Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency org.springframework.boot:spring-boot-dependencies to v3 #38

Closed
wants to merge 1 commit into from

Conversation

tradeshift-renovate[bot]
Copy link

@tradeshift-renovate tradeshift-renovate bot commented Jan 20, 2024

This PR contains the following updates:

Package Type Update Change
org.springframework.boot:spring-boot-dependencies (source) import major 2.3.4.RELEASE -> 3.2.3

Release Notes

spring-projects/spring-boot (org.springframework.boot:spring-boot-dependencies)

v3.2.3

Compare Source

⚠️ Noteworthy

  • This release upgrades to Hibernate 6.4.4.Final. While it contains a number of valuable bug fixes, it does not work correctly in a native image. If you are using GraalVM, Hibernate should be temporarily downgraded to 6.4.2.Final using the hibernate.version property.

🐞 Bug Fixes

  • Nested jar URLs can not be resolved if the path contains spaces #​39675
  • Image building runs for a long time when a long image name is used and the tag contains an illegal character #​39638
  • Banner printing doesn't respect set charset #​39621
  • "micrometer.observations.*" configuration properties should be "management.observations.*" #​39600
  • Metadata reading during configuration class parsing uses the default resource loader rather than the application's resource loader #​39598
  • Several gson properties, including spring.gson.disable-html-escaping, do not behave correctly when set to false #​39524
  • Property placeholders aren't resolved when configuration property binding creates a Map from a property value using a converter #​39515
  • Gradle plugin allows the use of Gradle 7.4 but the documented and tested minimum is 7.5 #​39513
  • WebFlux auto-configuration should only configure the blocking executor when virtual threads are enabled #​39469
  • TestcontainersPropertySource assertion has typo #​39449
  • Webflux actuator endpoints respond with 500 when a parameter is missing #​39444
  • NoSuchMethod error when using the non-shaded Pulsar client and configuring authentications parameters #​39389
  • Jetty GracefulShutdown writes to System.out #​39360
  • Building images fails with Docker 25.0 when custom buildpacks are configured #​39347
  • Creating a RestClient from a RestTemplateBuilder-created RestTemplate requires double configuration of the baseUrl/rootUri #​39317
  • Auto-configured ConcurrentPulsarListenerContainerFactory and PulsarConsumerFactory cannot be injected into injection points with specific generic type information #​39308
  • Startup failure when you have multiple @DynamicPropertySources in Spring Boot 3.2.2 #​39297
  • Mockito's MockedStatic isn't closed in all cases #​39272
  • TracingProperties exposes package-private PropagationType from public methods #​39268

📔 Documentation

  • Add note regarding mixing of bundle-based and direct SSL configuration #​39641
  • Add link to Pulsar workaround when using environment variables for authentication #​39630
  • Document that task executor pool size properties are ignored when using virtual threads #​39629
  • Document default value for show-value configuration properties #​39596
  • Clarify that configuration properties only apply to the auto-configured OpenTelemetry Resource bean #​39509
  • Update the Debugging Documentation of the Spring Boot Maven Plugin #​39422
  • Awaitility link in Test Scoped Dependencies is incorrect #​39415
  • Fixed NestedJarFile constructor javadoc #​39285
  • Endpoint documentation contains the typo 'Unuthorized' #​39280
  • Update Revved up by Develocity badge #​39263

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​PiyalAhmed, @​Tish17, @​amritagg, @​dependabot[bot], @​eddumelendez, @​erichaagdev, @​gdmrw, @​jonas-grgt, @​kilink, @​lukasdo, @​okohub, @​onobc, @​ramilS, @​slovi, @​smurf667, @​snicoll, @​totti-dev, @​vj-atlassian, @​vjh0107, @​wanger26, and @​xpmxf4

v3.2.2

Compare Source

⚠️ Noteworthy Changes

  • Automatically enabling support for Micrometer's observation annotations when AspectJ is on the classpath has proven to be too much. A new property, micrometer.observations.annotations.enabled, has been introduced. It defaults to false. Set it to true to restore the previous behavior #​39128

