amaybaum-dev / verademo

A deliberately insecure Java web application
MIT License
0 stars 3 forks source link

Update dependency org.springframework.boot:spring-boot-starter-web to v3 #44

Open dev-mend-for-github-com[bot] opened 6 months ago

dev-mend-for-github-com[bot] commented 6 months ago

This PR contains the following updates:

Package Type Update Change
org.springframework.boot:spring-boot-starter-web (source) compile major 2.3.1.RELEASE -> 3.2.0

By merging this PR, the issue #36 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
Critical Critical 10.0 CVE-2022-22965

Reachable

Critical Critical 9.8 CVE-2016-1000027

Unreachable

High High 8.3 CVE-2022-1471

Unreachable

High High 7.8 CVE-2021-22118

Unreachable

High High 7.5 CVE-2020-13935

Unreachable

High High 7.5 CVE-2020-36518

Reachable

High High 7.5 CVE-2021-46877

Reachable

High High 7.5 CVE-2022-25857

Unreachable

High High 7.5 CVE-2022-42003

Reachable

High High 7.5 CVE-2022-42004

Reachable

Medium Medium 6.5 CVE-2020-5421

Reachable

Medium Medium 6.5 CVE-2022-22950

Reachable

Medium Medium 6.5 CVE-2023-20861

Reachable

Medium Medium 6.5 CVE-2023-20863

Reachable

Medium Medium 5.3 CVE-2022-22968

Reachable

Medium Medium 4.3 CVE-2021-22060

Reachable

Medium Medium 4.3 CVE-2021-22060

Reachable

Medium Medium 4.3 CVE-2021-22096

Reachable

Medium Medium 4.3 CVE-2021-22096

Reachable

Medium Medium 4.3 CVE-2021-22096

Reachable

Medium Medium 4.3 CVE-2022-22970

Reachable

Medium Medium 4.3 CVE-2022-22970

Reachable


Release Notes

spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-web) ### [`v3.2.0`](https://redirect.github.com/spring-projects/spring-boot/releases/tag/v3.2.0) [Compare Source](https://redirect.github.com/spring-projects/spring-boot/compare/v3.1.12...v3.2.0) #### :star: New Features - Auto-configure observations for RestClients [#​38500](https://redirect.github.com/spring-projects/spring-boot/issues/38500) - Add support for Oracle Free, the replacement for Oracle XE, with Testcontainers and Docker Compose [#​38476](https://redirect.github.com/spring-projects/spring-boot/issues/38476) - Provide dependency management for org.crac:crac [#​38378](https://redirect.github.com/spring-projects/spring-boot/issues/38378) - Add new properties for Liquibase 4.24.0 [#​38274](https://redirect.github.com/spring-projects/spring-boot/pull/38274) - Provide a way to create custom ApplicationContextFactory in SpringBootContextLoader [#​38205](https://redirect.github.com/spring-projects/spring-boot/issues/38205) - Report friendly error when failing to find AOT initializer [#​38188](https://redirect.github.com/spring-projects/spring-boot/pull/38188) #### :lady_beetle: Bug Fixes - Annotation based ConditionalOnBean checks can cause early initialization of FactoryBeans [#​38507](https://redirect.github.com/spring-projects/spring-boot/issues/38507) - CRaC restoration fails when Actuator's running on a separate port [#​38502](https://redirect.github.com/spring-projects/spring-boot/issues/38502) - App that depends on Tomcat and on Jetty's websocket-server module fails to start with IllegalStateException: WebSocketComponents has not been created [#​38286](https://redirect.github.com/spring-projects/spring-boot/issues/38286) - App fails to start with a NoSuchMethodError when using Flyway 10.0.0 [#​38268](https://redirect.github.com/spring-projects/spring-boot/issues/38268) - MeterRegistry throws BeanCreationNotAllowedException on shutdown [#​38240](https://redirect.github.com/spring-projects/spring-boot/issues/38240) - Resolution of productionRuntimeClasspath configuration may select the wrong variant and contain a dependency's source jar [#​38233](https://redirect.github.com/spring-projects/spring-boot/issues/38233) - Docker JSON parsing fails on certain locales [#​38220](https://redirect.github.com/spring-projects/spring-boot/issues/38220) - FileNotFoundException is thrown serving resources due to JarUrlConnection.getLastModified() returning zero [#​38204](https://redirect.github.com/spring-projects/spring-boot/issues/38204) - Failed to extract parameter names exception thrown when binding with non-enumerable property source [#​38201](https://redirect.github.com/spring-projects/spring-boot/issues/38201) - Spring Boot 3.2.0-RC1 application fails on JDK with CRaC but without a dependency on org.crac:crac [#​38186](https://redirect.github.com/spring-projects/spring-boot/issues/38186) - Missing configuration processing for PartEvent support [#​37642](https://redirect.github.com/spring-projects/spring-boot/issues/37642) #### :notebook_with_decorative_cover: Documentation - Document supported SQL comment prefixes [#​38496](https://redirect.github.com/spring-projects/spring-boot/issues/38496) - Update access log pattern documentation to align with changes in Tomcat 10 [#​38425](https://redirect.github.com/spring-projects/spring-boot/issues/38425) - Update Dynatrace docs with info about the meter metadata toggle [#​38368](https://redirect.github.com/spring-projects/spring-boot/pull/38368) - Improve documentation regarding tracing in tests [#​38362](https://redirect.github.com/spring-projects/spring-boot/issues/38362) - Document the accepted inputs when configuring tags on spring-boot:build-image and bootBuildImage [#​38354](https://redirect.github.com/spring-projects/spring-boot/issues/38354) - Document how to use cloudfoundry specific actuators with a custom base path for webflux applications [#​38353](https://redirect.github.com/spring-projects/spring-boot/issues/38353) - Document Liberica JDK with CRaC [#​38350](https://redirect.github.com/spring-projects/spring-boot/pull/38350) - Add a Restarting a stopped or failed Job section to the batch howto [#​38341](https://redirect.github.com/spring-projects/spring-boot/issues/38341) - Clarify documentation on importing Testcontainer declarations and using `@ServiceConnection` or `@DynamicPropertySource` [#​38337](https://redirect.github.com/spring-projects/spring-boot/issues/38337) - Make distinction between Testcontainers for integration tests and development more clear in documentation [#​38336](https://redirect.github.com/spring-projects/spring-boot/issues/38336) - When using Testcontainers at development time with `@ServiceConnection` on a `@Bean` method, describe when to use the name attribute and why [#​38335](https://redirect.github.com/spring-projects/spring-boot/issues/38335) - Fix link to Elasticsearch health indicator [#​38334](https://redirect.github.com/spring-projects/spring-boot/issues/38334) - Update Spring Framework documentation links [#​38289](https://redirect.github.com/spring-projects/spring-boot/issues/38289) - Code sample in "Developing Your First Spring Boot Application" does not work [#​38272](https://redirect.github.com/spring-projects/spring-boot/issues/38272) - Improve --help and documentation for "encodepassword -a/--algorithm" in the Spring Boot CLI [#​38249](https://redirect.github.com/spring-projects/spring-boot/issues/38249) - Add how-to documentation for test-only database migrations with Flyway/Liquibase [#​38231](https://redirect.github.com/spring-projects/spring-boot/issues/38231) - Document that PEM content can be used directly in application.yaml [#​38215](https://redirect.github.com/spring-projects/spring-boot/issues/38215) - Document that TomcatConnectorCustomizers are not applied to additional connectors [#​38198](https://redirect.github.com/spring-projects/spring-boot/issues/38198) #### :hammer: Dependency Upgrades - Upgrade to AspectJ 1.9.20.1 [#​38358](https://redirect.github.com/spring-projects/spring-boot/issues/38358) - Upgrade to Byte Buddy 1.14.10 [#​38407](https://redirect.github.com/spring-projects/spring-boot/issues/38407) - Upgrade to DB2 JDBC 11.5.9.0 [#​38408](https://redirect.github.com/spring-projects/spring-boot/issues/38408) - Upgrade to Dependency Management Plugin 1.1.4 [#​38346](https://redirect.github.com/spring-projects/spring-boot/issues/38346) - Upgrade to Dropwizard Metrics 4.2.22 [#​38409](https://redirect.github.com/spring-projects/spring-boot/issues/38409) - Upgrade to GraphQL Java 21.3 [#​38478](https://redirect.github.com/spring-projects/spring-boot/issues/38478) - Upgrade to Hazelcast 5.3.6 [#​38410](https://redirect.github.com/spring-projects/spring-boot/issues/38410) - Upgrade to Infinispan 14.0.21.Final [#​38411](https://redirect.github.com/spring-projects/spring-boot/issues/38411) - Upgrade to JUnit Jupiter 5.10.1 [#​38412](https://redirect.github.com/spring-projects/spring-boot/issues/38412) - Upgrade to Kotlin Serialization 1.6.1 [#​38413](https://redirect.github.com/spring-projects/spring-boot/issues/38413) - Upgrade to Lettuce 6.3.0.RELEASE [#​38414](https://redirect.github.com/spring-projects/spring-boot/issues/38414) - Upgrade to Maven Javadoc Plugin 3.6.2 [#​38415](https://redirect.github.com/spring-projects/spring-boot/issues/38415) - Upgrade to Micrometer 1.12.0 [#​38305](https://redirect.github.com/spring-projects/spring-boot/issues/38305) - Upgrade to Micrometer Tracing 1.2.0 [#​38306](https://redirect.github.com/spring-projects/spring-boot/issues/38306) - Upgrade to Mockito 5.7.0 [#​38479](https://redirect.github.com/spring-projects/spring-boot/issues/38479) - Upgrade to MongoDB 4.11.1 [#​38416](https://redirect.github.com/spring-projects/spring-boot/issues/38416) - Upgrade to Netty 4.1.101.Final [#​38417](https://redirect.github.com/spring-projects/spring-boot/issues/38417) - Upgrade to Pooled JMS 3.1.5 [#​38418](https://redirect.github.com/spring-projects/spring-boot/issues/38418) - Upgrade to Pulsar Reactive 0.5.0 [#​38406](https://redirect.github.com/spring-projects/spring-boot/issues/38406) - Upgrade to Rabbit Stream Client 0.14.0 [#​38480](https://redirect.github.com/spring-projects/spring-boot/issues/38480) - Upgrade to Reactor Bom 2023.0.0 [#​38307](https://redirect.github.com/spring-projects/spring-boot/issues/38307) - Upgrade to Spring AMQP 3.1.0 [#​38308](https://redirect.github.com/spring-projects/spring-boot/issues/38308) - Upgrade to Spring Authorization Server 1.2.0 [#​38309](https://redirect.github.com/spring-projects/spring-boot/issues/38309) - Upgrade to Spring Batch 5.1.0 [#​38310](https://redirect.github.com/spring-projects/spring-boot/issues/38310) - Upgrade to Spring Data Bom 2023.1.0 [#​38311](https://redirect.github.com/spring-projects/spring-boot/issues/38311) - Upgrade to Spring Framework 6.1.1 [#​38451](https://redirect.github.com/spring-projects/spring-boot/issues/38451) - Upgrade to Spring GraphQL 1.2.4 [#​38313](https://redirect.github.com/spring-projects/spring-boot/issues/38313) - Upgrade to Spring HATEOAS 2.2.0 [#​38314](https://redirect.github.com/spring-projects/spring-boot/issues/38314) - Upgrade to Spring Integration 6.2.0 [#​38315](https://redirect.github.com/spring-projects/spring-boot/issues/38315) - Upgrade to Spring Kafka 3.1.0 [#​38316](https://redirect.github.com/spring-projects/spring-boot/issues/38316) - Upgrade to Spring LDAP 3.2.0 [#​38317](https://redirect.github.com/spring-projects/spring-boot/issues/38317) - Upgrade to Spring Pulsar 1.0.0 [#​38419](https://redirect.github.com/spring-projects/spring-boot/issues/38419) - Upgrade to Spring RESTDocs 3.0.1 [#​38420](https://redirect.github.com/spring-projects/spring-boot/issues/38420) - Upgrade to Spring Security 6.2.0 [#​38318](https://redirect.github.com/spring-projects/spring-boot/issues/38318) - Upgrade to Spring Session 3.2.0 [#​38319](https://redirect.github.com/spring-projects/spring-boot/issues/38319) - Upgrade to Spring WS 4.0.8 [#​38320](https://redirect.github.com/spring-projects/spring-boot/issues/38320) - Upgrade to Testcontainers 1.19.3 [#​38471](https://redirect.github.com/spring-projects/spring-boot/issues/38471) - Upgrade to Tomcat 10.1.16 [#​38421](https://redirect.github.com/spring-projects/spring-boot/issues/38421) - Upgrade to Versions Maven Plugin 2.16.2 [#​38422](https://redirect.github.com/spring-projects/spring-boot/issues/38422) - Upgrade to WebJars Locator Core 0.55 [#​38481](https://redirect.github.com/spring-projects/spring-boot/issues/38481) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@​EvaristeGalois11](https://redirect.github.com/EvaristeGalois11), [@​PENEKhun](https://redirect.github.com/PENEKhun), [@​abdullah-jaffer](https://redirect.github.com/abdullah-jaffer), [@​audtjddld](https://redirect.github.com/audtjddld), [@​cachescrubber](https://redirect.github.com/cachescrubber), [@​dreis2211](https://redirect.github.com/dreis2211), [@​eddumelendez](https://redirect.github.com/eddumelendez), [@​izeye](https://redirect.github.com/izeye), [@​jonatan-ivanov](https://redirect.github.com/jonatan-ivanov), [@​pirgeo](https://redirect.github.com/pirgeo), [@​quaff](https://redirect.github.com/quaff), and [@​sdeleuze](https://redirect.github.com/sdeleuze) ### [`v3.1.12`](https://redirect.github.com/spring-projects/spring-boot/releases/tag/v3.1.12) [Compare Source](https://redirect.github.com/spring-projects/spring-boot/compare/v3.1.11...v3.1.12) #### :lady_beetle: Bug Fixes - Help information for spring init's build option has the wrong default [#​40603](https://redirect.github.com/spring-projects/spring-boot/pull/40603) - SpringBootMockMvcBuilderCustomizer can crash cryptically while collecting data that it would have discarded anyway [#​40500](https://redirect.github.com/spring-projects/spring-boot/issues/40500) - ServiceLevelObjectiveBoundary properties cannot be bound in a native image application [#​40480](https://redirect.github.com/spring-projects/spring-boot/issues/40480) - Using relative paths to describe the classpath in the error message from ResolveMainClassName hinders problem diagnosis [#​40463](https://redirect.github.com/spring-projects/spring-boot/issues/40463) - Unlike DataSourceAutoConfiguration, DevToolsDataSourceAutoConfiguration assumes that javax.sql.DataSource will always be available [#​40434](https://redirect.github.com/spring-projects/spring-boot/issues/40434) - Native image doesn't start and doesn't log anything if an environment post processor throws an exception [#​40429](https://redirect.github.com/spring-projects/spring-boot/issues/40429) - Runtime hint registration for property binding should not fail when parameter information is unavailable [#​40051](https://redirect.github.com/spring-projects/spring-boot/issues/40051) - spring-boot-dependencies cannot be used with repositories that ban com.oracle.database.jdbc:ojdbc-bom [#​39945](https://redirect.github.com/spring-projects/spring-boot/issues/39945) - spring.data.redis.cluster.nodes and spring.data.redis.sentinel.nodes do not handle IPv6 addresses correctly [#​39819](https://redirect.github.com/spring-projects/spring-boot/pull/39819) - Containers not shut down between tests when using .withReuse(true) but env. does not support reuse (e.g. CI builds) [#​39609](https://redirect.github.com/spring-projects/spring-boot/issues/39609) - Failure Analysis for InvalidConfigurationPropertyValueException is skipped when the property is not set [#​33261](https://redirect.github.com/spring-projects/spring-boot/issues/33261) #### :notebook_with_decorative_cover: Documentation - Document that a custom HttpMessageConverters bean can be used to reorder json message converters when needed [#​40767](https://redirect.github.com/spring-projects/spring-boot/issues/40767) - Clarify devtools restart class loader [#​40604](https://redirect.github.com/spring-projects/spring-boot/pull/40604) - Note that spring-boot-docker-compose is excluded by default from packaged jars [#​40556](https://redirect.github.com/spring-projects/spring-boot/issues/40556) - Clarify the directory that's used by default to find Docker Compose compose.yaml [#​40512](https://redirect.github.com/spring-projects/spring-boot/issues/40512) - Clarify docs around spring.jpa.generate-ddl [#​40503](https://redirect.github.com/spring-projects/spring-boot/issues/40503) - Clarify that all named properties must match for `@ConditionalOnProperty` to match [#​40110](https://redirect.github.com/spring-projects/spring-boot/issues/40110) - Improve graceful shutdown documentation to remove ambiguity [#​40108](https://redirect.github.com/spring-projects/spring-boot/issues/40108) - Document ways to opt out from immutable `@ConfigurationProperties` binding with single constructor [#​34820](https://redirect.github.com/spring-projects/spring-boot/issues/34820) #### :hammer: Dependency Upgrades - Upgrade to Byte Buddy 1.14.16 [#​40875](https://redirect.github.com/spring-projects/spring-boot/issues/40875) - Upgrade to Dependency Management Plugin 1.1.5 [#​40709](https://redirect.github.com/spring-projects/spring-boot/issues/40709) - Upgrade to Hibernate 6.2.25.Final [#​40710](https://redirect.github.com/spring-projects/spring-boot/issues/40710) - Upgrade to Infinispan 14.0.28.Final [#​40711](https://redirect.github.com/spring-projects/spring-boot/issues/40711) - Upgrade to Jakarta XML SOAP 3.0.2 [#​40776](https://redirect.github.com/spring-projects/spring-boot/issues/40776) - Upgrade to Jakarta XML WS 4.0.2 [#​40777](https://redirect.github.com/spring-projects/spring-boot/issues/40777) - Upgrade to Jetty 11.0.21 [#​40778](https://redirect.github.com/spring-projects/spring-boot/issues/40778) - Upgrade to Jetty Reactive HTTPClient 3.0.13 [#​40807](https://redirect.github.com/spring-projects/spring-boot/issues/40807) - Upgrade to jOOQ 3.18.15 [#​40712](https://redirect.github.com/spring-projects/spring-boot/issues/40712) - Upgrade to Maven Deploy Plugin 3.1.2 [#​40713](https://redirect.github.com/spring-projects/spring-boot/issues/40713) - Upgrade to Maven Install Plugin 3.1.2 [#​40714](https://redirect.github.com/spring-projects/spring-boot/issues/40714) - Upgrade to Micrometer 1.11.12 [#​40646](https://redirect.github.com/spring-projects/spring-boot/issues/40646) - Upgrade to Micrometer Tracing 1.1.13 [#​40715](https://redirect.github.com/spring-projects/spring-boot/issues/40715) - Upgrade to Neo4j Java Driver 5.20.0 [#​40654](https://redirect.github.com/spring-projects/spring-boot/issues/40654) - Upgrade to Netty 4.1.110.Final [#​40876](https://redirect.github.com/spring-projects/spring-boot/issues/40876) - Upgrade to Pooled JMS 3.1.6 [#​40716](https://redirect.github.com/spring-projects/spring-boot/issues/40716) - Upgrade to R2DBC Proxy 1.1.5.RELEASE [#​40717](https://redirect.github.com/spring-projects/spring-boot/issues/40717) - Upgrade