fix: upgrade org.springframework.boot:spring-boot to 4.0.6, 3.5.14 (CVE-2026-40973)

command-query-responsibility-segregation/pom.xml

@@ -54,17 +54,12 @@
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-core</artifactId>
-            <version>5.6.15.Final</version>
+            <version>6.4.4.Final</version>
         </dependency>
         <dependency>
             <groupId>org.glassfish.jaxb</groupId>
             <artifactId>jaxb-runtime</artifactId>
-            <version>2.3.3</version>
-        </dependency>
-        <dependency>
-            <groupId>javax.xml.bind</groupId>
-            <artifactId>jaxb-api</artifactId>
-            <version>2.3.1</version>
+            <version>4.0.5</version>
         </dependency>
     </dependencies>
     <build>

command-query-responsibility-segregation/src/main/java/com/iluwatar/cqrs/commandes/CommandServiceImpl.java

@@ -27,6 +27,7 @@
 import com.iluwatar.cqrs.domain.model.Author;
 import com.iluwatar.cqrs.domain.model.Book;
 import com.iluwatar.cqrs.util.HibernateUtil;
+import jakarta.persistence.NoResultException;
 import org.hibernate.SessionFactory;
 
 /**
@@ -38,39 +39,35 @@ public class CommandServiceImpl implements CommandService {
   private final SessionFactory sessionFactory = HibernateUtil.getSessionFactory();
 
   private Author getAuthorByUsername(String username) {
-    Author author;
     try (var session = sessionFactory.openSession()) {
-      var query = session.createQuery("from Author where username=:username");
+      var query = session.createQuery("from Author where username=:username", Author.class);
       query.setParameter("username", username);
-      author = (Author) query.uniqueResult();
+      try {
+        return query.getSingleResult();
+      } catch (NoResultException e) {
+        throw new IllegalArgumentException("Author " + username + " doesn't exist!");
+      }
     }
-    if (author == null) {
-      HibernateUtil.getSessionFactory().close();
-      throw new NullPointerException("Author " + username + " doesn't exist!");
-    }
-    return author;
   }
 
   private Book getBookByTitle(String title) {
-    Book book;
     try (var session = sessionFactory.openSession()) {
-      var query = session.createQuery("from Book where title=:title");
+      var query = session.createQuery("from Book where title=:title", Book.class);
       query.setParameter("title", title);
-      book = (Book) query.uniqueResult();
-    }
-    if (book == null) {
-      HibernateUtil.getSessionFactory().close();
-      throw new NullPointerException("Book " + title + " doesn't exist!");
+      try {
+        return query.getSingleResult();
+      } catch (NoResultException e) {
+        throw new IllegalArgumentException("Book " + title + " doesn't exist!");
+      }
     }
-    return book;
   }
 
   @Override
   public void authorCreated(String username, String name, String email) {
     var author = new Author(username, name, email);
     try (var session = sessionFactory.openSession()) {
       session.beginTransaction();
-      session.save(author);
+      session.persist(author);
       session.getTransaction().commit();
     }
   }
@@ -81,7 +78,7 @@ public void bookAddedToAuthor(String title, double price, String username) {
     var book = new Book(title, price, author);
     try (var session = sessionFactory.openSession()) {
       session.beginTransaction();
-      session.save(book);
+      session.persist(book);
       session.getTransaction().commit();
     }
   }
@@ -92,7 +89,7 @@ public void authorNameUpdated(String username, String name) {
     author.setName(name);
     try (var session = sessionFactory.openSession()) {
       session.beginTransaction();
-      session.update(author);
+      session.merge(author);
       session.getTransaction().commit();
     }
   }
@@ -103,7 +100,7 @@ public void authorUsernameUpdated(String oldUsername, String newUsername) {
     author.setUsername(newUsername);
     try (var session = sessionFactory.openSession()) {
       session.beginTransaction();
-      session.update(author);
+      session.merge(author);
       session.getTransaction().commit();
     }
   }
@@ -114,7 +111,7 @@ public void authorEmailUpdated(String username, String email) {
     author.setEmail(email);
     try (var session = sessionFactory.openSession()) {
       session.beginTransaction();
-      session.update(author);
+      session.merge(author);
       session.getTransaction().commit();
     }
   }
@@ -125,7 +122,7 @@ public void bookTitleUpdated(String oldTitle, String newTitle) {
     book.setTitle(newTitle);
     try (var session = sessionFactory.openSession()) {
       session.beginTransaction();
-      session.update(book);
+      session.merge(book);
       session.getTransaction().commit();
     }
   }
@@ -136,7 +133,7 @@ public void bookPriceUpdated(String title, double price) {
     book.setPrice(price);
     try (var session = sessionFactory.openSession()) {
       session.beginTransaction();
-      session.update(book);
+      session.merge(book);
       session.getTransaction().commit();
     }
   }

command-query-responsibility-segregation/src/main/java/com/iluwatar/cqrs/domain/model/Author.java

@@ -24,10 +24,11 @@
  */
 package com.iluwatar.cqrs.domain.model;
 
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
@@ -42,7 +43,9 @@ public class Author {
   @GeneratedValue(strategy = GenerationType.IDENTITY)
   private long id;
 
+  @Column(unique = true)
   private String username;
+
   private String name;
   private String email;
 

command-query-responsibility-segregation/src/main/java/com/iluwatar/cqrs/domain/model/Book.java

@@ -24,11 +24,12 @@
  */
 package com.iluwatar.cqrs.domain.model;
 
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.ManyToOne;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.ManyToOne;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
@@ -46,7 +47,9 @@ public class Book {
   @GeneratedValue(strategy = GenerationType.IDENTITY)
   private long id;
 
+  @Column(unique = true)
   private String title;
+
   private double price;
   @ManyToOne private Author author;
 

command-query-responsibility-segregation/src/main/java/com/iluwatar/cqrs/queries/QueryServiceImpl.java

@@ -28,6 +28,7 @@
 import com.iluwatar.cqrs.dto.Author;
 import com.iluwatar.cqrs.dto.Book;
 import com.iluwatar.cqrs.util.HibernateUtil;
+import jakarta.persistence.NoResultException;
 import java.math.BigInteger;
 import java.util.List;
 import org.hibernate.SessionFactory;
@@ -43,30 +44,36 @@ public class QueryServiceImpl implements QueryService {
 
   @Override
   public Author getAuthorByUsername(String username) {
-    Author authorDto;
     try (var session = sessionFactory.openSession()) {
       Query<Author> sqlQuery =
           session.createQuery(
               "select new com.iluwatar.cqrs.dto.Author(a.name, a.email, a.username)"
-                  + " from com.iluwatar.cqrs.domain.model.Author a where a.username=:username");
+                  + " from com.iluwatar.cqrs.domain.model.Author a where a.username=:username",
+              Author.class);
       sqlQuery.setParameter(AppConstants.USER_NAME, username);
-      authorDto = sqlQuery.uniqueResult();
+      try {
+        return sqlQuery.getSingleResult();
+      } catch (NoResultException e) {
+        return null;
+      }
     }
-    return authorDto;
   }
 
   @Override
   public Book getBook(String title) {
-    Book bookDto;
     try (var session = sessionFactory.openSession()) {
       Query<Book> sqlQuery =
           session.createQuery(
               "select new com.iluwatar.cqrs.dto.Book(b.title, b.price)"
-                  + " from com.iluwatar.cqrs.domain.model.Book b where b.title=:title");
+                  + " from com.iluwatar.cqrs.domain.model.Book b where b.title=:title",
+              Book.class);
       sqlQuery.setParameter("title", title);
-      bookDto = sqlQuery.uniqueResult();
+      try {
+        return sqlQuery.getSingleResult();
+      } catch (NoResultException e) {
+        return null;
+      }
     }
-    return bookDto;
   }
 
   @Override
@@ -77,7 +84,8 @@ public List<Book> getAuthorBooks(String username) {
           session.createQuery(
               "select new com.iluwatar.cqrs.dto.Book(b.title, b.price)"
                   + " from com.iluwatar.cqrs.domain.model.Author a, com.iluwatar.cqrs.domain.model.Book b "
-                  + "where b.author.id = a.id and a.username=:username");
+                  + "where b.author.id = a.id and a.username=:username",
+              Book.class);
       sqlQuery.setParameter(AppConstants.USER_NAME, username);
       bookDtos = sqlQuery.list();
     }
@@ -86,26 +94,31 @@ public List<Book> getAuthorBooks(String username) {
 
   @Override
   public BigInteger getAuthorBooksCount(String username) {
-    BigInteger bookcount;
     try (var session = sessionFactory.openSession()) {
       var sqlQuery =
           session.createNativeQuery(
               "SELECT count(b.title)"
                   + " FROM  Book b, Author a"
-                  + " where b.author_id = a.id and a.username=:username");
+                  + " where b.author_id = a.id and a.username=:username",
+              Long.class);
       sqlQuery.setParameter(AppConstants.USER_NAME, username);
-      bookcount = (BigInteger) sqlQuery.uniqueResult();
+      try {
+        return BigInteger.valueOf(sqlQuery.getSingleResult());
+      } catch (NoResultException e) {
+        return BigInteger.ZERO;
+      }
     }
-    return bookcount;
   }
 
   @Override
   public BigInteger getAuthorsCount() {
-    BigInteger authorcount;
     try (var session = sessionFactory.openSession()) {
-      var sqlQuery = session.createNativeQuery("SELECT count(id) from Author");
-      authorcount = (BigInteger) sqlQuery.uniqueResult();
+      var sqlQuery = session.createNativeQuery("SELECT count(id) from Author", Long.class);
+      try {
+        return BigInteger.valueOf(sqlQuery.getSingleResult());
+      } catch (NoResultException e) {
+        return BigInteger.ZERO;
+      }
     }
-    return authorcount;
   }
 }

dependency-injection/src/main/java/com/iluwatar/dependency/injection/GuiceWizard.java

@@ -24,7 +24,7 @@
  */
 package com.iluwatar.dependency.injection;
 
-import javax.inject.Inject;
+import jakarta.inject.Inject;
 
 /**
  * GuiceWizard implements inversion of control. Its dependencies are injected through its

metadata-mapping/pom.xml

@@ -55,11 +55,6 @@
       <artifactId>hibernate-core</artifactId>
       <version>6.6.11.Final</version>
     </dependency>
-    <dependency>
-      <groupId>javax.xml.bind</groupId>
-      <artifactId>jaxb-api</artifactId>
-      <version>2.4.0-b180830.0359</version>
-    </dependency>
     <dependency>
       <groupId>org.glassfish.jaxb</groupId>
       <artifactId>jaxb-runtime</artifactId>

polling-publisher/polling-service/src/main/java/com/iluwatar/polling/DataRepository.java

@@ -25,9 +25,9 @@
 
 package com.iluwatar.polling;
 
+import jakarta.annotation.PostConstruct;
 import java.util.HashMap;
 import java.util.Map;
-import javax.annotation.PostConstruct;
 import org.springframework.stereotype.Repository;
 
 /** Data repository to keep or store data. */

polling-publisher/polling-service/src/main/java/com/iluwatar/polling/DataSourceService.java

@@ -25,6 +25,7 @@
 
 package com.iluwatar.polling;
 
+import jakarta.annotation.PreDestroy;
 import java.util.Map;
 import java.util.Random;
 import java.util.concurrent.Executors;
@@ -92,7 +93,7 @@ public Map<Integer, String> getAllData() {
     return repository.findAll();
   }
 
-  @javax.annotation.PreDestroy
+  @PreDestroy
   public void shutdown() {
     scheduler.shutdown();
   }

polling-publisher/pom.xml

@@ -83,11 +83,11 @@
             <version>${spring-boot.version}</version>
         </dependency>
 
-        <!-- https://mvnrepository.com/artifact/javax.annotation/javax.annotation-api -->
+        <!-- https://mvnrepository.com/artifact/jakarta.annotation/jakarta.annotation-api -->
         <dependency>
-            <groupId>javax.annotation</groupId>
-            <artifactId>javax.annotation-api</artifactId>
-            <version>1.3.2</version>
+            <groupId>jakarta.annotation</groupId>
+            <artifactId>jakarta.annotation-api</artifactId>
+            <version>3.0.0</version>
         </dependency>
 
         <dependency>

pom.xml

@@ -39,8 +39,8 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 
     <!-- Spring Boot related dependencies. Keep these in sync! -->
-    <spring-boot.version>3.4.5</spring-boot.version>
-    <junit.version>5.11.4</junit.version>
+    <spring-boot.version>3.5.14</spring-boot.version>
+    <junit.version>5.12.2</junit.version>
     <mockito.version>5.14.2</mockito.version>
     <logback.version>1.5.18</logback.version>
     <slf4j.version>2.0.17</slf4j.version>
@@ -314,22 +314,11 @@
         <scope>test</scope>
       </dependency>
       <dependency>
-        <groupId>org.junit.jupiter</groupId>
-        <artifactId>junit-jupiter-engine</artifactId>
+        <groupId>org.junit</groupId>
+        <artifactId>junit-bom</artifactId>
         <version>${junit.version}</version>
-        <scope>test</scope>
-      </dependency>
-      <dependency>
-        <groupId>org.junit.jupiter</groupId>
-        <artifactId>junit-jupiter-params</artifactId>
-        <version>${junit.version}</version>
-        <scope>test</scope>
-      </dependency>
-      <dependency>
-        <groupId>org.junit.jupiter</groupId>
-        <artifactId>junit-jupiter-migrationsupport</artifactId>
-        <version>${junit.version}</version>
-        <scope>test</scope>
+        <type>pom</type>
+        <scope>import</scope>
       </dependency>
       <dependency>
         <groupId>org.slf4j</groupId>