Skip to content

Update spring boot to v3 (major)

RenovateBot requested to merge renovate-major-spring-boot into main

This MR contains the following updates:

Package Change Age Adoption Passing Confidence
org.springframework.boot:spring-boot-starter-test (source) 2.6.4 -> 3.1.1 age adoption passing confidence
org.springframework.boot:spring-boot-devtools (source) 2.6.4 -> 3.1.1 age adoption passing confidence
org.springframework.boot:spring-boot-starter-log4j2 (source) 2.6.4 -> 3.1.1 age adoption passing confidence
org.springframework.boot:spring-boot-starter-web (source) 2.6.4 -> 3.1.1 age adoption passing confidence
org.springframework.boot:spring-boot-starter-quartz (source) 2.6.4 -> 3.1.1 age adoption passing confidence
org.springframework.boot:spring-boot-starter-mail (source) 2.6.4 -> 3.1.1 age adoption passing confidence
org.springframework.boot (source) 2.6.3 -> 3.1.1 age adoption passing confidence

Release Notes

spring-projects/spring-boot

v3.1.1

:lady_beetle: Bug Fixes
  • Websockets don't work when using WebFlux with Jetty #​36009
  • When using SimpleClientHttpRequestFactory, non-GET requests sent with RestTemplate have the wrong HttpMethod when SSLBundles are used #​36007
  • Spring Boot properties migrator can create circular references #​35934
  • Actuator loggers list endpoint throws exception on Log4J2 loggers with custom log levels #​35922
  • SSL configuration overwrites other WebClient customization #​35914
  • Validation is not applied for ConfigurationProperties that implement Validator and use @ConstructorBinding #​35913
  • Tracing only supports a single context propagation type #​35907
  • SpringApplication.from(?).with(?) adds its sources to every context that's created #​35873
  • Devtools does not support package-private main classes #​35865
  • DevTools prevent startup in native image with ClassNotFoundException #​35853
  • Password is not used from spring.data.redis.url property without username #​35850
  • Docker Compose connection details for MongoDB is missing the authSource option when authentication is configured #​35777
  • Processing of @EndpointCloudFoundryExtension logs a warnings as it does not use @AliasFor on its override of the endpoint attribute #​35766
  • Java 20 is supported but there's no value for it in the JavaVersion enum #​35764
  • SpringApplication.from(...) is hard to use with Kotlin #​35756
  • Spring Boot 3.1.0 incompatible with Flyway 9.0 #​35721
  • The error message is unhelpful when spring.rabbitmq.host is configured with a comma-separated value #​35684
  • Docker Compose support produces non-working native image #​35676
  • Metadata for spring.ssl properties are missing #​35667
  • The new support for testcontainers in Spring Boot 3.1.0 does not work with native tests #​35663
  • Constructor binding of @ConfigurationProperties to a lateinit property fails with kotlin.UninitializedPropertyAccessException #​35654
  • PEM SSL bundles do not support encrypted PKCS8 private keys #​35652
  • When a configuration properties bean is defined using a @Bean method, BindableRuntimeHintsRegistrar may incorrectly register hints for constructor binding #​35647
  • Enabling Spring Data Elasticsearch auditing causes application startup failure #​35610
  • ZipkinAutoConfiguration always need a ZipkinProperties bean in SB 3.1 #​35592
  • MongoDB authentication to different DB than used no longer works in spring boot 3.1 #​35567
  • Auto-configuration for Spring Data MongoDB ignores spring.data.mongodb.database when spring.data.mongodb.uri has been set #​35566
📔 Documentation
  • Remove @EnableBatchProcessing mentions in reference documentation for sliced tests and user configuration #​36004
  • Update description of spring-boot-starter-data-rest to clarify that it uses Spring MVC #​35911
  • Add @DynamicPropertySource to documented list of property source ordering #​35909
  • Fix typo in Docker Compose documentation #​35818
  • Move property notes up to external configuration section #​35769
  • Improve OAuth2 Client section of docs #​35767
  • Description of spring.data.mongodb.uri property incorrectly states that it overrides spring.data.mongodb.database #​35690
  • Fix error in SSL bundle documentation #​35665
  • Document how to add parameters to the JDBC URL created for a Docker Compose managed container #​35636
  • Documenting audience support in Oauth2 resource server #​35634
  • Description of build-image and build-image-no-fork Maven plugin goals is inconsistent #​35618
  • Some spring.docker.compose properties do not document their default values #​35598
  • Description of never value for spring.docker.compose.readiness.wait is incorrect #​35597
  • ServiceConnection Typo In name Documentation #​35594
  • Declare @Testcontainers before @SpringBootTest in documentation examples to ensure that Testcontainers is started before the application tries to use its containers #​35572
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​KitBolourchi, @​ThomasKasene, @​bbulgarelli, @​bikash30851, @​dreis2211, @​eddumelendez, @​fcappi, @​izeye, @​quaff, @​rafaelrc7, @​sdeleuze, @​sjohnr, @​sungchanjo, and @​twobiers

v3.1.0

New Features

  • Result from SpringApplication.from(...) may need to provide access to more details in the future #​35451
  • Ensure that Flyway uses SLF4J by default and provide a configuration property to override the setting #​35158

:lady_beetle: Bug Fixes

  • Welcome page may return a 404 when an acceptable response cannot be produced #​35554
  • Docker compose dependency causes failures during Maven AOT processing #​35548
  • Defining a zipkin2.reporter.Reporter results in two reporter beans as the auto-configured AsyncReporter does not back off #​35546
  • Docker compose service readiness checks cannot be bypassed #​35545
  • Many spring.security.oauth2.authorizationserver properties do not have default values #​35460
  • Default for spring.flway.execute-in-transaction is not aligned with Flyway's default #​35447
  • developmentOnly dependencies are included in the AOT processing classpath #​35444
  • Restarts are slow when using spring-boot-devtools and spring-boot-docker-compose #​35435
  • Hibernate 6.2 doesn't work in native-image: No available JtaPlatform candidates #​35425
  • In a native image, configuration property binding fails when the target has package-private getters and setters #​35400
  • Invalid reference format error when tagging images using Podman #​35396
  • App startup fails with confusing message when a Docker Compose file is not found #​35383
  • WebClient auto-configuration tries to use HttpComponentsClientHttpConnector when all required classes are not present #​35381
  • MinIdle and MaxValidationTime properties missing for R2DBC pools #​35379
  • spring.data.mongodb.replica-set-name is not applied correctly #​35370
  • Anonymous requests to the token endpoint are redirected to the Spring Security login page instead of receiving a 401 response #​35368
  • Application yaml files cannot be loaded when they exceed 3mb #​35367
  • Can't use PEM encoded PKCS#​8 EC keys with server.ssl.certificate-private-key #​35365
  • DisableObservabilityContextCustomizer can't be switched off through properties #​35360
  • FactoryBean.getObject for non-singleton executed when resetting mocks #​35330
  • Tracking of artifact dependency coordinates by BootJar and BootWar may break artifact transforms in sub-projects #​35328

📔 Documentation

  • Javadoc since version for ImageReference is wrong #​35459
  • Polish formatting of permitAll() endpoint security Kotlin example #​35457
  • Improve Kotlin Testcontainers samples #​35446
  • Improve documentation for including Docker Compose support #​35384
  • Wrong anchors in Maven plugin documentation #​35373
  • Fix typo #​35369
  • Formatting issue in the Maven plugin documentation #​35349
  • Clarify profile support when using AOT #​35321

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​Ckram, @​JunJaBoy, @​TheHound, @​bclozel, @​be-hase, @​davin111, @​dreis2211, @​izeye, @​quaff, @​scordio, @​sdeleuze, and @​sjohnr

v3.0.8

:lady_beetle: Bug Fixes
  • Spring Boot properties migrator can create circular references #​35933
  • Actuator loggers list endpoint throws exception on Log4J2 loggers with custom log levels #​35920
  • Validation is not applied for ConfigurationProperties that implement Validator and use @ConstructorBinding #​35912
  • Devtools does not support package-private main classes #​35864
  • Processing of @EndpointCloudFoundryExtension logs a warnings as it does not use @AliasFor on its override of the endpoint attribute #​35765
  • Java 20 is supported but there's no value for it in the JavaVersion enum #​35763
  • Tracing only supports a single context propagation type #​35611
  • Constructor binding of @ConfigurationProperties to a lateinit property fails with kotlin.UninitializedPropertyAccessException #​35603
  • When a configuration properties bean is defined using a @Bean method, BindableRuntimeHintsRegistrar may incorrectly register hints for constructor binding #​35564
  • Enabling Spring Data Elasticsearch auditing causes application startup failure #​33651
  • Websockets don't work when using WebFlux with Jetty #​33347
📔 Documentation
  • Update description of spring-boot-starter-data-rest to clarify that it uses Spring MVC #​35910
  • Add @DynamicPropertySource to documented list of property source ordering #​35908
  • Move property notes up to external configuration section #​35768
  • Description of spring.data.mongodb.uri property incorrectly states that it overrides spring.data.mongodb.database #​35689
  • Improve OAuth2 Client section of docs #​35679
  • Document audience support in OAuth2 resource server #​35633
  • Description of build-image and build-image-no-fork Maven plugin goals is inconsistent #​35609
  • Remove @EnableBatchProcessing mentions in reference documentation for sliced tests and user configuration #​33435
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​ThomasKasene, @​bbulgarelli, @​bikash30851, @​dreis2211, @​izeye, @​mhalbritter, @​sjohnr, and @​twobiers

v3.0.7

:lady_beetle: Bug Fixes
  • Welcome page may return a 404 when an acceptable response cannot be produced #​35553
  • Defining a zipkin2.reporter.Reporter results in two reporter beans as the auto-configured AsyncReporter does not back off #​35455
  • developmentOnly dependencies are included in the AOT processing classpath #​35433
  • Hibernate 6.2 doesn't work in native-image: No available JtaPlatform candidates #​35423
  • In a native image, configuration property binding fails when the target has package-private getters and setters #​35397
  • Invalid reference format error when tagging images using Podman #​35395
  • WebClient auto-configuration tries to use HttpComponentsClientHttpConnector when all required classes are not present #​35380
  • MinIdle and MaxValidationTime properties missing for R2DBC pools #​35378
  • Can't use PEM encoded PKCS#​8 EC keys with server.ssl.certificate-private-key #​35364
  • FactoryBean.getObject for non-singleton executed when resetting mocks #​35329
  • Webflux server gracefulshutdown throws NullPointerException #​35269
  • Health actuator mail details shows the port as -1 when using the default port #​35254
  • SessionRepositoryFilterConfiguration can cause early initialization of SessionRepository beans including Redis #​35241
  • Liveness and readiness probes return down when lazy initialization is enabled #​35235
  • Devtools main method search algorithm can find incorrect main method #​35220
  • When a WebFlux app is deployed to Cloud Foundry some metrics are lost and numerous beans are ineligible for post-processing #​35170
  • Treating a null Flyway-specific password as an empty string prevents the use of PGPASS for authentication #​35131
  • DisableObservabilityContextCustomizer can't be switched off through properties #​35009
  • Application yaml files cannot be loaded when they exceed 3mb #​34743
  • @ServletComponentScan causes AOT processing to fail with "Code generation is not supported for bean definitions declaring an instance supplier callback" #​34563
  • Tracking of artifact dependency coordinates by BootJar and BootWar may break artifact transforms in sub-projects #​31216
📔 Documentation
  • Polish formatting of permitAll() endpoint security Kotlin example #​35456
  • Wrong anchors in Maven plugin documentation #​35372
  • Clarify profile support when using AOT #​35262
  • Add reference to Tor Spring Boot Starter #​35256
  • Correct list of annotations that are equivalent to @SpringBootApplication #​35230
  • Harmonize references to application.yaml files in reference docs #​35129
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​JunJaBoy, @​aasaru, @​be-hase, @​davin111, @​ivandimitrov8080, and @​theborakompanioni

v3.0.6

:lady_beetle: Bug Fixes
  • CloudFoundry integration does not use endpoint path mappings #​35086
  • ApplicationAvailability bean is auto-configured even if a custom one is already present #​35068
  • Gradle Spring Boot plugin with Kotlin DSL does not support includeProjectDependencies in bootJar > layered > dependencies configuration #​35035
  • Cassandra default configuration substitutions don't resolve against configuration derived from spring.data.cassandra properties #​34799
  • Banner placeholders use default values too soon #​34792
  • Nested test classes don't inherit properties from slice test annotations on enclosing class #​34781
  • Hints for including Liquibase changelogs in a native image are unnecessarily narrow #​34729
  • Unlike @EnableBatchProcessing, auto-configuration for Spring Batch does not enable observability of steps and jobs #​34305
📔 Documentation
  • Improve documentation of tracing dependencies and configuration properties #​34991
  • Use current Neo4j version in Testcontainers-based examples #​34940
  • BatchProperties has an outdated reference to JPA #​34844
  • Document that optional dependencies are included by default in fat jars built with Maven #​34788
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​Ferioney, @​RobertRad, @​SeasonPanPan, @​acktsap, @​benelog, @​dreis2211, @​kdomo, @​krzyk, @​marbon87, and @​meistermeier

v3.0.5

:lady_beetle: Bug Fixes

  • EmbeddedWebServerFactoryCustomizerAutoConfiguration should not run when embedded web server is not configured #​34659
  • StandardConfigDataResource can import the same file twice if the classpath includes '.' #​34617
  • Loading application.yml fails with NoSuchMethodError when using SnakeYAML 2.0 #​34515
  • @ConfigurationProperties no longer works on a mutable Kotlin data classes #​34500
  • Image builds with podman fail when image buildpacks are configured #​34495
  • Use of @EntityScan causes AOT instance supplier code generation error #​34371

📔 Documentation

  • Document support for Java 20 #​34726
  • Clarify conventions for custom error pages in WebFlux #​34705
  • Add documentation tip showing how to configure publishRegistry Maven properties from the command line #​34704
  • Typo in Batch documentation: content instead of context #​34646
  • Update two references to old APIs #​34602
  • Fix Javadoc in JobLauncherApplicationRunner #​34596
  • Document how to get socket location for image building configuration with podman #​34475

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​1993heqiang, @​anthonydahanne, @​benelog, @​dsyer, @​izeye, @​swapy, and @​terminux

v3.0.4

:lady_beetle: Bug Fixes

  • Maven plugin uses timezone-local timestamps when outputTimestamp is used #​34430
  • org.springframework.boot.web.embedded.jetty.GracefulShutdown uses the wrong class to create its logger #​34419
  • @ConfigurationProperties with initialized nested record properties values no longer bind #​34407
  • Custom ConfigDataLocationResolver/ConfigDataLoader fails in 3.0.x when combined with spring-boot-devtools #​34372
  • defaultTracingObservationHandler is not ordered as documented #​34216
  • Spring Boot 3 does not provide a configuration property for configuring red metrics custom tag keys #​34194

📔 Documentation

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​1993heqiang, @​anandmnair, @​dalbani, @​fmbenhassine, @​izeye, @​jongwooo, and @​ttddyy

v3.0.3

:lady_beetle: Bug Fixes

  • ClassNotFoundException during AOT processing of Logback XML that references a variable when defining a component's class #​34336
  • Logback configuration errors are not reported when running as a native image #​34315
  • Dependency management for Spring LDAP includes spring-ldap-core-tiger which no longer exists #​34299
  • Kotlin ConfigurationProperties default values are not picked up when nativeRun is used #​34157
  • Maven Plugin's PropertiesMergingResourceTransformer closes InputStream when it should not do so #​34072
  • Actuator Health web endpoint broken with Gson and Java 17 #​34070
  • Manifests of jars built with Gradle do not have a Implementation entries #​34059
  • Spies are not reset after test execution when using @SpyBean #​34044
  • Using devtools with Reactive application results in slower restarts #​34036
  • spring-boot-dependencies manages mysql:mysql-connector-java which no longer exists #​34021
  • Dependency management for Mongo's Java Driver is incomplete #​34019
  • jOOQ DefaultConfiguration does not use TransactionProvider #​33979
  • ObservationFilter beans are not registered automatically #​33968
  • Properties Migrator does not detect properties of Map type that are marked as deprecated #​33963
  • Dependency management for some Angus Mail modules uses the wrong artifact ID #​33947
  • ElasticsearchClientAutoConfiguration causes global ObjectMapper to be overwritten #​33426