to Reactor Bom 2022.0.19 [#​40647](https://redirect.github.com/spring-projects/spring-boot/issues/40647) - Upgrade to SAAJ Impl 3.0.4 [#​40779](https://redirect.github.com/spring-projects/spring-boot/issues/40779) - Upgrade to Spring AMQP 3.0.14 [#​40824](https://redirect.github.com/spring-projects/spring-boot/issues/40824) - Upgrade to Spring Batch 5.0.6 [#​40648](https://redirect.github.com/spring-projects/spring-boot/issues/40648) - Upgrade to Spring Data Bom 2023.0.12 [#​40649](https://redirect.github.com/spring-projects/spring-boot/issues/40649) - Upgrade to Spring Framework 6.0.21 [#​40825](https://redirect.github.com/spring-projects/spring-boot/issues/40825) - Upgrade to Spring Integration 6.1.9 [#​40826](https://redirect.github.com/spring-projects/spring-boot/issues/40826) - Upgrade to Spring Kafka 3.0.17 [#​40651](https://redirect.github.com/spring-projects/spring-boot/issues/40651) - Upgrade to Spring Retry 2.0.6 [#​40808](https://redirect.github.com/spring-projects/spring-boot/issues/40808) - Upgrade to Spring Session 3.1.6 [#​40652](https://redirect.github.com/spring-projects/spring-boot/issues/40652) - Upgrade to Spring WS 4.0.11 [#​40653](https://redirect.github.com/spring-projects/spring-boot/issues/40653) - Upgrade to Tomcat 10.1.24 [#​40780](https://redirect.github.com/spring-projects/spring-boot/issues/40780) - Upgrade to Undertow 2.3.13.Final [#​40719](https://redirect.github.com/spring-projects/spring-boot/issues/40719) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@​PiyalAhmed](https://redirect.github.com/PiyalAhmed), [@​chaewss](https://redirect.github.com/chaewss), [@​coursar](https://redirect.github.com/coursar), [@​dependabot](https://redirect.github.com/dependabot)\[bot], [@​dsyer](https://redirect.github.com/dsyer), [@​dukbong](https://redirect.github.com/dukbong), [@​izeye](https://redirect.github.com/izeye), [@​quaff](https://redirect.github.com/quaff), [@​snicoll](https://redirect.github.com/snicoll), and [@​tobi-laa](https://redirect.github.com/tobi-laa) ### [`v3.1.11`](https://redirect.github.com/spring-projects/spring-boot/releases/tag/v3.1.11) [Compare Source](https://redirect.github.com/spring-projects/spring-boot/compare/v3.1.10...v3.1.11) #### :lady_beetle: Bug Fixes - ClientObservationConventionAdapter overwrites WebClient request attributes [#​40330](https://redirect.github.com/spring-projects/spring-boot/issues/40330) - Loading of custom deny-all filter can cause a StackOverflowError when deploying to Tomcat with Log4j2 configured to use a single JVM-wide logger context [#​40235](https://redirect.github.com/spring-projects/spring-boot/pull/40235) - Log4j2LoggingSystem pollutes Log4j2's environment with a SpringEnvironmentPropertySource that is never removed [#​40178](https://redirect.github.com/spring-projects/spring-boot/issues/40178) - BindValidationFailureAnalyzer uses wrong target [#​40035](https://redirect.github.com/spring-projects/spring-boot/pull/40035) - When using Maven, configuring the spring-boot.excludes or spring-boot-includes user properties causes the build to fail with "Cannot find default setter" [#​39837](https://redirect.github.com/spring-projects/spring-boot/pull/39837) - `@ServletComponentScan` does not register servlet components in a mock web environment [#​39736](https://redirect.github.com/spring-projects/spring-boot/issues/39736) #### :notebook_with_decorative_cover: Documentation - Producible's javadoc has the wrong link text for `@WriteOperation` and `@DeleteOperation` [#​40385](https://redirect.github.com/spring-projects/spring-boot/pull/40385) #### :hammer: Dependency Upgrades - Upgrade to ActiveMQ 5.18.4 [#​40388](https://redirect.github.com/spring-projects/spring-boot/issues/40388) - Upgrade to AspectJ 1.9.22 [#​40279](https://redirect.github.com/spring-projects/spring-boot/issues/40279) - Upgrade to Byte Buddy 1.14.13 [#​40280](https://redirect.github.com/spring-projects/spring-boot/issues/40280) - Upgrade to Groovy 4.0.21 [#​40281](https://redirect.github.com/spring-projects/spring-boot/issues/40281) - Upgrade to Hibernate 6.2.24.Final [#​40282](https://redirect.github.com/spring-projects/spring-boot/issues/40282) - Upgrade to Jakarta Json Bind 3.0.1 [#​40283](https://redirect.github.com/spring-projects/spring-boot/issues/40283) - Upgrade to Jersey 3.1.6 [#​40284](https://redirect.github.com/spring-projects/spring-boot/issues/40284) - Upgrade to jOOQ 3.18.14 [#​40285](https://redirect.github.com/spring-projects/spring-boot/issues/40285) - Upgrade to Lombok 1.18.32 [#​40286](https://redirect.github.com/spring-projects/spring-boot/issues/40286) - Upgrade to Micrometer 1.11.11 [#​40196](https://redirect.github.com/spring-projects/spring-boot/issues/40196) - Upgrade to Micrometer Tracing 1.1.12 [#​40197](https://redirect.github.com/spring-projects/spring-boot/issues/40197) - Upgrade to Neo4j Java Driver 5.19.0 [#​40205](https://redirect.github.com/spring-projects/spring-boot/issues/40205) - Upgrade to Netty 4.1.109.Final [#​40389](https://redirect.github.com/spring-projects/spring-boot/issues/40389) - Upgrade to R2DBC Postgresql 1.0.5.RELEASE [#​40390](https://redirect.github.com/spring-projects/spring-boot/issues/40390) - Upgrade to Reactor Bom 2022.0.18 [#​40198](https://redirect.github.com/spring-projects/spring-boot/issues/40198) - Upgrade to SLF4J 2.0.13 [#​40391](https://redirect.github.com/spring-projects/spring-boot/issues/40391) - Upgrade to Spring AMQP 3.0.13 [#​40373](https://redirect.github.com/spring-projects/spring-boot/issues/40373) - Upgrade to Spring Authorization Server 1.1.7 [#​40199](https://redirect.github.com/spring-projects/spring-boot/issues/40199) - Upgrade to Spring Data Bom 2023.0.11 [#​40200](https://redirect.github.com/spring-projects/spring-boot/issues/40200) - Upgrade to Spring Framework 6.0.19 [#​40201](https://redirect.github.com/spring-projects/spring-boot/issues/40201) - Upgrade to Spring GraphQL 1.2.6 [#​40288](https://redirect.github.com/spring-projects/spring-boot/issues/40288) - Upgrade to Spring HATEOAS 2.1.5 [#​40374](https://redirect.github.com/spring-projects/spring-boot/issues/40374) - Upgrade to Spring Integration 6.1.8 [#​40202](https://redirect.github.com/spring-projects/spring-boot/issues/40202) - Upgrade to Spring Kafka 3.0.16 [#​40375](https://redirect.github.com/spring-projects/spring-boot/issues/40375) - Upgrade to Spring LDAP 3.1.5 [#​40203](https://redirect.github.com/spring-projects/spring-boot/issues/40203) - Upgrade to Spring Security 6.1.9 [#​40204](https://redirect.github.com/spring-projects/spring-boot/issues/40204) - Upgrade to Tomcat 10.1.20 [#​40289](https://redirect.github.com/spring-projects/spring-boot/issues/40289) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@​FelixDes](https://redirect.github.com/FelixDes), [@​dependabot](https://redirect.github.com/dependabot)\[bot], [@​izeye](https://redirect.github.com/izeye), [@​mstahv](https://redirect.github.com/mstahv), [@​ppkarwasz](https://redirect.github.com/ppkarwasz), and [@​spencergibb](https://redirect.github.com/spencergibb) ### [`v3.1.10`](https://redirect.github.com/spring-projects/spring-boot/releases/tag/v3.1.10) [Compare Source](https://redirect.github.com/spring-projects/spring-boot/compare/v3.1.9...v3.1.10) #### :lady_beetle: Bug Fixes - When graceful shutdown of Tomcat is aborted it may report that it completed successfully [#​39942](https://redirect.github.com/spring-projects/spring-boot/issues/39942) - Resolving a BuildpackReference created from a URL-like String can fail on Windows [#​39792](https://redirect.github.com/spring-projects/spring-boot/issues/39792) - bootStartScripts tasks should be an instance of org.gradle.api.tasks.application.CreateStartScripts rather than its superclass org.gradle.jvm.application.tasks.CreateStartScripts [#​39584](https://redirect.github.com/spring-projects/spring-boot/issues/39584) - SpringProfile arbiter fails without a Spring's environment [#​39403](https://redirect.github.com/spring-projects/spring-boot/pull/39403) #### :notebook_with_decorative_cover: Documentation - Fix typo in Custom HTTP Exchange Recording section [#​39777](https://redirect.github.com/spring-projects/spring-boot/pull/39777) #### :hammer: Dependency Upgrades - Upgrade to Awaitility 4.2.1 [#​39962](https://redirect.github.com/spring-projects/spring-boot/issues/39962) - Upgrade to Glassfish JAXB 4.0.5 [#​39963](https://redirect.github.com/spring-projects/spring-boot/issues/39963) - Upgrade to GraphQL Java 20.8 [#​40020](https://redirect.github.com/spring-projects/spring-boot/issues/40020) - Upgrade to Groovy 4.0.20 [#​39964](https://redirect.github.com/spring-projects/spring-boot/issues/39964) - Upgrade to Hazelcast 5.2.5 [#​39965](https://redirect.github.com/spring-projects/spring-boot/issues/39965) - Upgrade to Infinispan 14.0.27.Final [#​40025](https://redirect.github.com/spring-projects/spring-boot/issues/40025) - Upgrade to Jakarta Activation 2.1.3 [#​39967](https://redirect.github.com/spring-projects/spring-boot/issues/39967) - Upgrade to Jakarta Mail 2.1.3 [#​39968](https://redirect.github.com/spring-projects/spring-boot/issues/39968) - Upgrade to Jakarta XML Bind 4.0.2 [#​39969](https://redirect.github.com/spring-projects/spring-boot/issues/39969) - Upgrade to Jaybird 5.0.4.java11 [#​39970](https://redirect.github.com/spring-projects/spring-boot/issues/39970) - Upgrade to jOOQ 3.18.13 [#​39971](https://redirect.github.com/spring-projects/spring-boot/issues/39971) - Upgrade to Micrometer 1.11.10 [#​39870](https://redirect.github.com/spring-projects/spring-boot/issues/39870) - Upgrade to Micrometer Tracing 1.1.11 [#​39871](https://redirect.github.com/spring-projects/spring-boot/issues/39871) - Upgrade to Neo4j Java Driver 5.18.0 [#​39935](https://redirect.github.com/spring-projects/spring-boot/issues/39935) - Upgrade to Postgresql 42.6.2 [#​39972](https://redirect.github.com/spring-projects/spring-boot/issues/39972) - Upgrade to Reactor Bom 2022.0.17 [#​39906](https://redirect.github.com/spring-projects/spring-boot/issues/39906) - Upgrade to Spring AMQP 3.0.12 [#​39872](https://redirect.github.com/spring-projects/spring-boot/issues/39872) - Upgrade to Spring Authorization Server 1.1.6 [#​39914](https://redirect.github.com/spring-projects/spring-boot/issues/39914) - Upgrade to Spring Data Bom 2023.0.10 [#​39873](https://redirect.github.com/spring-projects/spring-boot/issues/39873) - Upgrade to Spring Framework 6.0.18 [#​39874](https://redirect.github.com/spring-projects/spring-boot/issues/39874) - Upgrade to Spring HATEOAS 2.1.4 [#​39949](https://redirect.github.com/spring-projects/spring-boot/issues/39949) - Upgrade to Spring Integration 6.1.7 [#​39875](https://redirect.github.com/spring-projects/spring-boot/issues/39875) - Upgrade to Spring Kafka 3.0.15 [#​39876](https://redirect.github.com/spring-projects/spring-boot/issues/39876) - Upgrade to Spring Security 6.1.8 [#​39877](https://redirect.github.com/spring-projects/spring-boot/issues/39877) - Upgrade to Spring Session 3.1.5 [#​39878](https://redirect.github.com/spring-projects/spring-boot/issues/39878) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@​PiyalAhmed](https://redirect.github.com/PiyalAhmed), [@​dreis2211](https://redirect.github.com/dreis2211), [@​snicoll](https://redirect.github.com/snicoll), and [@​timgrohmann](https://redirect.github.com/timgrohmann) ### [`v3.1.9`](https://redirect.github.com/spring-projects/spring-boot/releases/tag/v3.1.9) [Compare Source](https://redirect.github.com/spring-projects/spring-boot/compare/v3.1.8...v3.1.9) #### :warning: Noteworthy - This release upgrades to Hibernate 6.2.22.Final. While it contains a number of valuable bug fixes, it does not work correctly in a native image. If you are using GraalVM, Hibernate should be temporarily downgraded to 6.2.20.Final using the `hibernate.version` property. #### :lady_beetle: Bug Fixes - Image building runs for a long time when a long image name is used and the tag contains an illegal character [#​39617](https://redirect.github.com/spring-projects/spring-boot/pull/39617) - Banner printing doesn't respect set charset [#​39601](https://redirect.github.com/spring-projects/spring-boot/pull/39601) - Gradle plugin allows the use of Gradle 7.4 