🐞 Bug Fixes

  • SslBundle implementations do not provide useful toString() results #​39167
  • JarEntry.getComment() returns incorrect result from NestedJarFile instances #​39166
  • Mixing PEM and JKS certificate material in server.ssl properties does not work #​39158
  • Having AspectJ and Micrometer on the classpath is not a strong enough signal to enable support for Micrometer observation annotations #​39128
  • Actuator endpoints with no operations that use selectors are not accessible when mapped to / #​39122
  • Spring Boot 3.2 app that uses WebFlux, Security, and Actuator may fail to start due to a missing authentication manager #​39096
  • management.observations.http.server.requests.name no longer has any effect #​39083
  • spring.rabbitmq.listener.stream.auto-startup property has no effect #​39078
  • Error mark in the log message for PatternParseException is in the wrong place #​39075
  • Configuring server.jetty.max-connections has no effect #​39052
  • @ConfigurationPropertiesBinding converters that rely on initial CharSequence to String conversion no longer work #​39051
  • Manifest attributes cannot be resolved with the new loader implementation #​38996
  • Throwable from logging system initialization may result in the application silently failing to start #​38963
  • When using Jetty, idle timeout for IO operations and delayed dispatch cannot be set to less than 30000ms #​38960
  • spring-boot-maven-plugin repackage uber jar execution fails when jar is put on WSL network drive #​38956
  • Oracle OJDBC BOM version is flagged not for production use #​38943
  • Connection leak when using jOOQ and spring.jooq.sql-dialect has not been set #​38924
  • AutoConfigurationSorter does not always respect @AutoConfigureOrder(Ordered.LOWEST_PRECEDENCE) #​38916
  • Containers are not started when using @ImportTestcontainers #​38913
  • Even when spring.security.user.name or spring.security.user.password has been configured, user details auto-configuration still backs off when resource server is on the classpath #​38864
  • MockRestServiceServerAutoConfiguration with RestTemplate and RestClient together throws incorrect exception #​38820

📔 Documentation

  • Improve "Sanitize Sensitive Values" section in reference documentation #​39199
  • Fix link to Log4j2's JDK logging adapter documentation #​39171
  • Update CRaC support status link #​39170
  • Remove entry for OCI starter as it is no longer maintained #​39165
  • Update links to Micrometer docs in metrics section of reference docs #​39149
  • Use the term "tags" in documentation consistently #​39125
  • Correct the documentation on injecting dependencies into FailureAnalyzer implementations #​39100
  • Polish reference documentation #​38942
  • Document virtual threads limitations #​38883

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​724thomas, @​BenchmarkingBuffalo, @​FBibonne, @​Wzy19930507, @​amparab, @​dependabot[bot], @​dreis2211, @​okohub, @​onobc, @​sdeleuze, @​skcskitano, and @​tobias-lippert

v3.2.1

Compare Source

🐞 Bug Fixes

  • HibernateJpaAutoConfiguration should be applied before DataSourceTransactionManagerAutoConfiguration #​38880
  • META-INF entries are duplicated under BOOT-INF/classes causing "Conflicting persistence unit definitions" error #​38862
  • logging.include-application-name has no effect when using log4j2 #​38847
  • Pulsar authentication param properties cause IllegalStateException with Pulsar Client 3.1.0 #​38839
  • Child context created with SpringApplicationBuilder runs parents runners #​38837
  • getSigners() info is lost for signed jars when using the new loader implementation with requiresUnpack #​38833
  • TestContainers parallel initialization doesn't work properly #​38831
  • Zip file closed exceptions can be thrown due to StaticResourceJars closing jars from cached connections #​38770
  • Multi-byte filenames in zip files can cause an endless loop in ZipString.hash #​38751
  • Gradle task "bootJar" fails with "Failed to get permissions" when using Gradle 8.6-milestone-1 #​38741
  • Custom binding converters are ignored when working with collection types #​38734
  • WebFlux and resource server auto-configuration may fail due to null authentication manager #​38713
  • It is unclear that Docker Compose services have not been started as one or more is already running #​38661
  • Spring Boot jar launcher does not work in folders containing certain chars #​38660
  • FileNotFoundException is thrown eagerly from unused SSL bundles #​38659
  • NoUniqueBeanDefinitionFailureAnalyzer does not account for the fact that missing '-parameters' may be the cause #​38652
  • Traces are propagated if tracing is disabled #​38641
  • Missing registry auto-configuration for JMS listener observation support #​38613
  • Class loading fails on an interrupted thread causing com.mongodb.event.ServerClosedEvent to fail to load when Mongo detects a cluster change #​38611
  • Failures due to code not being compiled with '-parameters' are hard to identify #​38603
  • System SSL certificates are not used by the Apache HTTP Client in a RestTemplate built with RestTemplateBuilder #​38600
  • ZipFileSystem throws "java.util.zip.ZipException: read CEN tables failed" with certain nested jars #​38595
  • Nested jar URLs cannot be split and reassembled resulting in errors with projects that use this technique (such as JobRunr) #​38592
  • NoSuchMethodError can be thrown from Session.getCookie() due to binary incompatibilty #​38589
  • management.metrics.tags has been deprecated without a replacement working for all metrics #​38583
  • NegativeArraySizeException can be thrown from org.springframework.boot.loader.zip.ZipContent$Loader #​38572
  • Migration form 3.1.5 to 3.2.0 : "Default" Tracer is not provided in test anymore #​38568
  • TomcatWebServer stop doesn't close sockets for additional connectors #​38564
  • Port is already in use when using @SpringBootTest with a separate management port and a mock web environment #​38554
  • Keep-alive property causes processAot step to never finish #​38531
  • Setting 'spring.task.scheduling.shutdown.await-termination-period' does not result in a call to SimpleAsyncTaskScheduler#taskTerminationTimeout #​38530
  • Setting 'spring.task.execution.shutdown.await-termination-period' does not result in a call to SimpleAsyncTaskExecutor#taskTerminationTimeout #​38528
  • Nested URLs return null from classLoader.getResource("") causing ClassPathResource failures #​38524
  • Spring Boot 3.2 is not compatible with older versions of Liquibase #​38522
  • Controller level exceptions not getting populated in HTTP server requests metrics #​33731

