Skip to content

fix(deps): update spring boot to v2.7.11

RenovateBot requested to merge renovate-spring-boot into main

This MR contains the following updates:

Package Change Age Adoption Passing Confidence
org.springframework.boot:spring-boot-starter-test (source) 2.6.4 -> 2.7.11 age adoption passing confidence
org.springframework.boot:spring-boot-devtools (source) 2.6.4 -> 2.7.11 age adoption passing confidence
org.springframework.boot:spring-boot-starter-log4j2 (source) 2.6.4 -> 2.7.11 age adoption passing confidence
org.springframework.boot:spring-boot-starter-web (source) 2.6.4 -> 2.7.11 age adoption passing confidence
org.springframework.boot:spring-boot-starter-quartz (source) 2.6.4 -> 2.7.11 age adoption passing confidence
org.springframework.boot:spring-boot-starter-mail (source) 2.6.4 -> 2.7.11 age adoption passing confidence
org.springframework.boot (source) 2.6.3 -> 2.7.11 age adoption passing confidence

Release Notes

spring-projects/spring-boot

v2.7.11

:lady_beetle: Bug Fixes
  • CloudFoundry integration does not use endpoint path mappings #​35085
  • Gradle Spring Boot plugin with Kotlin DSL does not support includeProjectDependencies in bootJar > layered > dependencies configuration #​35033
  • Banner placeholders use default values too soon #​34764
  • Cassandra default configuration substitutions don't resolve against configuration derived from spring.data.cassandra properties #​34643
  • ApplicationAvailability bean is auto-configured even if a custom one is already present #​34347
  • Nested test classes don't inherit properties from slice test annotations on enclosing class #​33317
📔 Documentation
  • Use current Neo4j version in Testcontainers-based examples #​34775
  • Clarify servlet container compatibility #​34697
  • Document that optional dependencies are included by default in fat jars built with Maven #​34636
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​SeasonPanPan, @​acktsap, @​dreis2211, @​jgslima, @​krzyk, and @​meistermeier

v2.7.10

:lady_beetle: Bug Fixes

  • Some of the deprecated spring.security.saml2.relyingparty.registration.*.identityprovider.* properties are ignored #​34525
  • Maven plugin uses timezone-local timestamps when outputTimestamp is used #​34424
  • Loading application.yml fails with NoSuchMethodError when using SnakeYAML 2.0 #​34405
  • EmbeddedWebServerFactoryCustomizerAutoConfiguration should not run when embedded web server is not configured #​34332
  • Image builds with podman fail when image buildpacks are configured #​34324
  • org.springframework.boot.web.embedded.jetty.GracefulShutdown uses the wrong class to create its logger #​34220
  • StandardConfigDataResource can import the same file twice if the classpath includes '.' #​34212

📔 Documentation

  • Document support for Java 20 #​34642
  • Update two references to old APIs #​34567
  • Clarify conventions for custom error pages in WebFlux #​34534
  • Add documentation tip showing how to configure publishRegistry Maven properties from the command line #​34517
  • Document support for Gradle 8 #​34458
  • Document how to get socket location for image building configuration with podman #​34435
  • Fix typo in Encrypting Properties #​34386
  • Use plugins DSL consistently in Spring Boot Gradle Plugin docs #​34048
  • Add link to Failover starter #​32943

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​1993heqiang, @​anandmnair, @​anthonydahanne, @​dsyer, @​izeye, @​jongwooo, and @​terminux

v2.7.9

:lady_beetle: Bug Fixes
  • Maven Plugin's PropertiesMergingResourceTransformer closes InputStream when it should not do so #​34063
  • Actuator Health web endpoint broken with Gson and Java 17 #​34030
  • Dependency management for Mongo's Java Driver is incomplete #​33941
  • Using devtools with Reactive application results in slower restarts #​33855
  • Spies are not reset after test execution when using @SpyBean #​33830
  • Properties Migrator does not detect properties of Map type that are marked as deprecated #​27854
📔 Documentation
  • Updated documentation for @ConfigurationProperties bean naming rules #​34029
  • Restore "Use Jedis Instead of Lettuce" how-to documentation #​33994
  • Add Redis application properties example #​33965
  • Use Maven Central for release downloads in CLI installation documentation #​33962
  • Actuator section is missing from documentation overview #​33932
  • Add Javadoc since to OperationParameter.getAnnotation() #​33914
  • Document additional configuration that is required for spring.mvc.throw-exception-if-no-handler-found=true to be effective #​31660
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​Anubhav-2000, @​enimiste, @​izeye, @​jprinet, @​marcel-wollschlaeger, @​mhalbritter, @​michaldo, and @​sannanansari

