Bump org.springframework.ai:spring-ai-bom from 1.0.0 to 1.1.1

[dependabot]

Bumps org.springframework.ai:spring-ai-bom from 1.0.0 to 1.1.1.

Release notes

Sourced from org.springframework.ai:spring-ai-bom's releases.

Spring AI 1.1.1 Release Notes

🎯 Highlights

This release includes 13 new features, 16 bug fixes, 3 documentation improvements, 11 other improvements.

⭐ New Features

• Added native integration with the official OpenAI Java SDK, providing improved type safety and API coverage for OpenAI model interactions. e56b344
• ChatClient now supports native structured output, enabling more reliable and type-safe extraction of structured data from model responses. 3c3c3eb
• Integrated Claude Skills API with support for the Files API, enabling file-based interactions and enhanced Claude model capabilities. b7a36bb
• Backported Skills API support fixes to the 1.1.x maintenance branch for improved stability and consistency across versions. a1f32d1
• Added support for ISNULL and ISNOTNULL filter expressions in vector store queries, enabling null value checks in filter operations. 8e9ad36
• Introduced ThinkingLevel configuration support in ThinkingConfig to provide more control over reasoning and thinking processes. 7e6da6e
• Enhanced Vertex Gemini integration to include safety ratings in response metadata, providing visibility into content safety assessments. f4eb375
• The ToolCallAdvisor now supports extensibility through hook methods, allowing developers to customize tool call behavior in their applications 2c8c4e7
• GemFire Vector Store now supports username and password authentication for secure connections 21db782
• Added support for thought signatures in Google GenAI's Gemini 3 Pro model when using function calling capabilities 9bdf182
• Added support for the latest Claude 4.5 models including Opus and Haiku variants with updated documentation 2c7b10e
• Added prompt_tokens_details support and updated default chat options for ZhipuAI integration tests a66e243
• Introduces a new Spring Boot starter that provides auto-configuration for using Azure Cosmos DB as a chat memory repository, simplifying the setup for persisting conversation history in Spring AI applications. ef8f413

🪲 Bug Fixes

• Enhanced error handling for JSON parsing failures in MethodToolCallback, providing better diagnostics and recovery. d4f22ce
• Fixed tool execution exception handling in MethodToolCallback for improved error reporting and stability. b0a97c7
• Changed toolCallingManager visibility to protected, enabling proper extensibility for custom implementations. 4585acd
• Corrected TokenTextSplitter behavior when handling punctuation marks to ensure proper text segmentation. 8cc4ea4
• Resolved issue where the extraBody parameter was not being properly included in OpenAI API requests, ensuring custom request bodies are sent correctly. 0646d1e
• Fixed MariaDBSchemaValidator to correctly handle escaped spaces and eliminate misleading error messages during schema validation. f0268c0
• Resolved GraalVM native image compilation issues when using Java 22, improving compatibility and build success. 2cb1daa
• Fixed missing auto-configuration for OCI GenAI Inference client to ensure proper initialization 808dd7e
• Resolved missing auto-configuration classes to ensure all components are properly registered 3cc3a79
• Corrected issue where OpenAI gpt-oss models running on Amazon Bedrock returned null responses 88e03cd
• OpenSearch vector store now omits explicit IDs when manageDocumentIds=false, improving AWS Serverless compatibility with additional unit and integration tests 3618524
• Resolved issues in OpenSearch vector store integration tests 0f0f33e
• MCP client auto-configuration now supports optional handlers registry configuration #4920
• ClientMcp handlers registry now properly handles beans with unresolvable types #4918
• Fixed MongoDB vector store index creation to work across different Spring Data MongoDB versions 0821f48
• Enhanced retry logic for Oracle Vector Store integration test container startup 9950cf7

📓 Documentation

• Updated broken documentation link for Redis search queries to point to current documentation 1fa0e07
• Corrected typo in code comments for DefaultChatClientUtils a56380b
• Corrected documentation typo for HNSW (Hierarchical Navigable Small World) algorithm f476626

🔨 Dependency Upgrades

• Updated Apache Commons Lang to 3.18.0 to address CVE (Uncontrolled Recursion vulnerability). af6496a
• Updated Apache Commons Compress to 1.28.0 to fix CVEs (Infinite Loop and Resource Allocation vulnerabilities). 82424f8
• Updated Spring Boot dependency to version 3.5.8, bringing latest bug fixes and improvements from the Spring Boot framework. 2c854d3
• Updated io.swagger.core.v3:swagger-annotations from 2.2.30 to 2.2.38 1119293
• Updated MCP library dependencies to latest versions 5fcc557

... (truncated)

Commits

• 29047c5 Release version 1.1.1
• 2add90c Upgrade MCP support
• e08a614 Remove obsolete CI workflow
• 4585acd Change toolCallingManager visibility to protected
• b0a97c7 MethodToolCallback ToolExecutionException
• d4f22ce fix: Improve JSON error handling in MethodToolCallback
• e56b344 feat: add official OpenAI Java SDK integration (#4688)
• af6496a Upgrade commons-lang3 to 3.18.0 to fix CVE (Uncontrolled Recursion)
• 82424f8 Upgrade commons-compress to 1.28.0 to fix CVE (Infinite Loop, Resource Alloca...
• 3c3c3eb feat: Add native structured output support for ChatClient
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #15.