Bump assertj-core from 3.26.3 to 3.27.7 to fix CVE-2026-24400

pom.xml

@@ -121,6 +121,7 @@
         <perfmark-api.version>0.27.0</perfmark-api.version>
         <threetenbp.version>1.7.0</threetenbp.version>
         <!--         TEST SCOPE         -->
+        <assertj.version>3.27.7</assertj.version> <!-- to fix CVE-2026-24400 (XXE). TODO: remove when fixed in spring-boot-dependencies -->
         <dbunit.version>2.7.3</dbunit.version>
         <java-websocket.version>1.5.6</java-websocket.version>
         <mock-server.version>5.15.0</mock-server.version>
@@ -929,6 +930,15 @@
             </dependency>
             <!-- End of Jackson version override -->
 
+            <!-- Temporary assertj-core version override -->
+            <dependency>
+                <groupId>org.assertj</groupId>
+                <artifactId>assertj-core</artifactId>
+                <version>${assertj.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <!-- End of assertj-core version override -->
+
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>