v2.7.8

Noteworthy

:lady_beetle: Bug Fixes

  • Devtools sets non-existent property spring.reactor.debug #​33858
  • Failing calls to reactive health indicators are not logged #​33774
  • Failure analysis of NoUniqueBeanDefinitionException reports "defined in null" when bean definition has no resource description #​33765
  • NPE in RabbitProperties when user is given, but password not #​33752
  • SDKMAN should not use repo.spring.io for releases #​33708
  • Homebrew and Scoop should not use repo.spring.io for releases #​33702
  • EndpointRequestMatcher should have a toString method #​33690
  • It is not possible to provide a custom TransactionProvider bean for JOOQ #​32899
  • SpringBootMockResolver causes AopTestUtils.getUltimateTargetObject to recurse until the stack overflows when it calls it with Spring Security's authentication manager bean #​32632
  • Inconsistent discovery of parameter names for selectors in custom actuator endpoints #​31240
  • @DeprecatedConfigurationProperty has no effect when declared on a record component's accessor method #​29526
  • Headless mode is forced when banner.* file is present. #​28803
  • Diagnostics are poor when the JMX port used by the Maven start goal is in use #​24044

📔 Documentation

  • Replace "via" in documentation and use "over" or "through" instead #​33878
  • Fix typo in kotlin getting started documentation #​33867
  • Update com.gorylenko.gradle-git-properties version to 2.4.1 in doc #​33838
  • Fix 'the the' typos #​33736
  • Fix typo in javadoc of org.springframework.boot.web.server.LocalServerPort #​33683
  • Fix a typo in the ExitCodeGenerator documentation #​33658
  • Fix typo in External Configuration documentation #​33630
  • Update getting started documentation to use @SpringBootApplication #​32795
  • Description of spring-boot-starter-websocket does not make it clear that it's Servlet-specific #​32493

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​BartR96, @​devrishal, @​dreis2211, @​izeye, @​josephlane, @​kvmw, @​mhalbritter, @​sannanansari, @​sdeleuze, @​yyjstudy, and @​zhangyanyue

v2.7.7

:lady_beetle: Bug Fixes

  • Fix typo in LocalDevToolsAutoConfiguration logging #​33569
  • Web server fails to start due to "Resource location must not be null" when attempting to use a PKCS 11 KeyStore #​32179

📔 Documentation

  • Improve gradle plugin tags documentation #​33614
  • Improve maven plugin tags documentation #​33609
  • Fix typo in tomcat accesslog checkExists doc #​33460
  • Document that the shutdown endpoint is not intended for use when deploying a war to a servlet container #​17398

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​Artur-, @​aksh1618, @​cdanger, @​currenjin, @​jprinet, and @​shekharAggarwal

v2.7.6

:lady_beetle: Bug Fixes

  • ScheduledBeanLazyInitializationExcludeFilter is auto-configured even when annotation-based scheduled has not been enabled #​33283
  • SpringBootContextLoader prints banner twice when using a @ContextHierarchy #​33262
  • Properties migrator causes an application to fail to start if it tries to map a property whose metadata data entry contains an invalid configuration property name #​33249
  • Configuration property binding does not deal with bridge methods #​33211
  • Configuring management.server.port via a config tree results in a ConverterNotFoundException when the management context is refreshed #​33168
  • Dependency management for XMLUnit is incomplete #​32999
  • Spring Boot's Lettuce metrics enable histrograms by default and it's hard to switch them off #​32989
  • Dependency management for Selenium is incomplete #​32861
  • NumberFormatException when configuring spring.redis.sentinel.nodes with an IPv6 address #​32836

📔 Documentation

  • Align Tomcat multiple connectors example with recommendation to configure SSL declaratively #​33331
  • ConditionalOnClass not working for Bean methods on Java 8 #​33328
  • Actuator document is misleading about k8s startup probe #​33326
  • Link to Micrometer's @Timed documentation #​33265
  • Clarify use of the spring.cache.type property with Hazelcast #​33257
  • Example git.commit.time in the Actuator API documentation is thousands of years in the future #​33255
  • Links to Features describes sections that have moved elsewhere #​33213
  • Fix kafka streams auto start description typo in reference docs #​33101
  • OAuth 2 configuration example uses unrecognized value for authorization grant type #​33068
  • Fix typos in logging.adoc #​32820
  • Harmonize code sample in the "Type-safe Configuration Properties" section #​32818