📔 Documentation

  • Updated documentation for @ConfigurationProperties bean naming rules #​34192
  • Document additional configuration that is required for spring.mvc.throw-exception-if-no-handler-found=true to be effective #​34190
  • Use Maven Central for release downloads in CLI installation documentation #​34161
  • Update Customizing Sanitization documentation as built-in key-based sanitization is no longer performed #​34051
  • Add Redis application properties example #​34041
  • Restore "Use Jedis Instead of Lettuce" how-to documentation #​33995
  • Actuator section is missing from documentation overview #​33933
  • Add Javadoc since to OperationParameter.getAnnotation() #​33919

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​Anubhav-2000, @​artembilan, @​ath0s, @​enimiste, @​izeye, @​jprinet, @​krzyk, @​marcel-wollschlaeger, @​mhalbritter, @​michaldo, and @​sannanansari

v3.0.2

:lady_beetle: Bug Fixes
  • Failure analysis of NoUniqueBeanDefinitionException reports "defined in null" when bean definition has no resource description #​33876
  • @DeprecatedConfigurationProperty has no effect when declared on a record component's accessor method #​33871
  • Devtools sets non-existent property spring.reactor.debug #​33860
  • Failing calls to reactive health indicators are not logged #​33856
  • Spring Boot 3 Native: Fails to bind properties under 'spring.groovy.template' #​33847
  • Diagnostics are poor when the JMX port used by the Maven start goal is in use #​33845
  • Inconsistent discovery of parameter names for selectors in custom actuator endpoints #​33841
  • OpenTelemetryAutoConfiguration should use parent-based sampler by default #​33821
  • SpringBootMockResolver causes AopTestUtils.getUltimateTargetObject to recurse until the stack overflows when it calls it with Spring Security's authentication manager bean #​33792
  • It is not possible to provide a custom TransactionProvider bean for JOOQ #​33776
  • Remove usage of bean definition instance supplier since not compatible with AOT #​33763
  • DevTools prevent startup in native image when using maven #​33760
  • NPE in RabbitProperties when user is given, but password not #​33753
  • EndpointRequestMatcher should have a toString method #​33729
  • SDKMAN should not use repo.spring.io for releases #​33723
  • @ConfigurationProperties on a @Bean method does not work when the bean has a constructor that is eligible for constructor binding #​33710
  • Homebrew and Scoop should not use repo.spring.io for releases #​33706
  • Installing Homebrew formula with --head does not work #​33704
  • Flyway-specific DataSource cannot be created in a native image due to missing reflection hints #​33692
  • Remove Jetty/Netty/ApacheHttpClient checks for WebClient #​33640
  • Fix no effect of custom SessionRepositoryCustomizer in application context #​33514
  • Nested properties without a setter can no longer be bound in 3.0 #​33409
📔 Documentation
  • Fix typo in testing-native-application.adoc #​33896
  • Replace "via" in documentation and use "over" or "through" instead #​33880
  • Fix typo in kotlin getting started documentation #​33869
  • Update com.gorylenko.gradle-git-properties version to 2.4.1 in doc #​33857
  • Description of spring-boot-starter-websocket does not make it clear that it's Servlet-specific #​33842
  • Fix 'the the' typos #​33756
  • Fix docs with repeated words. #​33749
  • Update HTTP 2 documentation for Java 17 #​33734
  • Fix typo in getting started documentation #​33732
  • Fix typo in External Configuration documentation #​33728
  • Fix a typo in the ExitCodeGenerator documentation #​33726
  • Fix typo in javadoc of org.springframework.boot.web.server.LocalServerPort #​33724
  • Update dockerfile samples to use Java 17 #​33629
  • Remove the run example #​33519
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​BartR96, @​IDJack, @​anugrahsinghal, @​asomov, @​devrishal, @​dreis2211, @​izeye, @​josephlane, @​krzyk, @​kvmw, @​mhalbritter, @​michaelweidmann, @​qyqcswill, @​rfigueroa, @​sannanansari, @​sdeleuze, @​yyjstudy, and @​zhangyanyue

v3.0.1

:lady_beetle: Bug Fixes
  • Fix typo in LocalDevToolsAutoConfiguration logging #​33615
  • No warning is given when <springProfile> is used in a Logback <root> block #​33610
  • Auto-configure PropagationWebGraphQlInterceptor for tracing propagation #​33542
  • WebClient instrumentation fails with IllegalArgumentException when adapting to WebClientExchangeTagsProvider #​33483
  • Reactive observation auto-configuration does not declare order for WebFilter #​33444
  • Web server fails to start due to "Resource location must not be null" when attempting to use a PKCS 11 KeyStore #​33433
  • Actuator health endpoint for neo4j throws NoSuchElementException and always returns Status.DOWN #​33428
  • Anchors in YAML configuration files throw UnsupportedOperationException #​33404
  • ZipkinRestTemplateSender is not customizable #​33399
  • AOT doesn't work with Logstash Logback Encoder #​33387
  • Maven process-aot goal fails when release version is set in Maven compiler plugin #​33382
  • DependsOnDatabaseInitializationPostProcessor re-declares bean dependencies at native image runtime #​33374
  • @SpringBootTest now throws a NullPointerException rather than a helpful IllegalStateException when @SpringBootConfiguration is not found #​33371
  • bootBuildImage always trys to create a native image due to bootJar always adding a META-INF/native-image/argfile to the jar #​33363
📔 Documentation
  • Improve gradle plugin tags documentation #​33617
  • Improve maven plugin tags documentation #​33616
  • Fix typo in tomcat accesslog checkExists doc #​33512
  • Documented Java compiler level is wrong #​33505
  • Fix typo in documentation #​33453
  • Update instead of replace environment in bootBuildImage documentation #​33424
  • Update the reference docs to document the need to declare the native-maven-plugin when using buildpacks to create a native image #​33422
  • Document that the shutdown endpoint is not intended for use when deploying a war to a servlet container #​33410
  • Reinstate GraphQL testing documentaion #​33407
  • Description of NEVER in Sanitize Sensitive Values isn't formatted correctly #​33398
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​Artur-, @​aksh1618, @​candrews, @​cdanger, @​currenjin, @​izeye, @​jprinet, @​lishangbu, @​ohdaeho, @​peter-janssen, and @​shekharAggarwal

v3.0.0

See the Release notes for 3.0 for upgrade instructions and details of new features.

New Features
  • Provide a configuration property for the observation patterns of Spring Integration components #​33099
:lady_beetle: Bug Fixes
  • io.micrometer.tracing.Tracer on the classpath breaks AOT processing for tests #​33298
  • Tracer library HTTP instrumentation is auto-configured unnecessarily #​33287
  • Auto-configuration ignores user-provided ObservationConventions #​33285
  • ScheduledBeanLazyInitializationExcludeFilter is auto-configured even when annotation-based scheduled has not been enabled #​33284
  • SpringBootContextLoader prints banner twice when using a @ContextHierarchy #​33263
  • Properties migrator causes an application to fail to start if it tries to map a property whose metadata data entry contains an invalid configuration property name #​33250
  • Wavefront MeterRegistryCustomizer is not applying application tags from application.properties #​33244
  • Actuator responses no longer format timestamps as ISO-8601 #​33236
  • Configuration property is not bound in a native image when property has get, set, and is methods #​33232
  • Configuration property binding does not deal with bridge methods #​33212
  • Contribute missing resource hints for GraphQL schema files and GraphiQL HTML page #​33208
  • Hints for ClientHttpRequestFactory should only be generated for matching methods #​33203
  • Native profile should configure execution in pluginManagement #​33184
  • Configuring management.server.port via a config tree results in a ConverterNotFoundException when the management context is refreshed #​33169
  • JBoss logging does not route directly to SLF4J when using Logback #​33155
  • Test with UseMainMethod.Always do not work with Kotlin main functions #​33114
  • Maven process-aot does not specify source and target release when compiling generated sources #​33112
  • Some Actuator beans are ineligible for post-processing #​33110
  • AOT-generated source fails to compile when Actuator is enabled on a WebFlux project #​33106
  • @ContextHierarchy should never be used with main method #​33078
  • Maven process-aot fails when compiler plugin has been configured with --enable-preview #​33012
  • Wavefront application tags differ from those used in a Spring Boot 2.x application #​32844
  • Maven goal spring-boot:build-image runs package phase twice #​26455
📔 Documentation
  • Document observation for R2DBC #​33335
  • Align Tomcat multiple connectors example with recommendation to configure SSL declaratively #​33333
  • Actuator document is misleading about k8s startup probe #​33327
  • Update documented for @Timed to reflect narrower support #​33282
  • Update reference documentation to replace mentions of tags providers and contributors with their Observation-based equivalents #​33281
  • Link to Micrometer's @Timed documentation #​33266
  • Clarify use of the spring.cache.type property with Hazelcast #​33258
  • Example git.commit.time in the Actuator API documentation is thousands of years in the future #​33256
  • Update Spring Security filter dispatcher types docs to reflect change in default value #​33252
  • Documentation for nested configuration properties in a native image uses @NestedConfigurationProperty too widely #​33239
  • Document that the jar task should not be disabled when building a native image #​33238
  • Document nesting configuration properties using records or Kotlin data classes and how and when to use @NestedConfigurationProperty #​33235
  • Links to Features describes sections that have moved elsewhere #​33214
  • Fix broken links in docs #​33209
  • Document the need for compilation with -parameters when targeting a native image #​33182
  • Remove outdated native image documentation #​33109
  • Mention @RegisterReflectionForBinding in the docs #​32903
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​artembilan, @​dreis2211, @​hpoettker, @​izeye, @​jonatan-ivanov, @​oppegard, @​sdeleuze, @​ttddyy, @​tumit, and @​vpavic

