Implement Spring Boot 4 adoption checklist: Priority 0 migrations

[Copilot]

• Add ApiExceptionAdvice (@RestControllerAdvice) returning ProblemDetail for REST API errors (Priority 0, item 1)
• Add test for ApiExceptionAdvice asserting RFC 9457-style fields (type, title, status, detail, instance)
• Replace RestTemplate bean in WrongSecretsApplication with RestClient (with 5s/10s timeout configuration) (Priority 0, item 2)
• Migrate SlackNotificationService from RestTemplate to RestClient fluent API (Priority 0, item 2)
• Update SlackNotificationServiceTest to mock RestClient chain instead of RestTemplate
• Fix CI compile error: replace argThat with pattern variable by ArgumentCaptor<Object> in SlackNotificationServiceTest to avoid RestClient.RequestBodySpec.body() overload ambiguity
• Fix CI test failure: add @MockitoSettings(strictness = Strictness.LENIENT) to SlackNotificationServiceTest so @BeforeEach stubs don't cause UnnecessaryStubbingException in negative tests that never invoke the RestClient chain
• Add -Xlint:deprecation compiler arg to Maven build for deprecation gate in CI (Priority 0, item 3)
• Update SPRING_BOOT_4_ADOPTION_CHECKLIST.md to mark completed items

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Can you finish spring boot migration?</issue_title>
<issue_description>Can you implement docs/SPRING_BOOT_4_ADOPTION_CHECKLIST.md</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Can you finish spring boot migration? #2429

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

[commjoen]

@copilot can you fix the failing GitHub actions please?

[Copilot]

@copilot can you fix the failing GitHub actions please?

Fixed in commit edd9ad3. The compile error was in SlackNotificationServiceTest — the argThat lambda with a pattern variable was being resolved by the compiler as StreamingHttpOutputMessage.Body (a functional interface) instead of Object, due to overload ambiguity in RestClient.RequestBodySpec.body(). Replaced those two assertions with ArgumentCaptor<Object> to capture and assert the body value explicitly.

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2430

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2430-1bd101b

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2430)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2430-1bd101b
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2430-1bd101b

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/ApiExceptionAdvice.java
- src/main/java/org/owasp/wrongsecrets/WrongSecretsApplication.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/SlackNotificationService.java

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2430}

[commjoen]

@copilot can you fix the failing github actions

[Copilot]

@copilot can you fix the failing github actions

Fixed in commit ea43309. Three tests (shouldNotSendNotificationWhenSlackNotConfigured, shouldNotSendNotificationWhenWebhookUrlNotSet, shouldNotSendNotificationWhenWebhookUrlIsInvalid) were failing with UnnecessaryStubbingException — these tests never call restClient.post() because Slack isn't configured, so the @BeforeEach stubs went unused. Added @MockitoSettings(strictness = Strictness.LENIENT) to the test class to allow shared setup stubs to coexist with tests that don't invoke them.

[github-actions]

🌐 GitHub Pages Preview Ready!

Your static preview is now available at:
🔗 Preview PR #2430

📄 What's included:

• ✅ All CSS, JavaScript, and static assets (embedded inline)
• ✅ Current styling and layout preview
• ✅ Images, icons, and UI components
• ✅ NEW: Generated HTML from Thymeleaf templates
  • 🏠 Home/Welcome Page
  • ℹ️ About Page
  • 📊 Stats & Config Page
  • 🤖 Challenge 57: LLM Security (Latest)
  • 🧩 Challenge Example

For full functionality testing: Use the Docker preview instead.

🔄 Auto-updates: This preview will be updated automatically when you push new commits to this PR.

---

_{Static preview with Thymeleaf generation by GitHub Actions}

[github-actions]

🔨 Preview Build Complete!

Your changes have been built and pushed to GitHub Container Registry.

🐳 Docker Image: ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2430-bd7b1fe

📦 Download & Test Locally:

1. 📁 Download Docker Image Artifact (look for wrongsecrets-preview-pr-2430)
2. Load and run the image:

# Download the artifact, extract it, then:
docker load < wrongsecrets-preview.tar
docker run -p 8080:8080 wrongsecrets-preview

🚀 Alternative - Pull from Registry:

docker pull ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2430-bd7b1fe
docker run -p 8080:8080 ghcr.io/owasp/wrongsecrets/wrongsecrets-pr:pr-2430-bd7b1fe

Then visit: http://localhost:8080

📝 Changes in this PR:
- src/main/java/org/owasp/wrongsecrets/ApiExceptionAdvice.java
- src/main/java/org/owasp/wrongsecrets/WrongSecretsApplication.java
- src/main/java/org/owasp/wrongsecrets/challenges/docker/SlackNotificationService.java

Visual diff screenshots will be available shortly...

---

_{Preview built by GitHub Actions}

[github-actions]

📸 Visual Diff Ready!

Screenshots comparing your changes with the main branch are available:

📁 Download Visual Diff Artifacts

🖼️ Included screenshots:

• pr-home.png vs main-home.png - Welcome page comparison
• pr-about.png vs main-about.png - About page comparison
• pr-challenge.png vs main-challenge.png - Challenge page comparison

🔍 How to review:

1. Download the artifact zip file
2. Extract and compare the pr-* and main-* images side by side
3. Look for visual differences in layout, styling, and content

💡 Tip: Use an image comparison tool or open both images in separate browser tabs to spot differences easily.

---

_{Visual diff generated by GitHub Actions • PR #2430}