Stability checkpoint — Spring AI 2.0.0 GA + CVE backlog cleared - fix(security): spring-ai 1.1.4 → 2.0.0 GA + spring-boot 4.0.6 → 4.0.7 (clears the 2 mcp GHSAs at the source ; mcp SDK now 2.0.0) - fix(security): strip /usr/bin/pebble from runtime image (4 Go stdlib + golang.org/x/net HIGH advisories removed at the source, not shielded) - test(auth): fix pre-existing sb3-profile SecurityConfigContextTest failure (missing mvcHandlerMappingIntrospector bean) - fix(ci): schedule workflow rule when:always (disproven as a fix — see below ; kept because harmless + matches python's shape) - chore(audit): commit 2026-05-18 stability report + ignore trivy baseline - docs(tasks): compat-schedule 0-job confirmed as a GitLab platform bug CI : - ✅ Post-merge main pipeline #2662748996 green (sha 8867313) — 19 jobs success, 15 manual, 0 failed (incl. grype:scan on the pebble-stripped image) - ✅ MR !320 pipeline #2662651105 green (spring-ai 2.0.0 bump) Local test pass (2026-07-08, code tree identical to the tagged SHA) : - ✅ ./mvnw clean verify (SB4 + Java 25) — 799 unit + 93 IT green - ✅ ./mvnw clean verify -Dcompat (SB4 + Java 21) — 800 tests green - ✅ ./mvnw clean verify -Dsb3 (SB3 + Java 21, spring-ai 1.1.8) — 793 tests green - ✅ grype target/iris-0.0.1-SNAPSHOT.jar --fail-on high — exit 0, 0 CRITICAL / 0 HIGH ; 3 MEDIUM/LOW residual (Renovate scope) - ✅ grype on pebble-stripped runtime image — 0 HIGH/CRITICAL Regression check vs previous tag : - 🆕 mcp-core GHSA-8jxr-pr72-r468 (HIGH) + GHSA-hv2w-8mjj-jw22 (MEDIUM) — RESOLVED : spring-ai 2.0.0 ships mcp 2.0.0, out of both ranges. The .grype.yaml suppressions (expired exit-ticket 2026-06-09) are removed ; the ignore list is now empty. - 🆕 tomcat / netty / postgresql / jackson manual CVE pins — REMOVED : spring-boot 4.0.7 BOM manages versions at or above every prior pin (the jackson 3.1.2 pin had even become a 2-HIGH downgrade). - CVE posture : grype --fail-on high GREEN (0 HIGH/CRITICAL) on both the fat jar and the runtime image. All manual CVE suppressions/pins cleared — the security gate now passes on upstream-managed versions alone, no debt carried forward. - Supply chain : removed a Go binary (pebble) that a Java service never invokes but that dragged 4 HIGH Go advisories into the image scan — root-cause removal, not an allow_failure shield. - Spring AI upgraded to the 2.0.0 GA line (SB4-native). The 15-tool MCP server (ADR-0062, per-method @Tool allowlist in McpConfig) compiles and boots unchanged on the new mcp 2.0.0 SDK ; the SB3-package autoconfigure shims that 1.1.x required are deleted. - Compat matrix (SB4+J25 / SB4+J21 / SB3+J21) all green locally ; the sb3 profile now pins spring-ai 1.1.8 (2.0.0 requires Boot 4). - Known GitLab platform bug documented : scheduled pipelines create 0-job failed pipelines (all 4 workflow-rule fixes disproven) ; schedule disabled, manual-trigger workaround stands. Upstream bug filing tracked in TASKS.md. - SB3-compat shims under src/main/java/org/springframework/ removed — the reverse-package hack is gone now that the framework dependency is SB4-native. Smaller surface, one fewer "do not touch" gotcha. - compat-matrix-weekly schedule 0-job — GitLab platform bug, disabled ; use manual "Run pipeline" + RUN_COMPAT=true. Upstream bug to file. - Docker image alpine (python sibling repo) — blocked on onnxruntime musl wheels ; unrelated to this repo but tracked. - File the upstream GitLab scheduled-pipeline bug with the empirical proof. - Consider a minor bump (1.3.0) if a user-facing feature lands next.