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​EricGao888, @​biergit, @​dreis2211, @​eurythmia, @​hpoettker, @​iamgd67, @​izeye, @​jamessoun93, and @​sdeleuze

v2.7.5

:lady_beetle: Bug Fixes
  • Multi-Document-Separators "#---" comment checks do not account for '!' prefixed comments #​32777
  • Actuator configprops endpoint does not display DataSize properties correctly #​32775
  • @Bean methods in KafkaAutoConfiguration provide less type information than they could #​32773
  • PEM formatted elliptic-curve TLS keys are an unrecognized private key format #​32681
  • Assertion calls on CapturedOutput with Kotlin are very slow #​32575
  • Empty @DefaultValue cannot be used on collections, maps, arrays or optional values #​32563
  • CouchbaseReactiveHealthIndicator uses blocking API to retrieve the cluster diagnostics #​32513
  • BootBuildImage's archiveFile property is annotated as an @Input but should be annotated as an @InputFile #​32499
📔 Documentation
  • Remove redundant @ExtendWith(SpringExtension.class) from MyJmxTests example #​32515
🔨 Dependency Upgrades
  • Upgrade to Byte Buddy 1.12.18 #​32697
  • Upgrade to Dependency Management Plugin 1.0.15.RELEASE #​32786
  • Upgrade to Ehcache3 3.10.2 #​32663
  • Upgrade to Embedded Mongo 3.4.11 #​32664
  • Upgrade to Glassfish JAXB 2.3.7 #​32787
  • Upgrade to Hazelcast 5.1.4 #​32698
  • Upgrade to Hibernate 5.6.12.Final #​32665
  • Upgrade to Infinispan 13.0.12.Final #​32788
  • Upgrade to Jackson Bom 2.13.4.20221013 #​32724
  • Upgrade to Jetty Reactive HTTPClient 1.1.13 #​32699
  • Upgrade to Lettuce 6.1.10.RELEASE #​32666
  • Upgrade to Micrometer 1.9.5 #​32591
  • Upgrade to MySQL 8.0.31 and extend dependency management to new Maven identifiers #​32781
  • Upgrade to Netty 4.1.84.Final #​32700
  • Upgrade to Reactor 2020.0.24 #​32592
  • Upgrade to Spring Data 2021.2.5 #​32595
  • Upgrade to Spring Kafka 2.8.10 #​32596
  • Upgrade to Spring Retry 1.3.4 #​32594
  • Upgrade to Spring Security 5.7.4 #​32597
  • Upgrade to Tomcat 9.0.68 #​32667
  • Upgrade to Undertow 2.2.20.Final #​32668
Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.4

New Features
:lady_beetle: Bug Fixes
  • DataSource logging in H2 console auto-configuration causes Hikari's threads to have the wrong thread context class loader #​32406
  • Hazelcast auto-configuration recognizes hazelcast.xml and hazelcast.yaml files but not hazelcast.yml #​32247
  • Detection of PeriodStyle.ISO8601 does not support lower-case input #​32244
  • Detection of DurationStyle.ISO8601 does not support lower-case input #​32231
  • YAML timestamps not handled properly with SnakeYaml 1.31 #​32229
  • Hazelcast shutdown logs are not available out-of-the-box #​32184
  • Netty 'spring.netty leak detection' default property value is always applied to resource leak detector #​32145
  • Error "/var/run/docker.sock: connect: permission denied" occurs when building an image using podman on Fedora with SELinux enabled #​32000
📔 Documentation
  • Document support for JDK 19 #​32402
  • Clarify documentation of config sub-directory from which external application properties are read #​32291
  • Clarify documentation on disabling web client request metrics #​32198
  • Kotlin sample is missing for constructor binding #​32177
  • Remove out-of-date link from auto-configuration documentation #​32174
  • Improve @ConditionalOnClass javadoc regarding use on @Bean methods #​32167
  • Document classpath* location for looking up GraphQL schemas across modules #​31772
🔨 Dependency Upgrades
Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.3

:lady_beetle: Bug Fixes
  • Misleading error message when using JarMode Layertools and the source is not an archive #​32097
  • ClassNotFoundException can be thrown for classes in nested jars when under GC pressure #​32085
  • Flyway auto-configuration fails with Flyway 9 #​32034
  • BasicJsonParser does not protect against deeply nested maps #​32031
  • OptionalLiveReloadServer logs the wrong port number when it is configured to use an ephemeral port #​31984
  • Servlet WebServerStartStopLifecycle doesn't set running to false on stop #​31967
  • JUL-based logging performed during close of application context is lost #​31963
  • The hash of spring-boot-jarmode-layertools.jar that's added to a fat jar doesn't match the hash of the equivalent published artifact #​31949
  • management.endpoint.health.probes.add-additional-paths has no effect when configuration properties have already created the liveness and/or readiness groups #​31926
  • UnsupportedDataSourcePropertyException is thrown when attempting to set jdbcUrl for C3P0 #​31921
  • Dev Tools restart failures caused by a too short quiet period are hard to diagnose #​31906
  • HealthContributor beans managed by a CompositeHealthContributor are recreated on each call #​31879
  • Dependency management for REST Assured is incomplete #​31877
  • Jar Handler never clears MROTOCOL_HANDLER system property #​31875
  • BasicJsonParser can fail with a timeout or stackoverflow with malformed map JSON #​31873
  • BasicJsonParser can fail with a stackoverflow exception #​31871
📔 Documentation
  • Review Git contribution documentation #​32099
  • Documentation for Maven Plugin classifier has an unresolved external reference #​32043
  • Update Static Content reference documentation to reflect the DefaultServlet no longer being enabled by default #​32026
  • Example log output is out-of-date and inconsistent #​31987
  • Document that Undertow's record-request-start-time server option must be enabled for %D to work in access logging #​31976
  • Update documentation on using H2C to consider running behind a proxy that's performing TLS termination #​31974
  • Some properties in the Common Application Properties appendix have no description #​31971
  • Fix links in documentations #​31951
  • External configuration documentation uses incorrect placeholder syntax #​31943
  • server.reactive.session.cookie properties are not listed in the application properties appendix #​31914
  • Remove documentation and metadata references to ConfigFileApplicationListener #​31901
  • Metadata for 'spring.beaninfo.ignore' has incorrect SourceType #​31899
  • Remove reference to nitrite-spring-boot-starter #​31893
  • Remove reference to Azure Application Insights #​31890
  • Fix typos in code and documentation #​31865
🔨 Dependency Upgrades
Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.2

