Sring data and Hibernate, how to avoid child (non-owning side) entity deletion by Hibernate (without cascade)?

Hibernate ORM
3

Many thanks you for your answer. But it does not work for me.
Yes I am using Spring Data Rest.
I tried PATCH update like this :

In my controller :

     @PatchMapping(path="/user/{id}")
     public User updateUser(@RequestBody User user){
         return userService.updateUser(user);
     }

In the user service :

    @Override
    public User updateUser(User user) {
    	System.out.println("updateUserById : user id : " + user.getUserId());
    	System.out.println("user.getUserGroups().size() : " + user.getUserGroups().size());
    	System.out.println("user.getReports().size() : " + user.getReport().size());
		
        return userRepository.save(user);
    }

The console trace :

updateUserById : user id : 1
user.getUserGroups().size() : 0
user.getReport().size() : 0
2020-05-19 11:12:09.232 DEBUG org.hibernate.SQL : select user0_.user_id as user_id1_24_0_…
2020-05-19 11:12:09.232 DEBUG org.hibernate.SQL : select roles0_.role_id as role_id1_26_0_, …
2020-05-19 11:12:09.233 DEBUG org.hibernate.SQL : select managedgro0_.user_id as user_id1_9_0_ …
2020-05-19 11:12:09.234 DEBUG org.hibernate.SQL : select usergroups0_.user_id as user_id1_25_0_, usergroups0_.group_id as group_id2_25_0_, …
2020-05-19 11:12:09.235 DEBUG org.hibernate.SQL : update user set address_id=?, charter_acceptance_date=?, creation_date=?, email=?, first_name=?, …
2020-05-19 11:12:09.236 DEBUG org.hibernate.SQL : delete from managed_group where user_id=?
2020-05-19 11:12:09.236 DEBUG org.hibernate.SQL : delete from user_role where role_id=?
2020-05-19 11:12:09.237 DEBUG org.hibernate.SQL : delete from user_group where user_id=?
2020-05-19 11:12:09.249 DEBUG org.hibernate.SQL : select report0_.user_id as user_id7_15_0_, report0_.report_id as report_i1_15_0_, 14_9_ …
2020-05-19 11:12:09.251 DEBUG org.hibernate.SQL : select reports0_.device_id as device_i3_15_0_, reports0_.report_id as report_i1_15_0_, reports0_ …

I understand that the user I give to the service, has no group and no report because my frontend sent a json with only modyfied user fields and not linked objects.
But, as you can see, and even with PATCH method, roles, groups are deleted (the user is the owner of the relation) and reports are not deleted because Report is the owner of the relation beetwen User and Report object.

How to avoid theses delations ?

Best regards

Pascal