search

CycloneDX / cyclonedx-linux-generator

Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions
https://cyclonedx.org/
Other
39 stars 14 forks source link

Bump spring-boot-starter-parent from 2.5.5 to 2.5.6 #24

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps spring-boot-starter-parent from 2.5.5 to 2.5.6.

Release notes

Sourced from spring-boot-starter-parent's releases.

v2.5.6

:lady_beetle: Bug Fixes

  • Misleading failure analysis when jOOQ's DSLContext is unavailable due to R2DBC taking precedence over JDBC #28379
  • When lazy initialization is enabled, JMX endpoints are not available #28371
  • JarFileWrapper may cause many FinalReferences causing GC pressure #28356
  • Flattened VCAP_SERVICES properties are not sanitized by default #28353
  • MeterValue with "d" suffix not parsed as Duration for timer #28351
  • CachingOperationInvoker cache can consume a significant amount of heap space #28347
  • Devtools restart fails with in-memory R2DBC database and SQL initialization scripts #28345
  • ActiveMQ starter depends on org.apache.geronimo.specs:geronimo-j2ee-management_1.1_spec #28340
  • spring-boot-starter-oauth2-client has an unnecessary dependency on com.sun.mail:jakarta.mail #28333
  • Layertools extract does not preserve last modified and last access times #28190
  • NumberFormatException when configuring spring.rabbitmq.addresses with an IPv6 address #28134
  • Broken content negotiation for OpenMetrics #28130

:notebook_with_decorative_cover: Documentation

  • Fix typo in EnvironmentPostProcessor's class-level javadoc #28382
  • Remove obsolete info about Spring Integration's metrics support #28375
  • Update docs to be explicit about dot notation being correctly mapped #28201
  • Section 4.4 File Rotation mentions the wrong configuration file name for Log4j2 #28193
  • Update Javadoc with note mentioning that class using ConstructorBinding must be enabled using annotations #28171
  • Make it clearer that, when using @AutoConfigureTestEntityManager outside of @DataJpaTest, any tests using the test entity manager must be @Transactional #28159

:hammer: Dependency Upgrades

  • Upgrade to Dropwizard Metrics 4.1.26 #28280
  • Upgrade to Ehcache3 3.9.7 #28394
  • Upgrade to HttpCore5 5.1.2 #28281
  • Upgrade to Jaybird 4.0.4.java8 #28282
  • Upgrade to Jetty 9.4.44.v20210927 #28283
  • Upgrade to Lombok 1.18.22 #28284
  • Upgrade to Micrometer 1.7.5 #28242
  • Upgrade to MySQL 8.0.27 #28395
  • Upgrade to Netty 4.1.69.Final #28360
  • Upgrade to Netty tcNative 2.0.44.Final #28285
  • Upgrade to Postgresql 42.2.24 #28286
  • Upgrade to R2DBC Bom Arabba-SR11 #28287
  • Upgrade to Reactor 2020.0.12 #28240
  • Upgrade to SendGrid 4.7.6 #28396
  • Upgrade to Spring AMQP 2.3.11 #28245
  • Upgrade to Spring Data 2021.0.6 #28244
  • Upgrade to Spring Framework 5.3.12 #28241
  • Upgrade to Spring HATEOAS 1.3.5 #28243
  • Upgrade to Spring Integration 5.5.5 #28249
  • Upgrade to Spring Kafka 2.7.8 #28246
  • Upgrade to Spring Security 5.5.3 #28247
  • Upgrade to Spring Session 2021.0.3 #28248
  • Upgrade to Tomcat 9.0.54 #28288

... (truncated)

Commits
  • 8a03344 Release v2.5.6
  • 6cdafc4 Upgrade to Spring Session 2021.0.3
  • 4a9931f Merge branch '2.4.x' into 2.5.x
  • 7e3d663 Upgrade Ubuntu version in CI images
  • 60c815a Upgrade Ubuntu version in CI images
  • 3abda65 Upgrade to Spring Session 2020.0.7
  • d80d692 Upgrade to Spring Framework 5.3.12
  • cc54be4 Merge branch '2.4.x' into 2.5.x
  • 91524cc Upgrade to Spring Framework 5.3.12
  • 841f8b4 Merge branch '2.4.x' into 2.5.x
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)