v2.7.13

:lady_beetle: Bug Fixes
  • Spring Boot properties migrator can create circular references #​35919
  • Devtools does not support package-private main classes #​35858
  • Java 20 is supported but there's no value for it in the JavaVersion enum #​35758
  • Processing of @EndpointCloudFoundryExtension logs a warnings as it does not use @AliasFor on its override of the endpoint attribute #​35716
  • Actuator loggers list endpoint throws exception on Log4J2 loggers with custom log levels #​35227
  • Validation is not applied for ConfigurationProperties that implement Validator and use @ConstructorBinding #​33669
📔 Documentation
  • Description of spring.data.mongodb.uri property incorrectly states that it overrides spring.data.mongodb.database #​35686
  • Update description of spring-boot-starter-data-rest to clarify that it uses Spring MVC #​35678
  • Move property notes up to external configuration section #​35662
  • Document audience support in OAuth2 resource server #​35286
  • Add @DynamicPropertySource to documented list of property source ordering #​32901
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​bbulgarelli, @​bikash30851, and @​twobiers

v2.7.12

:lady_beetle: Bug Fixes

  • Welcome page may return a 404 when an acceptable response cannot be produced #​35552
  • Invalid reference format error when tagging images using Podman #​35358
  • FactoryBean.getObject for non-singleton executed when resetting mocks #​35324
  • Can't use PEM encoded PKCS#​8 EC keys with server.ssl.certificate-private-key #​35322
  • Webflux server gracefulshutdown throws NullPointerException #​35264
  • Health actuator mail details shows the port as -1 when using the default port #​35247
  • SessionRepositoryFilterConfiguration can cause early initialization of SessionRepository beans including Redis #​35240
  • Devtools main method search algorithm can find incorrect main method #​35214
  • When a WebFlux app is deployed to Cloud Foundry some metrics are lost and numerous beans are ineligible for post-processing #​35163
  • Liveness and readiness probes return down when lazy initialization is enabled #​35161
  • Treating a null Flyway-specific password as an empty string prevents the use of PGPASS for authentication #​35110
  • WebClient auto-configuration tries to use HttpComponentsClientHttpConnector when all required classes are not present #​34964
  • MinIdle and MaxValidationTime properties missing for R2DBC pools #​34724

📔 Documentation

  • Polish formatting of permitAll() endpoint security Kotlin example #​35454
  • Wrong anchors in Maven plugin documentation #​35371
  • Correct list of annotations that are equivalent to @SpringBootApplication #​35180
  • Harmonize references to application.yaml files in reference docs #​34628

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​JunJaBoy, @​aasaru, @​davin111, and @​ivandimitrov8080

v2.7.11

:lady_beetle: Bug Fixes

  • CloudFoundry integration does not use endpoint path mappings #​35085
  • Gradle Spring Boot plugin with Kotlin DSL does not support includeProjectDependencies in bootJar > layered > dependencies configuration #​35033
  • Banner placeholders use default values too soon #​34764
  • Cassandra default configuration substitutions don't resolve against configuration derived from spring.data.cassandra properties #​34643
  • ApplicationAvailability bean is auto-configured even if a custom one is already present #​34347
  • Nested test classes don't inherit properties from slice test annotations on enclosing class #​33317

📔 Documentation

  • Use current Neo4j version in Testcontainers-based examples #​34775
  • Clarify servlet container compatibility #​34697
  • Document that optional dependencies are included by default in fat jars built with Maven #​34636

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​SeasonPanPan, @​acktsap, @​dreis2211, @​jgslima, @​krzyk, and @​meistermeier

v2.7.10

:lady_beetle: Bug Fixes
  • Some of the deprecated spring.security.saml2.relyingparty.registration.*.identityprovider.* properties are ignored #​34525
  • Maven plugin uses timezone-local timestamps when outputTimestamp is used #​34424
  • Loading application.yml fails with NoSuchMethodError when using SnakeYAML 2.0 #​34405
  • EmbeddedWebServerFactoryCustomizerAutoConfiguration should not run when embedded web server is not configured #​34332
  • Image builds with podman fail when image buildpacks are configured #​34324
  • org.springframework.boot.web.embedded.jetty.GracefulShutdown uses the wrong class to create its logger #​34220
  • StandardConfigDataResource can import the same file twice if the classpath includes '.' #​34212
📔 Documentation
  • Document support for Java 20 #​34642
  • Update two references to old APIs #​34567
  • Clarify conventions for custom error pages in WebFlux #​34534
  • Add documentation tip showing how to configure publishRegistry Maven properties from the command line #​34517
  • Document support for Gradle 8 #​34458
  • Document how to get socket location for image building configuration with podman #​34435
  • Fix typo in Encrypting Properties #​34386
  • Use plugins DSL consistently in Spring Boot Gradle Plugin docs #​34048
  • Add link to Failover starter #​32943
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​1993heqiang, @​anandmnair, @​anthonydahanne, @​dsyer, @​izeye, @​jongwooo, and @​terminux

v2.7.9

:lady_beetle: Bug Fixes

  • Maven Plugin's PropertiesMergingResourceTransformer closes InputStream when it should not do so #​34063
  • Actuator Health web endpoint broken with Gson and Java 17 #​34030
  • Dependency management for Mongo's Java Driver is incomplete #​33941
  • Using devtools with Reactive application results in slower restarts #​33855
  • Spies are not reset after test execution when using @SpyBean #​33830
  • Properties Migrator does not detect properties of Map type that are marked as deprecated #​27854

📔 Documentation

  • Updated documentation for @ConfigurationProperties bean naming rules #​34029
  • Restore "Use Jedis Instead of Lettuce" how-to documentation #​33994
  • Add Redis application properties example #​33965
  • Use Maven Central for release downloads in CLI installation documentation #​33962
  • Actuator section is missing from documentation overview #​33932
  • Add Javadoc since to OperationParameter.getAnnotation() #​33914
  • Document additional configuration that is required for spring.mvc.throw-exception-if-no-handler-found=true to be effective #​31660

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​Anubhav-2000, @​enimiste, @​izeye, @​jprinet, @​marcel-wollschlaeger, @​mhalbritter, @​michaldo, and @​sannanansari

v2.7.8

Noteworthy
:lady_beetle: Bug Fixes
  • Devtools sets non-existent property spring.reactor.debug #​33858
  • Failing calls to reactive health indicators are not logged #​33774
  • Failure analysis of NoUniqueBeanDefinitionException reports "defined in null" when bean definition has no resource description #​33765
  • NPE in RabbitProperties when user is given, but password not #​33752
  • SDKMAN should not use repo.spring.io for releases #​33708
  • Homebrew and Scoop should not use repo.spring.io for releases #​33702
  • EndpointRequestMatcher should have a toString method #​33690
  • It is not possible to provide a custom TransactionProvider bean for JOOQ #​32899
  • SpringBootMockResolver causes AopTestUtils.getUltimateTargetObject to recurse until the stack overflows when it calls it with Spring Security's authentication manager bean #​32632
  • Inconsistent discovery of parameter names for selectors in custom actuator endpoints #​31240
  • @DeprecatedConfigurationProperty has no effect when declared on a record component's accessor method #​29526
  • Headless mode is forced when banner.* file is present. #​28803
  • Diagnostics are poor when the JMX port used by the Maven start goal is in use #​24044
📔 Documentation
  • Replace "via" in documentation and use "over" or "through" instead #​33878
  • Fix typo in kotlin getting started documentation #​33867
  • Update com.gorylenko.gradle-git-properties version to 2.4.1 in doc #​33838
  • Fix 'the the' typos #​33736
  • Fix typo in javadoc of org.springframework.boot.web.server.LocalServerPort #​33683
  • Fix a typo in the ExitCodeGenerator documentation #​33658
  • Fix typo in External Configuration documentation #​33630
  • Update getting started documentation to use @SpringBootApplication #​32795
  • Description of spring-boot-starter-websocket does not make it clear that it's Servlet-specific #​32493
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​BartR96, @​devrishal, @​dreis2211, @​izeye, @​josephlane, @​kvmw, @​mhalbritter, @​sannanansari, @​sdeleuze, @​yyjstudy, and @​zhangyanyue

v2.7.7

:lady_beetle: Bug Fixes
  • Fix typo in LocalDevToolsAutoConfiguration logging #​33569
  • Web server fails to start due to "Resource location must not be null" when attempting to use a PKCS 11 KeyStore #​32179
📔 Documentation
  • Improve gradle plugin tags documentation #​33614
  • Improve maven plugin tags documentation #​33609
  • Fix typo in tomcat accesslog checkExists doc #​33460
  • Document that the shutdown endpoint is not intended for use when deploying a war to a servlet container #​17398
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​Artur-, @​aksh1618, @​cdanger, @​currenjin, @​jprinet, and @​shekharAggarwal

v2.7.6

:lady_beetle: Bug Fixes
  • ScheduledBeanLazyInitializationExcludeFilter is auto-configured even when annotation-based scheduled has not been enabled #​33283
  • SpringBootContextLoader prints banner twice when using a @ContextHierarchy #​33262
  • Properties migrator causes an application to fail to start if it tries to map a property whose metadata data entry contains an invalid configuration property name #​33249
  • Configuration property binding does not deal with bridge methods #​33211
  • Configuring management.server.port via a config tree results in a ConverterNotFoundException when the management context is refreshed #​33168
  • Dependency management for XMLUnit is incomplete #​32999
  • Spring Boot's Lettuce metrics enable histrograms by default and it's hard to switch them off #​32989
  • Dependency management for Selenium is incomplete #​32861
  • NumberFormatException when configuring spring.redis.sentinel.nodes with an IPv6 address #​32836
📔 Documentation
  • Align Tomcat multiple connectors example with recommendation to configure SSL declaratively #​33331
  • ConditionalOnClass not working for Bean methods on Java 8 #​33328
  • Actuator document is misleading about k8s startup probe #​33326
  • Link to Micrometer's @Timed documentation #​33265
  • Clarify use of the spring.cache.type property with Hazelcast #​33257
  • Example git.commit.time in the Actuator API documentation is thousands of years in the future #​33255
  • Links to Features describes sections that have moved elsewhere #​33213
  • Fix kafka streams auto start description typo in reference docs #​33101
  • OAuth 2 configuration example uses unrecognized value for authorization grant type #​33068
  • Fix typos in logging.adoc #​32820
  • Harmonize code sample in the "Type-safe Configuration Properties" section #​32818
🔨 Dependency Upgrades
Contributors

Thank you to all the contributors who worked on this release:

@​EricGao888, @​biergit, @​dreis2211, @​eurythmia, @​hpoettker, @​iamgd67, @​izeye, @​jamessoun93, and @​sdeleuze

v2.7.5

:lady_beetle: Bug Fixes
  • Multi-Document-Separators "#---" comment checks do not account for '!' prefixed comments #​32777
  • Actuator configprops endpoint does not display DataSize properties correctly #​32775
  • @Bean methods in KafkaAutoConfiguration provide less type information than they could #​32773
  • PEM formatted elliptic-curve TLS keys are an unrecognized private key format #​32681
  • Assertion calls on CapturedOutput with Kotlin are very slow #​32575
  • Empty @DefaultValue cannot be used on collections, maps, arrays or optional values #​32563
  • CouchbaseReactiveHealthIndicator uses blocking API to retrieve the cluster diagnostics #​32513
  • BootBuildImage's archiveFile property is annotated as an @Input but should be annotated as an @InputFile #​32499
📔 Documentation
  • Remove redundant @ExtendWith(SpringExtension.class) from MyJmxTests example #​32515
🔨 Dependency Upgrades
  • Upgrade to Byte Buddy 1.12.18 #​32697
  • Upgrade to Dependency Management Plugin 1.0.15.RELEASE #​32786
  • Upgrade to Ehcache3 3.10.2 #​32663
  • Upgrade to Embedded Mongo 3.4.11 #​32664
  • Upgrade to Glassfish JAXB 2.3.7 #​32787
  • Upgrade to Hazelcast 5.1.4 #​32698
  • Upgrade to Hibernate 5.6.12.Final #​32665
  • Upgrade to Infinispan 13.0.12.Final #​32788
  • Upgrade to Jackson Bom 2.13.4.20221013 #​32724
  • Upgrade to Jetty Reactive HTTPClient 1.1.13 #​32699
  • Upgrade to Lettuce 6.1.10.RELEASE #​32666
  • Upgrade to Micrometer 1.9.5 #​32591
  • Upgrade to MySQL 8.0.31 and extend dependency management to new Maven identifiers #​32781
  • Upgrade to Netty 4.1.84.Final #​32700
  • Upgrade to Reactor 2020.0.24 #​32592
  • Upgrade to Spring Data 2021.2.5 #​32595
  • Upgrade to Spring Kafka 2.8.10 #​32596
  • Upgrade to Spring Retry 1.3.4 #​32594
  • Upgrade to Spring Security 5.7.4 #​32597
  • Upgrade to Tomcat 9.0.68 #​32667
  • Upgrade to Undertow 2.2.20.Final #​32668
Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.4

New Features

:lady_beetle: Bug Fixes

  • DataSource logging in H2 console auto-configuration causes Hikari's threads to have the wrong thread context class loader #​32406
  • Hazelcast auto-configuration recognizes hazelcast.xml and hazelcast.yaml files but not hazelcast.yml #​32247
  • Detection of PeriodStyle.ISO8601 does not support lower-case input #​32244
  • Detection of DurationStyle.ISO8601 does not support lower-case input #​32231
  • YAML timestamps not handled properly with SnakeYaml 1.31 #​32229
  • Hazelcast shutdown logs are not available out-of-the-box #​32184
  • Netty 'spring.netty leak detection' default property value is always applied to resource leak detector #​32145
  • Error "/var/run/docker.sock: connect: permission denied" occurs when building an image using podman on Fedora with SELinux enabled #​32000

📔 Documentation

  • Document support for JDK 19 #​32402
  • Clarify documentation of config sub-directory from which external application properties are read #​32291
  • Clarify documentation on disabling web client request metrics #​32198
  • Kotlin sample is missing for constructor binding #​32177
  • Remove out-of-date link from auto-configuration documentation #​32174
  • Improve @ConditionalOnClass javadoc regarding use on @Bean methods #​32167
  • Document classpath* location for looking up GraphQL schemas across modules #​31772

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.3

:lady_beetle: Bug Fixes

  • Misleading error message when using JarMode Layertools and the source is not an archive #​32097
  • ClassNotFoundException can be thrown for classes in nested jars when under GC pressure #​32085
  • Flyway auto-configuration fails with Flyway 9 #​32034
  • BasicJsonParser does not protect against deeply nested maps #​32031
  • OptionalLiveReloadServer logs the wrong port number when it is configured to use an ephemeral port #​31984
  • Servlet WebServerStartStopLifecycle doesn't set running to false on stop #​31967
  • JUL-based logging performed during close of application context is lost #​31963
  • The hash of spring-boot-jarmode-layertools.jar that's added to a fat jar doesn't match the hash of the equivalent published artifact #​31949
  • management.endpoint.health.probes.add-additional-paths has no effect when configuration properties have already created the liveness and/or readiness groups #​31926
  • UnsupportedDataSourcePropertyException is thrown when attempting to set jdbcUrl for C3P0 #​31921
  • Dev Tools restart failures caused by a too short quiet period are hard to diagnose #​31906
  • HealthContributor beans managed by a CompositeHealthContributor are recreated on each call #​31879
  • Dependency management for REST Assured is incomplete #​31877
  • Jar Handler never clears MROTOCOL_HANDLER system property #​31875
  • BasicJsonParser can fail with a timeout or stackoverflow with malformed map JSON #​31873
  • BasicJsonParser can fail with a stackoverflow exception #​31871