but the documented and tested minimum is 7.5 [#​39508](https://redirect.github.com/spring-projects/spring-boot/pull/39508) - Property placeholders aren't resolved when configuration property binding creates a Map from a property value using a converter [#​39507](https://redirect.github.com/spring-projects/spring-boot/pull/39507) - Several gson properties, including spring.gson.disable-html-escaping, do not behave correctly when set to false [#​39504](https://redirect.github.com/spring-projects/spring-boot/issues/39504) - TestcontainersPropertySource assertion has typo [#​39440](https://redirect.github.com/spring-projects/spring-boot/pull/39440) - Building images fails with Docker 25.0 when custom buildpacks are configured [#​39323](https://redirect.github.com/spring-projects/spring-boot/issues/39323) - Metadata reading during configuration class parsing uses the default resource loader rather than the application's resource loader [#​39321](https://redirect.github.com/spring-projects/spring-boot/pull/39321) - Mockito's MockedStatic isn't closed in all cases [#​39271](https://redirect.github.com/spring-projects/spring-boot/issues/39271) - TracingProperties exposes package-private PropagationType from public methods [#​39265](https://redirect.github.com/spring-projects/spring-boot/pull/39265) - Webflux actuator endpoints respond with 500 when a parameter is missing [#​39236](https://redirect.github.com/spring-projects/spring-boot/issues/39236) #### :notebook_with_decorative_cover: Documentation - Add note regarding mixing of bundle-based and direct SSL configuration [#​39616](https://redirect.github.com/spring-projects/spring-boot/pull/39616) - Document default value for show-value configuration properties [#​39589](https://redirect.github.com/spring-projects/spring-boot/pull/39589) - Update the Debugging Documentation of the Spring Boot Maven Plugin [#​39392](https://redirect.github.com/spring-projects/spring-boot/pull/39392) - Endpoint documentation contains the typo 'Unuthorized' [#​39279](https://redirect.github.com/spring-projects/spring-boot/pull/39279) - Update Revved up by Develocity badge [#​39242](https://redirect.github.com/spring-projects/spring-boot/pull/39242) #### :hammer: Dependency Upgrades - Upgrade to Byte Buddy 1.14.12 [#​39659](https://redirect.github.com/spring-projects/spring-boot/issues/39659) - Upgrade to Dropwizard Metrics 4.2.25 [#​39553](https://redirect.github.com/spring-projects/spring-boot/issues/39553) - Upgrade to Groovy 4.0.18 [#​39554](https://redirect.github.com/spring-projects/spring-boot/issues/39554) - Upgrade to Hibernate 6.2.22.Final [#​39555](https://redirect.github.com/spring-projects/spring-boot/issues/39555) - Upgrade to Infinispan 14.0.24.Final [#​39556](https://redirect.github.com/spring-projects/spring-boot/issues/39556) - Upgrade to Jackson Bom 2.15.4 [#​39660](https://redirect.github.com/spring-projects/spring-boot/issues/39660) - Upgrade to Janino 3.1.12 [#​39557](https://redirect.github.com/spring-projects/spring-boot/issues/39557) - Upgrade to Jetty 11.0.20 [#​39559](https://redirect.github.com/spring-projects/spring-boot/issues/39559) - Upgrade to Jetty Reactive HTTPClient 3.0.12 [#​39558](https://redirect.github.com/spring-projects/spring-boot/issues/39558) - Upgrade to jOOQ 3.18.11 [#​39661](https://redirect.github.com/spring-projects/spring-boot/issues/39661) - Upgrade to JsonPath 2.9.0 [#​39328](https://redirect.github.com/spring-projects/spring-boot/issues/39328) - Upgrade to Micrometer 1.11.9 [#​39454](https://redirect.github.com/spring-projects/spring-boot/issues/39454) - Upgrade to Micrometer Tracing 1.1.10 [#​39455](https://redirect.github.com/spring-projects/spring-boot/issues/39455) - Upgrade to Neo4j Java Driver 5.17.0 [#​39551](https://redirect.github.com/spring-projects/spring-boot/issues/39551) - Upgrade to Netty 4.1.107.Final [#​39561](https://redirect.github.com/spring-projects/spring-boot/issues/39561) - Upgrade to Postgresql 42.6.1 [#​39662](https://redirect.github.com/spring-projects/spring-boot/issues/39662) - Upgrade to Reactor Bom 2022.0.16 [#​39456](https://redirect.github.com/spring-projects/spring-boot/issues/39456) - Upgrade to SLF4J 2.0.12 [#​39562](https://redirect.github.com/spring-projects/spring-boot/issues/39562) - Upgrade to Spring AMQP 3.0.11 [#​39457](https://redirect.github.com/spring-projects/spring-boot/issues/39457) - Upgrade to Spring Authorization Server 1.1.5 [#​39458](https://redirect.github.com/spring-projects/spring-boot/issues/39458) - Upgrade to Spring Batch 5.0.5 [#​39459](https://redirect.github.com/spring-projects/spring-boot/issues/39459) - Upgrade to Spring Data Bom 2023.0.9 [#​39460](https://redirect.github.com/spring-projects/spring-boot/issues/39460) - Upgrade to Spring Framework 6.0.17 [#​39461](https://redirect.github.com/spring-projects/spring-boot/issues/39461) - Upgrade to Spring GraphQL 1.2.5 [#​39462](https://redirect.github.com/spring-projects/spring-boot/issues/39462) - Upgrade to Spring Integration 6.1.6 [#​39463](https://redirect.github.com/spring-projects/spring-boot/issues/39463) - Upgrade to Spring Kafka 3.0.14 [#​39464](https://redirect.github.com/spring-projects/spring-boot/issues/39464) - Upgrade to Spring LDAP 3.1.4 [#​39465](https://redirect.github.com/spring-projects/spring-boot/issues/39465) - Upgrade to Spring Security 6.1.7 [#​39466](https://redirect.github.com/spring-projects/spring-boot/issues/39466) - Upgrade to Tomcat 10.1.19 [#​39663](https://redirect.github.com/spring-projects/spring-boot/issues/39663) - Upgrade to Undertow 2.3.12.Final [#​39664](https://redirect.github.com/spring-projects/spring-boot/issues/39664) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@​amritagg](https://redirect.github.com/amritagg), [@​dependabot](https://redirect.github.com/dependabot)\[bot], [@​erichaagdev](https://redirect.github.com/erichaagdev), [@​gdmrw](https://redirect.github.com/gdmrw), [@​lukasdo](https://redirect.github.com/lukasdo), [@​smurf667](https://redirect.github.com/smurf667), [@​snicoll](https://redirect.github.com/snicoll), [@​totti-dev](https://redirect.github.com/totti-dev), [@​vj-atlassian](https://redirect.github.com/vj-atlassian), [@​vjh0107](https://redirect.github.com/vjh0107), and [@​wanger26](https://redirect.github.com/wanger26) ### [`v3.1.8`](https://redirect.github.com/spring-projects/spring-boot/releases/tag/v3.1.8) [Compare Source](https://redirect.github.com/spring-projects/spring-boot/compare/v3.1.7...v3.1.8) #### :lady_beetle: Bug Fixes - SslBundle implementations do not provide useful toString() results [#​39137](https://redirect.github.com/spring-projects/spring-boot/pull/39137) - Mixing PEM and JKS certificate material in server.ssl properties does not work [#​39105](https://redirect.github.com/spring-projects/spring-boot/issues/39105) - spring.rabbitmq.listener.stream.auto-startup property has no effect [#​39072](https://redirect.github.com/spring-projects/spring-boot/pull/39072) - Error mark in the log message for PatternParseException is in the wrong place [#​38944](https://redirect.github.com/spring-projects/spring-boot/pull/38944) - AutoConfigurationSorter does not always respect `@AutoConfigureOrder`(Ordered.LOWEST_PRECEDENCE) [#​38904](https://redirect.github.com/spring-projects/spring-boot/issues/38904) - Throwable from logging system initialization may result in the application silently failing to start [#​38885](https://redirect.github.com/spring-projects/spring-boot/issues/38885) - Actuator endpoints with no operations that use selectors are not accessible when mapped to / [#​35426](https://redirect.github.com/spring-projects/spring-boot/issues/35426) #### :notebook_with_decorative_cover: Documentation - Remove entry for OCI starter as it is no longer maintained [#​39164](https://redirect.github.com/spring-projects/spring-boot/issues/39164) - Fix link to Log4j2's JDK logging adapter documentation [#​39163](https://redirect.github.com/spring-projects/spring-boot/pull/39163) - Update links to Micrometer docs in metrics section of reference docs [#​39114](https://redirect.github.com/spring-projects/spring-boot/pull/39114) - Correct the documentation on injecting dependencies into FailureAnalyzer implementations [#​39099](https://redirect.github.com/spring-projects/spring-boot/issues/39099) - Improve "Sanitize Sensitive Values" section in reference documentation [#​39094](https://redirect.github.com/spring-projects/spring-boot/issues/39094) #### :hammer: Dependency Upgrades - Upgrade to Byte Buddy 1.14.11 [#​39174](https://redirect.github.com/spring-projects/spring-boot/issues/39174) - Upgrade to Groovy 4.0.17 [#​39175](https://redirect.github.com/spring-projects/spring-boot/issues/39175) - Upgrade to Hibernate 6.2.20.Final [#​39176](https://redirect.github.com/spring-projects/spring-boot/issues/39176) - Upgrade to jOOQ 3.18.9 [#​39177](https://redirect.github.com/spring-projects/spring-boot/issues/39177) - Upgrade to Micrometer 1.11.8 [#​38974](https://redirect.github.com/spring-projects/spring-boot/issues/38974) - Upgrade to Micrometer Tracing 1.1.9 [#​38975](https://redirect.github.com/spring-projects/spring-boot/issues/38975) - Upgrade to Neo4j Java Driver 5.15.0 [#​39135](https://redirect.github.com/spring-projects/spring-boot/issues/39135) - Upgrade to Netty 4.1.105.Final [#​39178](https://redirect.github.com/spring-projects/spring-boot/issues/39178) - Upgrade to R2DBC MySQL 1.0.6 [#​39179](https://redirect.github.com/spring-projects/spring-boot/issues/39179) - Upgrade to R2DBC Postgresql 1.0.4.RELEASE [#​39180](https://redirect.github.com/spring-projects/spring-boot/issues/39180) - Upgrade to R2DBC Proxy 1.1.4.RELEASE [#​39181](https://redirect.github.com/spring-projects/spring-boot/issues/39181) - Upgrade to Reactor Bom 2022.0.15 [#​38976](https://redirect.github.com/spring-projects/spring-boot/issues/38976) - Upgrade to SLF4J 2.0.11 [#​39182](https://redirect.github.com/spring-projects/spring-boot/issues/39182) - Upgrade to Spring Data Bom 2023.0.8 [#​38977](https://redirect.github.com/spring-projects/spring-boot/issues/38977) - Upgrade to Spring Framework 6.0.16 [#​39069](https://redirect.github.com/spring-projects/spring-boot/issues/39069) - Upgrade to Spring WS 4.0.10 [#​39129](https://redirect.github.com/spring-projects/spring-boot/issues/39129) - Upgrade to Tomcat 10.1.18 [#​39183](https://redirect.github.com/spring-projects/spring-boot/issues/39183) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@​BenchmarkingBuffalo](https://redirect.github.com/BenchmarkingBuffalo), [@​FBibonne](https://redirect.github.com/FBibonne), [@​Wzy19930507](https://redirect.github.com/Wzy19930507), [@​amparab](https://redirect.github.com/amparab), [@​dependabot](https://redirect.github.com/dependabot)\[bot], [@​dreis2211](https://redirect.github.com/dreis2211), and [@​tobias-lippert](https://redirect.github.com/tobias-lippert) ### [`v3.1.7`](https://redirect.github.com/spring-projects/spring-boot/releases/tag/v3.1.7) [Compare Source](https://redirect.github.com/spring-projects/spring-boot/compare/v3.1.6...v3.1.7) #### :lady_beetle: Bug Fixes - HibernateJpaAutoConfiguration should be applied before DataSourceTransactionManagerAutoConfiguration [#​38861](https://redirect.github.com/spring-projects/spring-boot/issues/38861) - Zip file closed exceptions can be thrown due to StaticResourceJars closing jars from cached connections [#​38766](https://redirect.github.com/spring-projects/spring-boot/issues/38766) - Gradle task "bootJar" fails with "Failed to get permissions" when using Gradle 8.6-milestone-1 [#​38718](https://redirect.github.com/spring-projects/spring-boot/issues/38718) - Child context created with SpringApplicationBuilder runs parents runners [#​38647](https://redirect.github.com/spring-projects/spring-boot/issues/38647) - System SSL certificates are not used by the Apache HTTP Client in a RestTemplate built with RestTemplateBuilder [#​38591](https://redirect.github.com/spring-projects/spring-boot/pull/38591) - It is unclear that Docker Compose services have not been started as one or more is already running [#​38398](https://redirect.github.com/spring-projects/spring-boot/issues/38398) #### :notebook_with_decorative_cover: Documentation - Fix typo [#​38823](https://redirect.github.com/spring-projects/spring-boot/pull/38823) - Document prerequisites for Docker Compose support [#​38760](https://redirect.github.com/spring-projects/spring-boot/issues/38760) - Update Dynatrace documentation links [#​38706](https://redirect.github.com/spring-projects/spring-boot/pull/38706) - Fix Observation Filter docs [#​38570](https://redirect.github.com/spring-projects/spring-boot/pull/38570) #### :hammer: Dependency Upgrades - Upgrade to AspectJ 1.9.21 [#​38779](https://redirect.github.com/spring-projects/spring-boot/issues/38779) - Upgrade to Dropwizard Metrics 4.2.23 [#​38780](https://redirect.github.com/spring-projects/spring-boot/issues/38780) - Upgrade to Groovy 4.0.16 [#​38781](https://redirect.github.com/spring-projects/spring-boot/issues/38781) - Upgrade to Hibernate 6.2.17.Final [#​38887](https://redirect.github.com/spring-projects/spring-boot/issues/38887) - Upgrade to HttpClient5 5.2.3 [#​38783](https://redirect.github.com/spring-projects/spring-boot/issues/38783) - Upgrade to HttpCore5 5.2.4 [#​38784](https://redirect.github.com/spring-projects/spring-boot/issues/38784) - Upgrade to Janino 3.1.11 [#​38785](https://redirect.github.com/spring-projects/spring-boot/issues/38785) - Upgrade to Jaybird 5.0.3.java11 [#​38786](https://redirect.github.com/spring-projects/spring-boot/issues/38786) - Upgrade to Jersey 3.1.5 [#​38787](https://redirect.github.com/spring-projects/spring-boot/issues/38787) - Upgrade to Jetty 11.0.19 [#​38889](https://redirect.github.com/spring-projects/spring-boot/issues/38889) - Upgrade to Jetty Reactive HTTPClient 3.0.11 [#​38888](https://redirect.github.com/spring-projects/spring-boot/issues/38888) - Upgrade to jOOQ 3.18.8 [#​38890](https://redirect.github.com/spring-projects/spring-boot/issues/38890) - Upgrade to Logback 1.4.14 [#​38788](https://redirect.github.com/spring-projects/spring-boot/issues/38788) - Upgrade to Micrometer 1.11.7 [#​38675](https://redirect.github.com/spring-projects/spring-boot/issues/38675) - Upgrade to Micrometer Tracing 1.1.8 [#​38676](https://redirect.github.com/spring-projects/spring-boot/issues/38676) - Upgrade to Netty 4.1.104.Final [#​38891](https://redirect.github.com/spring-projects/spring-boot/issues/38891) - Upgrade to R2DBC Postgresql 1.0.3.RELEASE [#​38790](https://redirect.github.com/spring-projects/spring-boot/issues/38790) - Upgrade to R2DBC Proxy 1.1.3.RELEASE [#​38791](https://redirect.github.com/spring-projects/spring-boot/issues/38791) - Upgrade to Reactor Bom 2022.0.14 [#​38677](https://redirect.github.com/spring-projects/spring-boot/issues/38677) - Upgrade to Spring Authorization Server 1.1.4 [#​38678](https://redirect.github.com/spring-projects/spring-boot/issues/38678) - Upgrade to Spring Data Bom 2023.0.7 [#​38679](https://redirect.github.com/spring-projects/spring-boot/issues/38679) - Upgrade to Spring Framework 6.0.15 [#​38680](https://redirect.github.com/spring-projects/spring-boot/issues/38680) - Upgrade to Spring LDAP 3.1.3 [#​38681](https://redirect.github.com/spring-projects/spring-boot/issues/38681) - Upgrade to Spring Retry 2.0.5 [#​38834](https://redirect.github.com/spring-projects/spring-boot/issues/38834) - Upgrade to Spring Security 6.1.6 [#​38682](https://redirect.github.com/spring-projects/spring-boot/issues/38682) - Upgrade to Spring Session 3.1.4 [#​38683](https://redirect.github.com/spring-projects/spring-boot/issues/38683) - Upgrade to Spring WS 4.0.9 [#​38892](https://redirect.github.com/spring-projects/spring-boot/issues/38892) - Upgrade to Tomcat 10.1.17 [#​38792](https://redirect.github.com/spring-projects/spring-boot/issues/38792) - Upgrade to UnboundID LDAPSDK 6.0.11 [#​38793](https://redirect.github.com/spring-projects/spring-boot/issues/38793) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@​aleksandrserbin](https://redirect.github.com/aleksandrserbin), [@​cachescrubber](https://redirect.github.com/cachescrubber), [@​dependabot](https://redirect.github.com/dependabot)\[bot], [@​meiyese](https://redirect.github.com/meiyese), [@​pirgeo](https://redirect.github.com/pirgeo), [@​quaff](https://redirect.github.com/quaff), [@​shin-mallang](https://redirect.github.com/shin-mallang), and [@​tomfrenken](https://redirect.github.com/tomfrenken) ### [`v3.1.6`](https://redirect.github.com/spring-projects/spring-boot/releases/tag/v3.1.6) [Compare Source](https://redirect.github.com/spring-projects/spring-boot/compare/v3.1.5...v3.1.6) #### :star: New Features - Upgrade default CNB builders to Paketo Jammy [#​38485](https://redirect.github.com/spring-projects/spring-boot/issues/38485) #### :lady_beetle: Bug Fixes - Annotation based ConditionalOnBean checks can cause early initialization of FactoryBeans [#​38473](https://redirect.github.com/spring-projects/spring-boot/issues/38473) - App fails to start with a NoSuchMethodError when using Flyway 10.0.0 [#​38267](https://redirect.github.com/spring-projects/spring-boot/issues/38267) - Resolution of productionRuntimeClasspath configuration may select the wrong variant and contain a dependency's source jar [#​38209](https://redirect.github.com/spring-projects/spring-boot/issues/38209) - App that depends on Tomcat and on Jetty's websocket-server module fails to start with IllegalStateException: WebSocketComponents has not been created [#​38181](https://redirect.github.com/spring-projects/spring-boot/issues/38181) - spring.webflux.multipart.max-disk-usage-per-part behaves incorrectly for values where the number of bytes overflows an int [#​38151](https://redirect.github.com/spring-projects/spring-boot/issues/38151) - Mail health indicator fails when host is not set in properties [#​38043](https://redirect.github.com/spring-projects/spring-boot/issues/38043) - Docker Compose integration does not work with 2.23.0 due to 'Cannot invoke "org.springframework.boot.docker.compose.core.DockerCliInspectResponse.hostConfig()" because "inspectResponse" is null' [#​37982](https://redirect.github.com/spring-projects/spring-boot/issues/37982) - Docker JSON parsing fails on certain locales [#​37648](https://redirect.github.com/spring-projects/spring-boot/issues/37648) -