Update dependencies and fix test date validation

[devondragon]

Summary

• Update project dependencies to latest versions
• Fix test failures caused by hardcoded dates that passed @FutureOrPresent validation

Changes

Dependency Updates

• Spring Boot: 4.0.0 → 4.0.1
• ds-spring-user-framework: 4.0.0 → 4.0.1
• com.github.ben-manes.versions: 0.52.0 → 0.53.0
• mariadb-java-client: 3.5.5 → 3.5.7
• guava: 33.4.8-jre → 33.5.0-jre
• h2: 2.3.232 → 2.4.240
• selenide: 7.10.0 → 7.13.0
• webdrivermanager: 6.3.1 → 6.3.3

Test Fix

Replaced hardcoded date 2025-12-31 in AdminRoleAccessControlTest with a dynamic futureDate() helper that returns LocalDate.now().plusYears(1). This prevents test failures when hardcoded dates expire.

Test plan

• All tests pass (./gradlew test)

[Copilot]

Pull request overview

This PR updates project dependencies to their latest versions and fixes test failures caused by hardcoded dates that no longer satisfy @FutureOrPresent validation constraints.

Key Changes:

• Upgrades 8 project dependencies including Spring Boot (4.0.0 → 4.0.1) and related libraries
• Replaces hardcoded date "2025-12-31" with a dynamic futureDate() helper method in test cases
• Removes empty bootJar configuration block

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
src/test/java/com/digitalsanctuary/spring/user/concurrent/AdminRoleAccessControlTest.java	Adds futureDate() helper method and replaces 4 instances of hardcoded "2025-12-31" with dynamic future date calculation to prevent test failures
build.gradle	Updates 8 dependency versions (Spring Boot, ds-spring-user-framework, MariaDB, Guava, H2, Selenide, WebDriverManager, versions plugin) and removes empty bootJar block

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[claude]

Code Review Summary

Overall, this is a well-executed PR that addresses both dependency maintenance and a test sustainability issue. The changes are clean, focused, and follow best practices.

---

✅ Strengths

1. Excellent Test Fix (AdminRoleAccessControlTest.java)

The dynamic date helper is a perfect solution to prevent test failures from hardcoded dates:

private static String futureDate() {
    return LocalDate.now().plusYears(1).toString();
}

Why this is good:

• Eliminates time-based test brittleness
• Self-documenting with clear Javadoc
• Consistent with @FutureOrPresent validation on Event.date (src/main/java/com/digitalsanctuary/spring/demo/event/Event.java:34)
• Applied consistently across all test methods that needed it

2. Conservative Dependency Updates

All updates are minor/patch versions, which minimizes breaking change risk:

• Spring Boot: 4.0.0 → 4.0.1 (patch)
• Framework: 4.0.0 → 4.0.1 (patch)
• Database drivers and test libraries: minor increments

3. Build Configuration Cleanup

Removed obsolete bootJar configuration block that referenced deprecated Spring Boot 3 feature (launchScript).

---

🔍 Code Quality Assessment

Best Practices ✅

• Single responsibility: Each change addresses one clear concern
• No breaking changes introduced
• Test fix is reusable and maintainable
• PR description clearly documents all changes

Test Coverage ✅

• PR author confirmed all tests pass with ./gradlew test
• Test fix prevents future date-related failures
• No hardcoded dates remaining in test suite (verified)

---

🔒 Security Considerations

No security concerns identified:

• Dependency updates include security fixes (typical for patch versions)
• MariaDB client 3.5.5 → 3.5.7 likely includes security patches
• H2 2.3.232 → 2.4.240 is a significant jump that may include security fixes
• No changes to authentication, authorization, or data handling logic

Recommendation: Check release notes for H2 2.4.240 to understand the scope of changes, as this is the largest version jump.

---

⚡ Performance Considerations

No performance impact expected:

• Dependency updates typically include performance improvements
• Test change has zero runtime impact (test-only)
• futureDate() is a trivial calculation with no overhead

---

🧪 Test Coverage Analysis

Test fix is comprehensive:

• Applied to all 4 locations using hardcoded dates
• Tests still validate the same business logic
• Dynamic dates maintain validation contract (@FutureOrPresent)

No additional tests needed - the existing test suite adequately covers the changes.

---

📋 Minor Suggestions (Non-blocking)

1. Consider extracting date to constant for consistency

If multiple tests need future dates, you could extract the helper to a test utility class:

// In a shared test utility class
public class TestDateUtils {
    public static String futureDate() {
        return LocalDate.now().plusYears(1).toString();
    }
    
    public static String pastDate() {
        return LocalDate.now().minusYears(1).toString();
    }
}

However, this is optional - the current solution works perfectly for this isolated test class.

2. Verify H2 database compatibility

H2 2.3.232 → 2.4.240 is a significant jump. Recommend:

• Running integration tests to ensure no schema/query incompatibilities
• Checking H2 release notes for breaking changes

---

✅ Final Verdict

APPROVED - This PR is ready to merge.

Rationale:

• Addresses a real issue (date-based test failures)
• Keeps dependencies current and secure
• No breaking changes or risks identified
• Follows repository conventions (per CLAUDE.md)
• Clean, maintainable code

Estimated Risk Level: Low - All changes are incremental and well-tested.

---

Great work on identifying and fixing the hardcoded date issue before it caused test failures! 🎯