📔 Documentation

  • Review Git contribution documentation #​32099
  • Documentation for Maven Plugin classifier has an unresolved external reference #​32043
  • Update Static Content reference documentation to reflect the DefaultServlet no longer being enabled by default #​32026
  • Example log output is out-of-date and inconsistent #​31987
  • Document that Undertow's record-request-start-time server option must be enabled for %D to work in access logging #​31976
  • Update documentation on using H2C to consider running behind a proxy that's performing TLS termination #​31974
  • Some properties in the Common Application Properties appendix have no description #​31971
  • Fix links in documentations #​31951
  • External configuration documentation uses incorrect placeholder syntax #​31943
  • server.reactive.session.cookie properties are not listed in the application properties appendix #​31914
  • Remove documentation and metadata references to ConfigFileApplicationListener #​31901
  • Metadata for 'spring.beaninfo.ignore' has incorrect SourceType #​31899
  • Remove reference to nitrite-spring-boot-starter #​31893
  • Remove reference to Azure Application Insights #​31890
  • Fix typos in code and documentation #​31865

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.2

:lady_beetle: Bug Fixes

  • Publishing a docker image to a private registry fails without authentication #​31824
  • In a non-reactive application, health indicators in a parent context are not found #​31818
  • Dependency management for Derby is incomplete #​31814
  • ApplicationPid doesn't log a warning if it takes a long time to return #​31810
  • A router function with attributes causes /actuator/mappings to return a 500 response due to an UnsupportedOperationException #​31806
  • InstanceAlreadyExistsException when using Actuator with multiple context and JMX enabled #​31804
  • Using 'ImportAutoConfigurationImportSelector' in the jar package loaded by a custom class loader throws ClassNotFoundException #​31801
  • GraphQL auto-configuration does not configure the GrapQlSource with SubscriptionExceptionResolver beans #​31794
  • Trailing whitespace in the value of a property is hard to identify in failure analysis descriptions #​31780
  • Log4j2's shutdown hook is not disabled when using Log4j 2.18 or later #​31732
  • HTTP Server and Data repositories metrics record null for the description #​31706
  • Deprecation hint for spring.data.mongodb.grid-fs-database is located in the wrong section #​31690
  • Image building fails with latest Paketo base builder and additional buildpacks configured #​31558
  • Tomcat fails to start when PEM files are used and key-store-password is not specified #​31253

📔 Documentation

  • Clarify how docker image publishing registry is determined #​31826
  • Fix typo in "HTTP and WebSocket" section of GraphQL documentation #​31518

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.1

:lady_beetle: Bug Fixes

  • Values in a spring.data.cassandra.config file can't override some defaults defined in CassandraProperties #​31503
  • @RestControllerAdvice @ExceptionHandler Inconsistent behavior with @RestControllerEndpoint #​31501
  • Malformed json causes BasicJsonParser to throw a NullPointerException #​31499
  • Metadata generated by the configuration properties annotation processor can miss inherited properties from nested classes #​31484
  • JarFile implementation calls close early which breaks verification of signed unpacked nested jars on Oracle JDK #​31395
  • Health indicators that take a long time to respond are difficult to diagnose #​31384
  • Custom Converter annotated with @ConfigurationPropertiesBinding does not get selected if targetType has a static factory method different return type #​31341
  • Tomcat server.max-http-header-size property is ignored when using HTTP/2 #​31329
  • OAuth2 Resource Server Auto-Configuration can only configure a single JWS algorithm #​31321
  • Maven shade plugin configuration in spring-boot-starter-parent does not append META-INF/spring/*.imports files #​31316
  • GraphQL RouterFunctions are unordered which prevents other functions from being ordered after them #​31314
  • spring-boot-dependencies manages spring-ldap-ldif-batch which no longer exists #​31254
  • Dependency task can fail due to BootJar and BootWar afterResolve hooks #​31213
  • MimeMappings does not include application/wasm #​31188
  • spring-configuration-metadata.json is missing for additional-spring-configuration-metadata.json after switching from @Configuration to @AutoConfiguration #​31186
  • Binder(ConfigurationPropertySource... sources) does not assert that sources contains only non-null elements #​31183
  • WebMvcMetricsFilter stopped working since 2.7.0 #​31150
  • Dependency management for mimepull is redundant and the managed version is incompatible with Java 8 #​31145
  • layers.xsd is out of sync with the documentation and implementation for including and excluding module dependencies #​31128

📔 Documentation

  • Make SpringApplication Kotlin samples idiomatic #​31463
  • Harmonize Kotlin example #​31458
  • Remove duplicate content from "The Spring WebFlux Framework" section #​31381
  • Document that property placeholders should use the canonical property name form #​31369
  • Fix typos in the reference documentation #​31366
  • Enable Links for the Javadoc of the Gradle Plugin #​31362
  • Remove "earlier in this chapter" from places where content is now elsewhere in the documentation #​31360
  • Restore custom favicon documentation #​31358
  • Document that when using Lombok it must be configured to run before spring-boot-configuration-processor #​31356
  • Use Lambda-based API in Spring Security examples #​31354
  • Fix typo in name of imports file in javadoc of ImportCandidates.from #​31277
  • Typos in documentation ("spring-factories" instead of "spring.factories") #​31206
  • Fix Custom Layers Configuration section title in Maven plugin docs #​31180
  • org.springframework.boot.actuate.autoconfigure.metrics.graphql has no package info #​31140
  • Update Dynatrace Micrometer registry documentation #​31132

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.7.0

See the Release notes for 2.7 for upgrade instructions and details of new features.

New Features
  • Revert to using "application/json" as default MIME type for GraphQL while remaining compatible with "application/graphql+json" #​30860
  • Allow customization of single logout in auto-configured SAML relying party registration #​30128
:lady_beetle: Bug Fixes
  • Default properties configured on SpringApplication have higher precedence than properties configured with @PropertySource #​31093
  • A failure when an instrumented WebClient records metrics causes the request to fail #​31089
  • Dependency management for Artemis is incomplete #​31079
  • Configuration properties for Statsd's buffered and step properties are missing #​31059
  • Debug logging for requests to WebFlux-based Actuator endpoints does not identify the endpoint #​30887
  • @ConditionalOnProperty meta annotation with @AliasFor does not work #​30874
  • Event handling in JobExecutionExitCodeGenerator is not thread-safe #​30846
  • Hibernate service loading logs HHH000505 warnings for ServiceConfigurationError with Gradle-built jars since 2.5.10 when using Java 11 or later #​30791
  • Cryptic startup failure with bare LOGGING_LEVEL environment variable #​30789
  • SearchStrategy argument of MethodValidationExcludeFilter byAnnotation(Class, SearchStrategy) is not used #​30787
  • spring.security.saml2.relyingparty.registration..asserting-party. properties contain unwanted hyphen in asserting-party #​30785
  • DevTools sets deprecated spring.mustache.cache property #​30774
📔 Documentation
  • Extend documentation on Datadog metrics #​30997
  • Fix link to Upgrading From 1.x in multi-page documentation #​30995
  • Document support for Java 18 #​30782
🔨 Dependency Upgrades
Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.15

:lady_beetle: Bug Fixes

  • Welcome page may return a 404 when an acceptable response cannot be produced #​35561
  • Loading application.yml fails with NoSuchMethodError when using SnakeYAML 2.0 #​35415
  • CloudFoundry integration does not use endpoint path mappings #​35412