📔 Documentation

  • Fix typo #​38879
  • Add the LangChain4J Spring Boot Starter to the list of community starters #​38776
  • Document prerequisites for Docker Compose support #​38764
  • Update Dynatrace documentation links #​38725
  • Correct references to Jetty's HTTP2 server module #​38632
  • Fix Observation Filter docs #​38586
  • Reinstate mention of testAndDevelopmentOnly when using Testcontainers at dev time #​38571

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​SandraAhlgrimm, @​aleksandrserbin, @​cachescrubber, @​dependabot[bot], @​gavlyukovskiy, @​ilies-bel, @​meiyese, @​onobc, @​pirgeo, @​quaff, @​shin-mallang, and @​tomfrenken

v3.2.0

Compare Source

⭐ New Features

  • Auto-configure observations for RestClients #​38500
  • Add support for Oracle Free, the replacement for Oracle XE, with Testcontainers and Docker Compose #​38476
  • Provide dependency management for org.crac:crac #​38378
  • Add new properties for Liquibase 4.24.0 #​38274
  • Provide a way to create custom ApplicationContextFactory in SpringBootContextLoader #​38205
  • Report friendly error when failing to find AOT initializer #​38188

🐞 Bug Fixes

  • Annotation based ConditionalOnBean checks can cause early initialization of FactoryBeans #​38507
  • CRaC restoration fails when Actuator's running on a separate port #​38502
  • App that depends on Tomcat and on Jetty's websocket-server module fails to start with IllegalStateException: WebSocketComponents has not been created #​38286
  • App fails to start with a NoSuchMethodError when using Flyway 10.0.0 #​38268
  • MeterRegistry throws BeanCreationNotAllowedException on shutdown #​38240
  • Resolution of productionRuntimeClasspath configuration may select the wrong variant and contain a dependency's source jar #​38233
  • Docker JSON parsing fails on certain locales #​38220
  • FileNotFoundException is thrown serving resources due to JarUrlConnection.getLastModified() returning zero #​38204
  • Failed to extract parameter names exception thrown when binding with non-enumerable property source #​38201
  • Spring Boot 3.2.0-RC1 application fails on JDK with CRaC but without a dependency on org.crac:crac #​38186
  • Missing configuration processing for PartEvent support #​37642

📔 Documentation

  • Document supported SQL comment prefixes #​38496
  • Update access log pattern documentation to align with changes in Tomcat 10 #​38425
  • Update Dynatrace docs with info about the meter metadata toggle #​38368
  • Improve documentation regarding tracing in tests #​38362
  • Document the accepted inputs when configuring tags on spring-boot:build-image and bootBuildImage #​38354
  • Document how to use cloudfoundry specific actuators with a custom base path for webflux applications #​38353
  • Document Liberica JDK with CRaC #​38350
  • Add a Restarting a stopped or failed Job section to the batch howto #​38341
  • Clarify documentation on importing Testcontainer declarations and using @ServiceConnection or @DynamicPropertySource #​38337
  • Make distinction between Testcontainers for integration tests and development more clear in documentation #​38336
  • When using Testcontainers at development time with @ServiceConnection on a @Bean method, describe when to use the name attribute and why #​38335
  • Fix link to Elasticsearch health indicator #​38334
  • Update Spring Framework documentation links #​38289
  • Code sample in "Developing Your First Spring Boot Application" does not work #​38272
  • Improve --help and documentation for "encodepassword -a/--algorithm" in the Spring Boot CLI #​38249
  • Add how-to documentation for test-only database migrations with Flyway/Liquibase #​38231
  • Document that PEM content can be used directly in application.yaml #​38215
  • Document that TomcatConnectorCustomizers are not applied to additional connectors #​38198