:lady_beetle: Bug Fixes

  • Publishing a docker image to a private registry fails without authentication #​31824
  • In a non-reactive application, health indicators in a parent context are not found #​31818
  • Dependency management for Derby is incomplete #​31814
  • ApplicationPid doesn't log a warning if it takes a long time to return #​31810
  • A router function with attributes causes /actuator/mappings to return a 500 response due to an UnsupportedOperationException #​31806
  • InstanceAlreadyExistsException when using Actuator with multiple context and JMX enabled #​31804
  • Using 'ImportAutoConfigurationImportSelector' in the jar package loaded by a custom class loader throws ClassNotFoundException #​31801
  • GraphQL auto-configuration does not configure the GrapQlSource with SubscriptionExceptionResolver beans #​31794
  • Trailing whitespace in the value of a property is hard to identify in failure analysis descriptions #​31780
  • Log4j2's shutdown hook is not disabled when using Log4j 2.18 or later #​31732
  • HTTP Server and Data repositories metrics record null for the description #​31706
  • Deprecation hint for spring.data.mongodb.grid-fs-database is located in the wrong section #​31690
  • Image building fails with latest Paketo base builder and additional buildpacks configured #​31558
  • Tomcat fails to start when PEM files are used and key-store-password is not specified #​31253

📔 Documentation

  • Clarify how docker image publishing registry is determined #​31826
  • Fix typo in "HTTP and WebSocket" section of GraphQL documentation #​31518

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.1

:lady_beetle: Bug Fixes

  • Values in a spring.data.cassandra.config file can't override some defaults defined in CassandraProperties #​31503
  • @RestControllerAdvice @ExceptionHandler Inconsistent behavior with @RestControllerEndpoint #​31501
  • Malformed json causes BasicJsonParser to throw a NullPointerException #​31499
  • Metadata generated by the configuration properties annotation processor can miss inherited properties from nested classes #​31484
  • JarFile implementation calls close early which breaks verification of signed unpacked nested jars on Oracle JDK #​31395
  • Health indicators that take a long time to respond are difficult to diagnose #​31384
  • Custom Converter annotated with @ConfigurationPropertiesBinding does not get selected if targetType has a static factory method different return type #​31341
  • Tomcat server.max-http-header-size property is ignored when using HTTP/2 #​31329
  • OAuth2 Resource Server Auto-Configuration can only configure a single JWS algorithm #​31321
  • Maven shade plugin configuration in spring-boot-starter-parent does not append META-INF/spring/*.imports files #​31316
  • GraphQL RouterFunctions are unordered which prevents other functions from being ordered after them #​31314
  • spring-boot-dependencies manages spring-ldap-ldif-batch which no longer exists #​31254
  • Dependency task can fail due to BootJar and BootWar afterResolve hooks #​31213
  • MimeMappings does not include application/wasm #​31188
  • spring-configuration-metadata.json is missing for additional-spring-configuration-metadata.json after switching from @Configuration to @AutoConfiguration #​31186
  • Binder(ConfigurationPropertySource... sources) does not assert that sources contains only non-null elements #​31183
  • WebMvcMetricsFilter stopped working since 2.7.0 #​31150
  • Dependency management for mimepull is redundant and the managed version is incompatible with Java 8 #​31145
  • layers.xsd is out of sync with the documentation and implementation for including and excluding module dependencies #​31128

