Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump spring-boot-dependencies from 2.7.11 to 2.7.12 #12372

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 22, 2023

Bumps spring-boot-dependencies from 2.7.11 to 2.7.12.

Release notes

Sourced from spring-boot-dependencies's releases.

v2.7.12

🐞 Bug Fixes

  • Welcome page may return a 404 when an acceptable response cannot be produced #35552
  • Invalid reference format error when tagging images using Podman #35358
  • FactoryBean.getObject for non-singleton executed when resetting mocks #35324
  • Can't use PEM encoded PKCS#8 EC keys with server.ssl.certificate-private-key #35322
  • Webflux server gracefulshutdown throws NullPointerException #35264
  • Health actuator mail details shows the port as -1 when using the default port #35247
  • SessionRepositoryFilterConfiguration can cause early initialization of SessionRepository beans including Redis #35240
  • Devtools main method search algorithm can find incorrect main method #35214
  • When a WebFlux app is deployed to Cloud Foundry some metrics are lost and numerous beans are ineligible for post-processing #35163
  • Liveness and readiness probes return down when lazy initialization is enabled #35161
  • Treating a null Flyway-specific password as an empty string prevents the use of PGPASS for authentication #35110
  • WebClient auto-configuration tries to use HttpComponentsClientHttpConnector when all required classes are not present #34964
  • MinIdle and MaxValidationTime properties missing for R2DBC pools #34724

📔 Documentation

  • Polish formatting of permitAll() endpoint security Kotlin example #35454
  • Wrong anchors in Maven plugin documentation #35371
  • Correct list of annotations that are equivalent to @SpringBootApplication #35180
  • Harmonize references to application.yaml files in reference docs #34628

🔨 Dependency Upgrades

  • Upgrade to Elasticsearch 7.17.10 #35339
  • Upgrade to Hazelcast 5.1.6 #35440
  • Upgrade to Johnzon 1.2.20 #35340
  • Upgrade to Json-smart 2.4.11 #35549
  • Upgrade to Micrometer 1.9.11 #35290
  • Upgrade to Netty 4.1.92.Final #35441
  • Upgrade to Reactor Bom 2020.0.32 #35291
  • Upgrade to Spring Data Bom 2021.2.12 #35292
  • Upgrade to Spring Integration 5.5.18 #35294
  • Upgrade to Tomcat 9.0.75 #35442

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​JunJaBoy, @​aasaru, @​davin111, and @​ivandimitrov8080

Commits
  • 64157f2 Release v2.7.12
  • 418dd1b Return 406 status code if welcome page is not accepted
  • cc2bb7c Upgrade to Json-smart 2.4.11
  • c0797ee Upgrade CI to Docker 24.0.0
  • 1cd3a32 Merge branch '2.6.x' into 2.7.x
  • 7f9fd04 Upgrade to Undertow 2.2.24.Final
  • 47f1fc5 Upgrade to Tomcat 9.0.75
  • 2e8ec62 Upgrade to Thymeleaf Extras SpringSecurity 3.0.5.RELEASE
  • ba7485b Upgrade to Spring WS 3.1.6
  • 1e5797f Upgrade to Spring Security 5.6.10
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the type/dependencies Pull requests that update a dependency file label May 22, 2023
Bumps [spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.7.11 to 2.7.12.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.7.11...v2.7.12)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/maven/org.springframework.boot-spring-boot-dependencies-2.7.12 branch from c1d1a02 to 8636a6f Compare May 23, 2023 12:12
@AlbumenJ AlbumenJ merged commit 0a27be1 into 3.2 May 23, 2023
@dependabot dependabot bot deleted the dependabot/maven/org.springframework.boot-spring-boot-dependencies-2.7.12 branch May 23, 2023 12:38
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type/dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant