search

amaybaum-prod / jib

🏗 Build container images for your Java applications.
Apache License 2.0
0 stars 1 forks source link

chore(deps): update dependency org.springframework.boot:spring-boot-gradle-plugin to v2.3.0.release - autoclosed #5

Closed mend-for-github-com[bot] closed 11 months ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
org.springframework.boot:spring-boot-gradle-plugin (source) dependencies minor 2.2.11.RELEASE -> 2.3.0.RELEASE

By merging this PR, the issue #6 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
Medium Medium 4.3 CVE-2021-22060

Release Notes

spring-projects/spring-boot (org.springframework.boot:spring-boot-gradle-plugin) ### [`v2.3.0.RELEASE`](https://togithub.com/spring-projects/spring-boot/releases/tag/v2.3.0.RELEASE) For full [upgrade instructions](https://togithub.com/spring-projects/spring-boot/wiki/Spring-Boot-2.3-Release-Notes#upgrading-from-spring-boot-22) and [new and noteworthy features](https://togithub.com/spring-projects/spring-boot/wiki/Spring-Boot-2.3-Release-Notes#new-and-noteworthy) please see the [release notes](https://togithub.com/spring-projects/spring-boot/wiki/Spring-Boot-2.3-Release-Notes). #### :star: New Features - Update properties migrator to run on deprecated properties with warn level as well [#​21425](https://togithub.com/spring-projects/spring-boot/issues/21425) - Provide more extensible constructors on UndertowServletWebServer and UndertowWebServer [#​21391](https://togithub.com/spring-projects/spring-boot/issues/21391) - Add redis sentinel password property [#​21353](https://togithub.com/spring-projects/spring-boot/issues/21353) - Auto-configure a LifecycleProcessor with a configurable timeout per shutdown phase [#​21347](https://togithub.com/spring-projects/spring-boot/issues/21347) - Integrate web server graceful shutdown into the application context's lifecycle processing [#​21325](https://togithub.com/spring-projects/spring-boot/issues/21325) - Improve backwards compatibility of ErrorAttributes and DefaultErrorAttributes [#​21324](https://togithub.com/spring-projects/spring-boot/issues/21324) - Align logback's behavior with log4j2 when getting a logger that doesn't exist [#​21292](https://togithub.com/spring-projects/spring-boot/issues/21292) - Use CNB creator all-in-one lifecycle [#​21273](https://togithub.com/spring-projects/spring-boot/issues/21273) - Optimize StringSequence.startsWith [#​21259](https://togithub.com/spring-projects/spring-boot/pull/21259) - Deregister JDBC drivers during undeploy of a war deployment [#​21221](https://togithub.com/spring-projects/spring-boot/issues/21221) - Add Period converter support [#​21136](https://togithub.com/spring-projects/spring-boot/pull/21136) - Improve binding performance when using a large number of property sources [#​20625](https://togithub.com/spring-projects/spring-boot/issues/20625) - Add `@WebServiceClientTest` annotation that can be used when testing SOAP clients [#​17274](https://togithub.com/spring-projects/spring-boot/pull/17274) #### :beetle: Bug Fixes - CLI distribution is missing read rights [#​21451](https://togithub.com/spring-projects/spring-boot/issues/21451) - Custom converters cannot be used when creating endpoint-related beans due to eager initialization triggered by ServletEndpointRegistrar [#​21444](https://togithub.com/spring-projects/spring-boot/issues/21444) - Different actuator management server port changes response on errors [#​21428](https://togithub.com/spring-projects/spring-boot/issues/21428) - Performance regression between RC1 and latest snapshots with large amount of configuration properties [#​21416](https://togithub.com/spring-projects/spring-boot/issues/21416) - Dependency exclusions declared in spring-boot-dependencies have no effect when using Gradle 6 [#​21350](https://togithub.com/spring-projects/spring-boot/issues/21350) - Unclear default for 'server.tomcat.use-relative-redirects' [#​21343](https://togithub.com/spring-projects/spring-boot/issues/21343) - CreateBootStartScripts causes a warning to be logged with Gradle 6.4 [#​21341](https://togithub.com/spring-projects/spring-boot/issues/21341) - When a request is active, Undertow prevents the JVM from exiting [#​21327](https://togithub.com/spring-projects/spring-boot/issues/21327) - When using log4j2 log4j2-test.