📔 Documentation

  • Make SpringApplication Kotlin samples idiomatic #​31463
  • Harmonize Kotlin example #​31458
  • Remove duplicate content from "The Spring WebFlux Framework" section #​31381
  • Document that property placeholders should use the canonical property name form #​31369
  • Fix typos in the reference documentation #​31366
  • Enable Links for the Javadoc of the Gradle Plugin #​31362
  • Remove "earlier in this chapter" from places where content is now elsewhere in the documentation #​31360
  • Restore custom favicon documentation #​31358
  • Document that when using Lombok it must be configured to run before spring-boot-configuration-processor #​31356
  • Use Lambda-based API in Spring Security examples #​31354
  • Fix typo in name of imports file in javadoc of ImportCandidates.from #​31277
  • Typos in documentation ("spring-factories" instead of "spring.factories") #​31206
  • Fix Custom Layers Configuration section title in Maven plugin docs #​31180
  • org.springframework.boot.actuate.autoconfigure.metrics.graphql has no package info #​31140
  • Update Dynatrace Micrometer registry documentation #​31132

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.0

See the Release notes for 2.7 for upgrade instructions and details of new features.

New Features

  • Revert to using "application/json" as default MIME type for GraphQL while remaining compatible with "application/graphql+json" #​30860
  • Allow customization of single logout in auto-configured SAML relying party registration #​30128

:lady_beetle: Bug Fixes

  • Default properties configured on SpringApplication have higher precedence than properties configured with @PropertySource #​31093
  • A failure when an instrumented WebClient records metrics causes the request to fail #​31089
  • Dependency management for Artemis is incomplete #​31079
  • Configuration properties for Statsd's buffered and step properties are missing #​31059
  • Debug logging for requests to WebFlux-based Actuator endpoints does not identify the endpoint #​30887
  • @ConditionalOnProperty meta annotation with @AliasFor does not work #​30874
  • Event handling in JobExecutionExitCodeGenerator is not thread-safe #​30846
  • Hibernate service loading logs HHH000505 warnings for ServiceConfigurationError with Gradle-built jars since 2.5.10 when using Java 11 or later #​30791
  • Cryptic startup failure with bare LOGGING_LEVEL environment variable #​30789
  • SearchStrategy argument of MethodValidationExcludeFilter byAnnotation(Class, SearchStrategy) is not used #​30787
  • spring.security.saml2.relyingparty.registration..asserting-party. properties contain unwanted hyphen in asserting-party #​30785
  • DevTools sets deprecated spring.mustache.cache property #​30774

📔 Documentation

  • Extend documentation on Datadog metrics #​30997
  • Fix link to Upgrading From 1.x in multi-page documentation #​30995
  • Document support for Java 18 #​30782

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.14

:lady_beetle: Bug Fixes

  • ScheduledBeanLazyInitializationExcludeFilter is auto-configured even when annotation-based scheduled has not been enabled #​33276
  • Configuration property binding does not deal with bridge methods #​33105
  • SpringBootContextLoader prints banner twice when using a @ContextHierarchy #​33079
  • Dependency management for XMLUnit is incomplete #​32998
  • Spring Boot's Lettuce metrics enable histrograms by default and it's hard to switch them off #​32985
  • Configuring management.server.port via a config tree results in a ConverterNotFoundException when the management context is refreshed #​32941
  • NumberFormatException when configuring spring.redis.sentinel.nodes with an IPv6 address #​32762
  • Properties migrator causes an application to fail to start if it tries to map a property whose metadata data entry contains an invalid configuration property name #​32729
  • Dependency management for Selenium is incomplete #​32721

📔 Documentation

  • Link to Micrometer's @Timed documentation #​33264
  • Clarify use of the spring.cache.type property with Hazelcast #​33245
  • Example git.commit.time in the Actuator API documentation is thousands of years in the future #​33237
  • Links to Features describes sections that have moved elsewhere #​33207
  • Fix kafka streams auto start description typo in reference docs #​33098
  • OAuth 2 configuration example uses unrecognized value for authorization grant type #​32931
  • Fix typos in logging.adoc #​32812
  • Harmonize code sample in the "Type-safe Configuration Properties" section #​32644
  • Align Tomcat multiple connectors example with recommendation to configure SSL declaratively #​28707
  • Actuator document is misleading about k8s startup probe #​28432
  • ConditionalOnClass not working for Bean methods on Java 8 #​27846