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​EvaristeGalois11, @​PENEKhun, @​abdullah-jaffer, @​audtjddld, @​cachescrubber, @​dreis2211, @​eddumelendez, @​izeye, @​jonatan-ivanov, @​pirgeo, @​quaff, and @​sdeleuze

v3.1.9

Compare Source

⚠️ Noteworthy

  • This release upgrades to Hibernate 6.2.22.Final. While it contains a number of valuable bug fixes, it does not work correctly in a native image. If you are using GraalVM, Hibernate should be temporarily downgraded to 6.2.20.Final using the hibernate.version property.

🐞 Bug Fixes

  • Image building runs for a long time when a long image name is used and the tag contains an illegal character #​39617
  • Banner printing doesn't respect set charset #​39601
  • Gradle plugin allows the use of Gradle 7.4 but the documented and tested minimum is 7.5 #​39508
  • Property placeholders aren't resolved when configuration property binding creates a Map from a property value using a converter #​39507
  • Several gson properties, including spring.gson.disable-html-escaping, do not behave correctly when set to false #​39504
  • TestcontainersPropertySource assertion has typo #​39440
  • Building images fails with Docker 25.0 when custom buildpacks are configured #​39323
  • Metadata reading during configuration class parsing uses the default resource loader rather than the application's resource loader #​39321
  • Mockito's MockedStatic isn't closed in all cases #​39271
  • TracingProperties exposes package-private PropagationType from public methods #​39265
  • Webflux actuator endpoints respond with 500 when a parameter is missing #​39236

📔 Documentation

  • Add note regarding mixing of bundle-based and direct SSL configuration #​39616
  • Document default value for show-value configuration properties #​39589
  • Update the Debugging Documentation of the Spring Boot Maven Plugin #​39392
  • Endpoint documentation contains the typo 'Unuthorized' #​39279
  • Update Revved up by Develocity badge #​39242

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​amritagg, @​dependabot[bot], @​erichaagdev, @​gdmrw, @​lukasdo, @​smurf667, @​snicoll, @​totti-dev, @​vj-atlassian, @​vjh0107, and @​wanger26

v3.1.8

Compare Source

🐞 Bug Fixes

  • SslBundle implementations do not provide useful toString() results #​39137
  • Mixing PEM and JKS certificate material in server.ssl properties does not work #​39105
  • spring.rabbitmq.listener.stream.auto-startup property has no effect #​39072
  • Error mark in the log message for PatternParseException is in the wrong place #​38944
  • AutoConfigurationSorter does not always respect @AutoConfigureOrder(Ordered.LOWEST_PRECEDENCE) #​38904
  • Throwable from logging system initialization may result in the application silently failing to start #​38885
  • Actuator endpoints with no operations that use selectors are not accessible when mapped to / #​35426

📔 Documentation

  • Remove entry for OCI starter as it is no longer maintained #​39164
  • Fix link to Log4j2's JDK logging adapter documentation #​39163
  • Update links to Micrometer docs in metrics section of reference docs #​39114
  • Correct the documentation on injecting dependencies into FailureAnalyzer implementations #​39099
  • Improve "Sanitize Sensitive Values" section in reference documentation #​39094

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​BenchmarkingBuffalo, @​FBibonne, @​Wzy19930507, @​amparab, @​dependabot[bot], @​dreis2211, and @​tobias-lippert

v3.1.7

Compare Source

🐞 Bug Fixes

  • HibernateJpaAutoConfiguration should be applied before DataSourceTransactionManagerAutoConfiguration #​38861
  • Zip file closed exceptions can be thrown due to StaticResourceJars closing jars from cached connections #​38766
  • Gradle task "bootJar" fails with "Failed to get permissions" when using Gradle 8.6-milestone-1 #​38718
  • Child context created with SpringApplicationBuilder runs parents runners #​38647
  • System SSL certificates are not used by the Apache HTTP Client in a RestTemplate built with RestTemplateBuilder #​38591
  • It is unclear that Docker Compose services have not been started as one or more is already running #​38398

📔 Documentation

🔨 Dependency Upgrades


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@tradeshift-renovate tradeshift-renovate bot added the dependencies Pull requests that update a dependency file label Jan 20, 2024
Copy link

🤖 Useful commands 🤖

mvn deploy - build and deploy a snapshot release to test in another component 🚀
rerun or rerun failed- restart the build pipeline - useful if you suspect flaky tests! 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant