">#46280</a></li>
<li>Upgrade to Micrometer Tracing 1.5.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46281">#46281</a></li>
<li>Upgrade to MSSQL JDBC 12.10.1.jre11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46378">#46378</a></li>
<li>Upgrade to MySQL 9.3.0 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46371">#46371</a></li>
<li>Upgrade to Neo4j Java Driver 5.28.9 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46434">#46434</a></li>
<li>Upgrade to Netty 4.1.123.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46435">#46435</a></li>
<li>Upgrade to Prometheus Client 1.3.10 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46379">#46379</a></li>
<li>Upgrade to Reactor Bom 2024.0.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46282">#46282</a></li>
<li>Upgrade to RxJava3 3.1.11 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46380">#46380</a></li>
<li>Upgrade to Spring AMQP 3.2.6 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/46283">#46283</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/925f9bc6ba99f0eaffce1e357282d3672b88e2a5"><code>925f9bc</code></a>
Release v3.5.4</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/d82fb358acc9e99af28303ccd922df634e1d69ee"><code>d82fb35</code></a>
Merge branch '3.4.x' into 3.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/4b6064f4aaf8f00633d29f3777e531f2f0aebd0e"><code>4b6064f</code></a>
Next development version (v3.4.9-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/a39c8f034a2ba187b4ddb703666531b8689cadcc"><code>a39c8f0</code></a>
Merge branch '3.4.x' into 3.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/99d53dec18924d5b07f528b00a37ced110602341"><code>99d53de</code></a>
Upgrade to Spring Integration 6.5.1</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/1b4aad592e62335ef3c290414bc6bf4f8daf2a2b"><code>1b4aad5</code></a>
Upgrade to Groovy 4.0.28</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/3f0f79b982b6847893ecf086875461223288bb0e"><code>3f0f79b</code></a>
Upgrade to Spring Integration 6.4.6</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ff8443c016ec1c7fe140c6ce6a58978af05025a8"><code>ff8443c</code></a>
Upgrade to Groovy 4.0.28</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/aed85504210a7c79fbc49831f2fb09f77661bce6"><code>aed8550</code></a>
Merge branch '3.4.x' into 3.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/5406976ee99187d2b6d69d5759f75a72ae757c82"><code>5406976</code></a>
Apply commercial input consistently</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v3.5.3...v3.5.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.boot:spring-boot-dependencies&package-manager=gradle&previous-version=3.5.3&new-version=3.5.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 4c210ef64..7ec5d4e3c 100644
--- a/build.gradle
+++ b/build.gradle
@@ -21,7 +21,7 @@ import java.nio.file.Files
 import java.time.Year
 
 ext {
-    springBootVersion = "3.5.3"
+    springBootVersion = "3.5.4"
     pdfboxVersion = "3.0.5"
     imageioVersion = "3.12.0"
     lombokVersion = "1.18.38"