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​EricGao888, @​dreis2211, @​eurythmia, @​hpoettker, @​iamgd67, @​jamessoun93, and @​sdeleuze

v2.6.13

:lady_beetle: Bug Fixes
  • @Bean methods in KafkaAutoConfiguration provide less type information than they could #​32770
  • PEM formatted elliptic-curve TLS keys are an unrecognized private key format #​32646
  • Actuator configprops endpoint does not display DataSize properties correctly #​32645
  • Empty @DefaultValue cannot be used on collections, maps, arrays or optional values #​32559
  • Multi-Document-Separators "#---" comment checks do not account for '!' prefixed comments #​32521
  • CouchbaseReactiveHealthIndicator uses blocking API to retrieve the cluster diagnostics #​32505
  • BootBuildImage's archiveFile property is annotated as an @Input but should be annotated as an @InputFile #​32495
  • Assertion calls on CapturedOutput with Kotlin are very slow #​32033
📔 Documentation
  • Remove redundant @ExtendWith(SpringExtension.class) from MyJmxTests example #​32476
🔨 Dependency Upgrades
  • Upgrade to Dependency Management Plugin 1.0.15.RELEASE #​32784
  • Upgrade to Ehcache3 3.9.10 #​32648
  • Upgrade to Glassfish JAXB 2.3.7 #​32785
  • Upgrade to Hibernate 5.6.12.Final #​32649
  • Upgrade to Jackson Bom 2.13.4.20221013 #​32722
  • Upgrade to Jetty Reactive HTTPClient 1.1.13 #​32723
  • Upgrade to Lettuce 6.1.10.RELEASE #​32669
  • Upgrade to Micrometer 1.8.11 #​32586
  • Upgrade to MySQL 8.0.31 and extend dependency management to new Maven identifiers #​32747
  • Upgrade to Netty 4.1.84.Final #​32695
  • Upgrade to Reactor 2020.0.24 #​32587
  • Upgrade to Spring Data 2021.1.9 #​32588
  • Upgrade to Spring Kafka 2.8.10 #​32589
  • Upgrade to Spring Retry 1.3.4 #​32593
  • Upgrade to Spring Security 5.6.8 #​32590
  • Upgrade to Tomcat 9.0.68 #​32650
  • Upgrade to Undertow 2.2.20.Final #​32651
Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.12

New Features

:lady_beetle: Bug Fixes

  • DataSource logging in H2 console auto-configuration causes Hikari's threads to have the wrong thread context class loader #​32382
  • Detection of PeriodStyle.ISO8601 does not support lower-case input #​32235
  • YAML timestamps not handled properly with SnakeYaml 1.31 #​32228
  • Detection of DurationStyle.ISO8601 does not support lower-case input #​32223
  • Netty 'spring.netty leak detection' default property value is always applied to resource leak detector #​32144
  • Hazelcast auto-configuration recognizes hazelcast.xml and hazelcast.yaml files but not hazelcast.yml #​32142

📔 Documentation

  • Document support for JDK 19 #​32259
  • Clarify documentation of config sub-directory from which external application properties are read #​32224
  • Improve @ConditionalOnClass javadoc regarding use on @Bean methods #​32166
  • Clarify documentation on disabling web client request metrics #​32136

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.11

:lady_beetle: Bug Fixes

  • BasicJsonParser does not protect against deeply nested maps #​32029
  • Misleading error message when using JarMode Layertools and the source is not an archive #​31997
  • OptionalLiveReloadServer logs the wrong port number when it is configured to use an ephemeral port #​31983
  • Servlet WebServerStartStopLifecycle doesn't set running to false on stop #​31966
  • UnsupportedDataSourcePropertyException is thrown when attempting to set jdbcUrl for C3P0 #​31920
  • Jar Handler never clears MROTOCOL_HANDLER system property #​31870
  • BasicJsonParser can fail with a timeout or stackoverflow with malformed map JSON #​31869
  • BasicJsonParser can fail with a stackoverflow exception #​31868
  • Dependency management for REST Assured is incomplete #​31864
  • The hash of spring-boot-jarmode-layertools.jar that's added to a fat jar doesn't match the hash of the equivalent published artifact #​31862
  • ClassNotFoundException can be thrown for classes in nested jars when under GC pressure #​31853
  • HealthContributor beans managed by a CompositeHealthContributor are recreated on each call #​31676
  • Dev Tools restart failures caused by a too short quiet period are hard to diagnose #​31579
  • management.endpoint.health.probes.add-additional-paths has no effect when configuration properties have already created the liveness and/or readiness groups #​30612
  • JUL-based logging performed during close of application context is lost #​9457

📔 Documentation

  • Update Static Content reference documentation to reflect the DefaultServlet no longer being enabled by default #​32004
  • External configuration documentation uses incorrect placeholder syntax #​31941
  • Some properties in the Common Application Properties appendix have no description #​31916
  • server.reactive.session.cookie properties are not listed in the application properties appendix #​31912
  • Review Git contribution documentation #​31904
  • Metadata for 'spring.beaninfo.ignore' has incorrect SourceType #​31898
  • Remove documentation and metadata references to ConfigFileApplicationListener #​31895
  • Remove reference to nitrite-spring-boot-starter #​31892
  • Remove reference to Azure Application Insights #​31889
  • Fix links in documentations #​31887
  • Fix typos in code and documentation #​31734
  • Document that Undertow's record-request-start-time server option must be enabled for %D to work in access logging #​31103
  • Documentation for Maven Plugin classifier has an unresolved external reference #​29171
  • Example log output is out-of-date and inconsistent #​28208
  • Update documentation on using H2C to consider running behind a proxy that's performing TLS termination #​25855

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.10

:lady_beetle: Bug Fixes

  • Using 'ImportAutoConfigurationImportSelector' in the jar package loaded by a custom class loader throws ClassNotFoundException #​31798
  • A router function with attributes causes /actuator/mappings to return a 500 response due to an UnsupportedOperationException #​31784
  • Log4j2's shutdown hook is not disabled when using Log4j 2.18 or later #​31719
  • InstanceAlreadyExistsException when using Actuator with multiple context and JMX enabled #​31718
  • Deprecation hint for spring.data.mongodb.grid-fs-database is located in the wrong section #​31689
  • ApplicationPid doesn't log a warning if it takes a long time to return #​31572
  • Trailing whitespace in the value of a property is hard to identify in failure analysis descriptions #​31571
  • Dependency management for Derby is incomplete #​31570
  • HTTP Server and Data repositories metrics record null for the description #​31516
  • Image building fails with latest Paketo base builder and additional buildpacks configured #​31233
  • Publishing a docker image to a private registry fails without authentication #​28844
  • In a non-reactive application, health indicators in a parent context are not found #​27308

📔 Documentation

  • Clarify how docker image publishing registry is determined #​31820

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.9

:lady_beetle: Bug Fixes
  • @RestControllerAdvice @ExceptionHandler Inconsistent behavior with @RestControllerEndpoint #​31495
  • Tomcat server.max-http-header-size property is ignored when using HTTP/2 #​31322
  • Malformed json causes BasicJsonParser to throw a NullPointerException #​31301
  • Values in a spring.data.cassandra.config file can't override some defaults defined in CassandraProperties #​31238
  • Health indicators that take a long time to respond are difficult to diagnose #​31231
  • layers.xsd is out of sync with the documentation and implementation for including and excluding module dependencies #​31127
  • MimeMappings does not include application/wasm #​30885
  • Binder(ConfigurationPropertySource... sources) does not assert that sources contains only non-null elements #​30878
  • Dependency task can fail to BootJar and BootWar afterResolve hooks #​30586
  • JarFile implementation calls close early which breaks verification of signed unpacked nested jars on Oracle JDK #​29356
  • Custom Converter annotated with @ConfigurationPropertiesBinding does not get selected if targetType has a static factory method different return type #​28592
  • Metadata generated by the configuration properties annotation processor can miss inherited properties from nested classes #​21626
📔 Documentation
  • Remove duplicate content from "The Spring WebFlux Framework" section #​31378
  • Fix typos in the reference documentation #​31328
  • Document that property placeholders should use the canonical property name form #​31309
  • Enable Links for the Javadoc of the Gradle Plugin #​31279
  • Remove "earlier in this chapter" from places where content is now elsewhere in the documentation #​31276
  • Restore custom favicon documentation #​31224
  • Typos in documentation ("spring-factories" instead of "spring.factories") #​31203
  • Document that when using Lombok it must be configured to run before spring-boot-configuration-processor #​31190
  • Fix Custom Layers Configuration section title in Maven plugin docs #​31172
  • Use Lambda-based API in Spring Security examples #​31143
🔨 Dependency Upgrades
Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.8

:lady_beetle: Bug Fixes

  • Default properties configured on SpringApplication have higher precedence than properties configured with @PropertySource #​31092
  • A failure when an instrumented WebClient records metrics causes the request to fail #​31088
  • Dependency management for Artemis is incomplete #​31078
  • Configuration properties for Statsd's buffered and step properties are missing #​31058
  • Debug logging for requests to WebFlux-based Actuator endpoints does not identify the endpoint #​30886
  • @ConditionalOnProperty meta annotation with @AliasFor does not work #​30873
  • Event handling in JobExecutionExitCodeGenerator is not thread-safe #​30845
  • Hibernate service loading logs HHH000505 warnings for ServiceConfigurationError with Gradle-built jars since 2.5.10 when using Java 11 or later #​30790
  • Cryptic startup failure with bare LOGGING_LEVEL environment variable #​30788
  • SearchStrategy argument of MethodValidationExcludeFilter byAnnotation(Class, SearchStrategy) is not used #​30786

📔 Documentation

  • Extend documentation on Datadog metrics #​30996
  • Fix link to Upgrading From 1.x in multi-page documentation #​30994
  • Document support for Java 18 #​30781