🔨 Dependency Upgrades

v2.6.14

:lady_beetle: Bug Fixes

  • ScheduledBeanLazyInitializationExcludeFilter is auto-configured even when annotation-based scheduled has not been enabled #​33276
  • Configuration property binding does not deal with bridge methods #​33105
  • SpringBootContextLoader prints banner twice when using a @ContextHierarchy #​33079
  • Dependency management for XMLUnit is incomplete #​32998
  • Spring Boot's Lettuce metrics enable histrograms by default and it's hard to switch them off #​32985
  • Configuring management.server.port via a config tree results in a ConverterNotFoundException when the management context is refreshed #​32941
  • NumberFormatException when configuring spring.redis.sentinel.nodes with an IPv6 address #​32762
  • Properties migrator causes an application to fail to start if it tries to map a property whose metadata data entry contains an invalid configuration property name #​32729
  • Dependency management for Selenium is incomplete #​32721

📔 Documentation

  • Link to Micrometer's @Timed documentation #​33264
  • Clarify use of the spring.cache.type property with Hazelcast #​33245
  • Example git.commit.time in the Actuator API documentation is thousands of years in the future #​33237
  • Links to Features describes sections that have moved elsewhere #​33207
  • Fix kafka streams auto start description typo in reference docs #​33098
  • OAuth 2 configuration example uses unrecognized value for authorization grant type #​32931
  • Fix typos in logging.adoc #​32812
  • Harmonize code sample in the "Type-safe Configuration Properties" section #​32644
  • Align Tomcat multiple connectors example with recommendation to configure SSL declaratively #​28707
  • Actuator document is misleading about k8s startup probe #​28432
  • ConditionalOnClass not working for Bean methods on Java 8 #​27846

🔨 Dependency Upgrades

Contributors

Thank you to all the contributors who worked on this release:

@​EricGao888, @​dreis2211, @​eurythmia, @​hpoettker, @​iamgd67, @​jamessoun93, and @​sdeleuze

v2.6.13

:lady_beetle: Bug Fixes

  • @Bean methods in KafkaAutoConfiguration provide less type information than they could #​32770
  • PEM formatted elliptic-curve TLS keys are an unrecognized private key format #​32646
  • Actuator configprops endpoint does not display DataSize properties correctly #​32645
  • Empty @DefaultValue cannot be used on collections, maps, arrays or optional values #​32559
  • Multi-Document-Separators "#---" comment checks do not account for '!' prefixed comments #​32521
  • CouchbaseReactiveHealthIndicator uses blocking API to retrieve the cluster diagnostics #​32505
  • BootBuildImage's archiveFile property is annotated as an @Input but should be annotated as an @InputFile #​32495
  • Assertion calls on CapturedOutput with Kotlin are very slow #​32033

📔 Documentation

  • Remove redundant @ExtendWith(SpringExtension.class) from MyJmxTests example #​32476

🔨 Dependency Upgrades

  • Upgrade to Dependency Management Plugin 1.0.15.RELEASE #​32784
  • Upgrade to Ehcache3 3.9.10 #​32648
  • Upgrade to Glassfish JAXB 2.3.7 #​32785
  • Upgrade to Hibernate 5.6.12.Final #​32649
  • Upgrade to Jackson Bom 2.13.4.20221013 #​32722
  • Upgrade to Jetty Reactive HTTPClient 1.1.13 #​32723
  • Upgrade to Lettuce 6.1.10.RELEASE #​32669
  • Upgrade to Micrometer 1.8.11 #​32586
  • Upgrade to MySQL 8.0.31 and extend dependency management to new Maven identifiers #​32747
  • Upgrade to Netty 4.1.84.Final #​32695
  • Upgrade to Reactor 2020.0.24 #​32587
  • Upgrade to Spring Data 2021.1.9 #​32588
  • Upgrade to Spring Kafka 2.8.10 #​32589
  • Upgrade to Spring Retry 1.3.4 #​32593
  • Upgrade to Spring Security 5.6.8 #​32590
  • Upgrade to Tomcat 9.0.68 #​32650
  • Upgrade to Undertow 2.2.20.Final #​32651

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.12

New Features

:lady_beetle: Bug Fixes

  • DataSource logging in H2 console auto-configuration causes Hikari's threads to have the wrong thread context class loader #​32382
  • Detection of PeriodStyle.ISO8601 does not support lower-case input #​32235
  • YAML timestamps not handled properly with SnakeYaml 1.31 #​32228
  • Detection of DurationStyle.ISO8601 does not support lower-case input #​32223
  • Netty 'spring.netty leak detection' default property value is always applied to resource leak detector #​32144
  • Hazelcast auto-configuration recognizes hazelcast.xml and hazelcast.yaml files but not hazelcast.yml #​32142

📔 Documentation

  • Document support for JDK 19 #​32259
  • Clarify documentation of config sub-directory from which external application properties are read #​32224
  • Improve @ConditionalOnClass javadoc regarding use on @Bean methods #​32166
  • Clarify documentation on disabling web client request metrics #​32136

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.11

:lady_beetle: Bug Fixes

  • BasicJsonParser does not protect against deeply nested maps #​32029
  • Misleading error message when using JarMode Layertools and the source is not an archive #​31997
  • OptionalLiveReloadServer logs the wrong port number when it is configured to use an ephemeral port #​31983
  • Servlet WebServerStartStopLifecycle doesn't set running to false on stop #​31966
  • UnsupportedDataSourcePropertyException is thrown when attempting to set jdbcUrl for C3P0 #​31920
  • Jar Handler never clears MROTOCOL_HANDLER system property #​31870
  • BasicJsonParser can fail with a timeout or stackoverflow with malformed map JSON #​31869
  • BasicJsonParser can fail with a stackoverflow exception #​31868
  • Dependency management for REST Assured is incomplete #​31864
  • The hash of spring-boot-jarmode-layertools.jar that's added to a fat jar doesn't match the hash of the equivalent published artifact #​31862
  • ClassNotFoundException can be thrown for classes in nested jars when under GC pressure #​31853
  • HealthContributor beans managed by a CompositeHealthContributor are recreated on each call #​31676
  • Dev Tools restart failures caused by a too short quiet period are hard to diagnose #​31579
  • management.endpoint.health.probes.add-additional-paths has no effect when configuration properties have already created the liveness and/or readiness groups #​30612
  • JUL-based logging performed during close of application context is lost #​9457

📔 Documentation

  • Update Static Content reference documentation to reflect the DefaultServlet no longer being enabled by default #​32004
  • External configuration documentation uses incorrect placeholder syntax #​31941
  • Some properties in the Common Application Properties appendix have no description #​31916
  • server.reactive.session.cookie properties are not listed in the application properties appendix #​31912
  • Review Git contribution documentation #​31904
  • Metadata for 'spring.beaninfo.ignore' has incorrect SourceType #​31898
  • Remove documentation and metadata references to ConfigFileApplicationListener #​31895
  • Remove reference to nitrite-spring-boot-starter #​31892
  • Remove reference to Azure Application Insights #​31889
  • Fix links in documentations #​31887
  • Fix typos in code and documentation #​31734
  • Document that Undertow's record-request-start-time server option must be enabled for %D to work in access logging #​31103
  • Documentation for Maven Plugin classifier has an unresolved external reference #​29171
  • Example log output is out-of-date and inconsistent #​28208
  • Update documentation on using H2C to consider running behind a proxy that's performing TLS termination #​25855

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.10

:lady_beetle: Bug Fixes

  • Using 'ImportAutoConfigurationImportSelector' in the jar package loaded by a custom class loader throws ClassNotFoundException #​31798
  • A router function with attributes causes /actuator/mappings to return a 500 response due to an UnsupportedOperationException #​31784
  • Log4j2's shutdown hook is not disabled when using Log4j 2.18 or later #​31719
  • InstanceAlreadyExistsException when using Actuator with multiple context and JMX enabled #​31718
  • Deprecation hint for spring.data.mongodb.grid-fs-database is located in the wrong section #​31689
  • ApplicationPid doesn't log a warning if it takes a long time to return #​31572
  • Trailing whitespace in the value of a property is hard to identify in failure analysis descriptions #​31571
  • Dependency management for Derby is incomplete #​31570
  • HTTP Server and Data repositories metrics record null for the description #​31516
  • Image building fails with latest Paketo base builder and additional buildpacks configured #​31233
  • Publishing a docker image to a private registry fails without authentication #​28844
  • In a non-reactive application, health indicators in a parent context are not found #​27308

📔 Documentation

  • Clarify how docker image publishing registry is determined #​31820

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.9

:lady_beetle: Bug Fixes
  • @RestControllerAdvice @ExceptionHandler Inconsistent behavior with @RestControllerEndpoint #​31495
  • Tomcat server.max-http-header-size property is ignored when using HTTP/2 #​31322
  • Malformed json causes BasicJsonParser to throw a NullPointerException #​31301
  • Values in a spring.data.cassandra.config file can't override some defaults defined in CassandraProperties #​31238
  • Health indicators that take a long time to respond are difficult to diagnose #​31231
  • layers.xsd is out of sync with the documentation and implementation for including and excluding module dependencies #​31127
  • MimeMappings does not include application/wasm #​30885
  • Binder(ConfigurationPropertySource... sources) does not assert that sources contains only non-null elements #​30878
  • Dependency task can fail to BootJar and BootWar afterResolve hooks #​30586
  • JarFile implementation calls close early which breaks verification of signed unpacked nested jars on Oracle JDK #​29356
  • Custom Converter annotated with @ConfigurationPropertiesBinding does not get selected if targetType has a static factory method different return type #​28592
  • Metadata generated by the configuration properties annotation processor can miss inherited properties from nested classes #​21626
📔 Documentation
  • Remove duplicate content from "The Spring WebFlux Framework" section #​31378
  • Fix typos in the reference documentation #​31328
  • Document that property placeholders should use the canonical property name form #​31309
  • Enable Links for the Javadoc of the Gradle Plugin #​31279
  • Remove "earlier in this chapter" from places where content is now elsewhere in the documentation #​31276
  • Restore custom favicon documentation #​31224
  • Typos in documentation ("spring-factories" instead of "spring.factories") #​31203
  • Document that when using Lombok it must be configured to run before spring-boot-configuration-processor #​31190
  • Fix Custom Layers Configuration section title in Maven plugin docs #​31172
  • Use Lambda-based API in Spring Security examples #​31143
🔨 Dependency Upgrades
Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.8

:lady_beetle: Bug Fixes
  • Default properties configured on SpringApplication have higher precedence than properties configured with @PropertySource #​31092
  • A failure when an instrumented WebClient records metrics causes the request to fail #​31088
  • Dependency management for Artemis is incomplete #​31078
  • Configuration properties for Statsd's buffered and step properties are missing #​31058
  • Debug logging for requests to WebFlux-based Actuator endpoints does not identify the endpoint #​30886
  • @ConditionalOnProperty meta annotation with @AliasFor does not work #​30873
  • Event handling in JobExecutionExitCodeGenerator is not thread-safe #​30845
  • Hibernate service loading logs HHH000505 warnings for ServiceConfigurationError with Gradle-built jars since 2.5.10 when using Java 11 or later #​30790
  • Cryptic startup failure with bare LOGGING_LEVEL environment variable #​30788
  • SearchStrategy argument of MethodValidationExcludeFilter byAnnotation(Class, SearchStrategy) is not used #​30786
📔 Documentation
  • Extend documentation on Datadog metrics #​30996
  • Fix link to Upgrading From 1.x in multi-page documentation #​30994
  • Document support for Java 18 #​30781
🔨 Dependency Upgrades
Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.7

:lady_beetle: Bug Fixes
  • bootBuildInfo fails with a NullPointerException when an additional property has a null value #​30670
  • @SpringBootTest(webEnvironment = WebEnvironment.NONE) is overridden by spring.main.web-application-type in application.properties #​30666
  • Spring Boot does not respect WebApplicationType.REACTIVE in tests with a mock web environment #​30664
  • NullPointerException is thrown when accessing /actuator/configprops if a class annotated with both @Configuration and @ConfigurationProperties has a static @Bean method #​30581
  • ApplicationAvailabilityBean is not thread-safe #​30553
  • Incorrect Neo4j username property replacement hint by spring-boot-properties-migrator #​30551
  • Add Tomcat locale mapping for Japanese to preserve UTF-8 charset #​30541
📔 Documentation
  • Update doc samples to reflect AdoptOpenJDK move to the Eclipse Foundation #​30749
  • Fix incorrect link in kafka.adoc #​30674
  • Move Jetty 9 specific exclusions to the correct dependency #​30583
  • Add missing configuration metadata for "management.endpoint.health.probes.add-additional-paths" #​30562
  • Update list of default internal proxies in Web Server howto #​30544
  • Polish documentation #​30526
🔨 Dependency Upgrades
Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.6

:lady_beetle: Bug Fixes

  • MustacheAutoConfiguration in a Servlet web application fails with a ClassNotFoundException when Spring MVC is not on the classpath #​30475

📔 Documentation

  • Javadoc of org.springframework.boot.gradle.plugin.ResolveMainClassName.setClasspath(Object) is inaccurate #​30469
  • Document that @DefaultValue can be used on a record component #​30465
  • Remove redundant Javadoc #​30446

🔨 Dependency Upgrades

  • Upgrade to Jackson Bom 2.13.2.20220328 #​30478
  • Upgrade to Spring Framework 5.3.18 #​30492

Contributors

We'd like to thank all the contributors who worked on this release!

v2.6.5

📣 Noteworthy

New Features

:lady_beetle: Bug Fixes

  • ConfigurationPropertyName#equals is not symmetric when adapt has removed trailing characters from an element #​30392
  • Thymeleaf auto-configuration in a reactive application can fail due to duplicate templateEngine beans #​30385
  • server.tomcat.keep-alive-timeout is not applied to HTTP/2 #​30321
  • Setting spring.mustache.enabled to false has no effect #​30256
  • bootWar is configured eagerly #​30213
  • Actuator @ReadOperation on Flux cancels request after first element emitted #​30161
  • Unnecessary allocations in Prometheus scraping endpoint #​30125
  • No metrics are bound for R2DBC ConnectionPools that have been wrapped #​30100
  • Condition evaluation report entry for a @ConditionalOnSingleCandidate that does not match due to multiple primary beans isn't as clear as it could be #​30098
  • Generated password are logged without an "unsuitable for production use" note #​30070
  • Dependency management for Netty tcNative is incomplete leading to possible version conflicts #​30038
  • Files in META-INF are not found when deploying a Gradle-built executable war to a servlet container #​30036
  • Dependency management for Apache Kafka is incomplete #​30031
  • spring-boot-configuration-processor fails compilation due to @DefaultValue with a long value and generates invalid metadata for byte and short properties with out-of-range default values #​30022

📔 Documentation

  • Add Apache Kafka to the description of the Messaging section #​30389
  • Default value of spring.thymeleaf.reactive.media-types is not documented #​30387
  • Clarify type matching that is performed when using @MockBean and @SpyBean #​30382
  • Fix links to Spring Security Reference Guide in Accessing the H2 Console in a Secured Application #​30349
  • Document how to access the H2 Console in a secured web application #​30346
  • Add Netty in "Enable HTTP Response Compression" #​30344
  • Fix JsonSerializer example in reference guide #​30330
  • WebSockets section missing in reference guide #​30231
  • Include default Dev Tools properties in the reference documentation #​30166
  • Document the WebSocket-related exclusions that are required to use Jetty 10 #​30149
  • Fix typo #​30120
  • Add documentation for spring.profiles.include #​30114
  • Document when config data properties are invalid #​30113
  • Document the scalar types supported by MapBinder #​30111
  • Document how to rely on ServletContext with an embedded container setup #​30109
  • Anchor tag for Spring HATEOAS does not redirect properly #​30106
  • Clarify that build plugins or the CLI does not have an auto-compile feature #​30093
  • Document how to structure configurations so that @Bean methods are included in slice tests #​30091
  • Remove non-existent spring.data.cassandra.connection.connection-timeout property from the documentation #​30080
  • Clarify actuator security documentation #​30065
  • Use Gradle's task configuration avoidance APIs in the main reference docs #​30059
  • Use Gradle's task configuration avoidance APIs in the Gradle Plugin's reference docs #​30057
  • Improve property placeholder documentation to mention environment variables and default values #​30050
  • Polish web examples in reference doc #​30048
  • Add links to Spring Boot for Apache Geode to the reference documentation #​30018
  • Document plugging in custom sanitisation rules with a SanitizingFunction bean #​29950

🔨 Dependency Upgrades

Contributors

We'd like to thank all the contributors who worked on this release!

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports

Me haz all ze repositoriiiiiiiiiiiiiiiiiies