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.7

:lady_beetle: Bug Fixes

  • bootBuildInfo fails with a NullPointerException when an additional property has a null value #​30670
  • @SpringBootTest(webEnvironment = WebEnvironment.NONE) is overridden by spring.main.web-application-type in application.properties #​30666
  • Spring Boot does not respect WebApplicationType.REACTIVE in tests with a mock web environment #​30664
  • NullPointerException is thrown when accessing /actuator/configprops if a class annotated with both @Configuration and @ConfigurationProperties has a static @Bean method #​30581
  • ApplicationAvailabilityBean is not thread-safe #​30553
  • Incorrect Neo4j username property replacement hint by spring-boot-properties-migrator #​30551
  • Add Tomcat locale mapping for Japanese to preserve UTF-8 charset #​30541

📔 Documentation

  • Update doc samples to reflect AdoptOpenJDK move to the Eclipse Foundation #​30749
  • Fix incorrect link in kafka.adoc #​30674
  • Move Jetty 9 specific exclusions to the correct dependency #​30583
  • Add missing configuration metadata for "management.endpoint.health.probes.add-additional-paths" #​30562
  • Update list of default internal proxies in Web Server howto #​30544
  • Polish documentation #​30526

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.6

:lady_beetle: Bug Fixes
  • MustacheAutoConfiguration in a Servlet web application fails with a ClassNotFoundException when Spring MVC is not on the classpath #​30475
📔 Documentation
  • Javadoc of org.springframework.boot.gradle.plugin.ResolveMainClassName.setClasspath(Object) is inaccurate #​30469
  • Document that @DefaultValue can be used on a record component #​30465
  • Remove redundant Javadoc #​30446
🔨 Dependency Upgrades
  • Upgrade to Jackson Bom 2.13.2.20220328 #​30478
  • Upgrade to Spring Framework 5.3.18 #​30492
Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.5

📣 Noteworthy

New Features

:lady_beetle: Bug Fixes

  • ConfigurationPropertyName#equals is not symmetric when adapt has removed trailing characters from an element #​30392
  • Thymeleaf auto-configuration in a reactive application can fail due to duplicate templateEngine beans #​30385
  • server.tomcat.keep-alive-timeout is not applied to HTTP/2 #​30321
  • Setting spring.mustache.enabled to false has no effect #​30256
  • bootWar is configured eagerly #​30213
  • Actuator @ReadOperation on Flux cancels request after first element emitted #​30161
  • Unnecessary allocations in Prometheus scraping endpoint #​30125
  • No metrics are bound for R2DBC ConnectionPools that have been wrapped #​30100
  • Condition evaluation report entry for a @ConditionalOnSingleCandidate that does not match due to multiple primary beans isn't as clear as it could be #​30098
  • Generated password are logged without an "unsuitable for production use" note #​30070
  • Dependency management for Netty tcNative is incomplete leading to possible version conflicts #​30038
  • Files in META-INF are not found when deploying a Gradle-built executable war to a servlet container #​30036
  • Dependency management for Apache Kafka is incomplete #​30031
  • spring-boot-configuration-processor fails compilation due to @DefaultValue with a long value and generates invalid metadata for byte and short properties with out-of-range default values #​30022

📔 Documentation

  • Add Apache Kafka to the description of the Messaging section #​30389
  • Default value of spring.thymeleaf.reactive.media-types is not documented #​30387
  • Clarify type matching that is performed when using @MockBean and @SpyBean #​30382
  • Fix links to Spring Security Reference Guide in Accessing the H2 Console in a Secured Application #​30349
  • Document how to access the H2 Console in a secured web application #​30346
  • Add Netty in "Enable HTTP Response Compression" #​30344
  • Fix JsonSerializer example in reference guide #​30330
  • WebSockets section missing in reference guide #​30231
  • Include default Dev Tools properties in the reference documentation #​30166
  • Document the WebSocket-related exclusions that are required to use Jetty 10 #​30149
  • Fix typo #​30120
  • Add documentation for spring.profiles.include #​30114
  • Document when config data properties are invalid #​30113
  • Document the scalar types supported by MapBinder #​30111
  • Document how to rely on ServletContext with an embedded container setup #​30109
  • Anchor tag for Spring HATEOAS does not redirect properly #​30106
  • Clarify that build plugins or the CLI does not have an auto-compile feature #​30093
  • Document how to structure configurations so that @Bean methods are included in slice tests #​30091
  • Remove non-existent spring.data.cassandra.connection.connection-timeout property from the documentation #​30080
  • Clarify actuator security documentation #​30065
  • Use Gradle's task configuration avoidance APIs in the main reference docs #​30059
  • Use Gradle's task configuration avoidance APIs in the Gradle Plugin's reference docs #​30057
  • Improve property placeholder documentation to mention environment variables and default values #​30050
  • Polish web examples in reference doc #​30048
  • Add links to Spring Boot for Apache Geode to the reference documentation #​30018
  • Document plugging in custom sanitisation rules with a SanitizingFunction bean #​29950

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports

Me haz all ze repositoriiiiiiiiiiiiiiiiiies