\* files are not detected [#​21323](https://togithub.com/spring-projects/spring-boot/issues/21323) - Classpath wildcards cannot be used with Java 11 or above [#​21321](https://togithub.com/spring-projects/spring-boot/issues/21321) - Implementation attributes are missing from Maven shade transformer configuration in spring-boot-starter-parent [#​21304](https://togithub.com/spring-projects/spring-boot/issues/21304) - The `@ActiveProfiles` annotation no longer overrides those defined in property files [#​21302](https://togithub.com/spring-projects/spring-boot/issues/21302) - Layertools list and extract commands ignore empty layers [#​21301](https://togithub.com/spring-projects/spring-boot/issues/21301) - Binder `@DefaultValue` does not work with PropertyEditor converters [#​21294](https://togithub.com/spring-projects/spring-boot/issues/21294) - developmentOnly configuration excludes jar files from fat jar [#​21288](https://togithub.com/spring-projects/spring-boot/issues/21288) - Connection fails when DOCKER_HOST set to local socket [#​21173](https://togithub.com/spring-projects/spring-boot/issues/21173) - Environment variable that does not follow guidelines for use of \_ is still successfully bound if another property source contains a property that is bound to the same target [#​14479](https://togithub.com/spring-projects/spring-boot/issues/14479) #### :notebook_with_decorative_cover: Documentation - Fix capitalization of Testcontainers in Howto docs [#​21417](https://togithub.com/spring-projects/spring-boot/pull/21417) - Document use case of splitting auto-configuration and starter [#​21367](https://togithub.com/spring-projects/spring-boot/issues/21367) - Align TestRestTemplate Javadoc with documentation [#​21364](https://togithub.com/spring-projects/spring-boot/issues/21364) - Fix typo for includeLayerTools [#​21310](https://togithub.com/spring-projects/spring-boot/pull/21310) - Fix duplicate slashes in URL links [#​21108](https://togithub.com/spring-projects/spring-boot/pull/21108) - Update link to new Spring Security docs location [#​21040](https://togithub.com/spring-projects/spring-boot/pull/21040) - Remove version number from author section of the documentation [#​20934](https://togithub.com/spring-projects/spring-boot/issues/20934) - Add more context to the Kubernetes container lifecycle documentation [#​20932](https://togithub.com/spring-projects/spring-boot/issues/20932) - Document that graceful shutdown with Tomcat requires Tomcat 9.0.33 or later [#​20886](https://togithub.com/spring-projects/spring-boot/issues/20886) - Add a testcontainers section in the reference docs [#​20734](https://togithub.com/spring-projects/spring-boot/issues/20734) - Remove packages from the javadoc that are not user-facing [#​20517](https://togithub.com/spring-projects/spring-boot/issues/20517) #### :hammer: Dependency Upgrades - Upgrade to RSocket 1.0.0 [#​21422](https://togithub.com/spring-projects/spring-boot/issues/21422) - Upgrade to Xmlunit2 2.7.0 [#​21419](https://togithub.com/spring-projects/spring-boot/issues/21419) - Upgrade to Tomcat 9.0.35 [#​21415](https://togithub.com/spring-projects/spring-boot/issues/21415) - Upgrade to SQLite JDBC 3.31.1 [#​21414](https://togithub.com/spring-projects/spring-boot/issues/21414) - Upgrade to Selenium HtmlUnit 2.40.0 [#​21413](https://togithub.com/spring-projects/spring-boot/issues/21413) - Upgrade to Prometheus PushGateway 0.9.0 [#​21412](https://togithub.com/spring-projects/spring-boot/issues/21412) - Upgrade to MongoDB 4.0.3 [#​21411](https://togithub.com/spring-projects/spring-boot/issues/21411) - Upgrade to Micrometer 1.5.1 [#​21410](https://togithub.com/spring-projects/spring-boot/issues/21410) - Upgrade to Maven Assembly Plugin 3.3.0 [#​21409](https://togithub.com/spring-projects/spring-boot/issues/21409) - Upgrade to Kotlin Coroutines 1.3.6 [#​21408](https://togithub.com/spring-projects/spring-boot/issues/21408) - Upgrade to jOOQ 3.13.2 [#​21407](https://togithub.com/spring-projects/spring-boot/issues/21407) - Upgrade to Johnzon 1.2.5 [#​21406](https://togithub.com/spring-projects/spring-boot/issues/21406) - Upgrade to Jedis 3.3.0 [#​21405](https://togithub.com/spring-projects/spring-boot/issues/21405) - Upgrade to Infinispan 10.1.8.Final [#​21404](https://togithub.com/spring-projects/spring-boot/issues/21404) - Upgrade to HtmlUnit 2.40.0 [#​21403](https://togithub.com/spring-projects/spring-boot/issues/21403) - Upgrade to HikariCP 3.4.5 [#​21402](https://togithub.com/spring-projects/spring-boot/issues/21402) - Upgrade to Hibernate Validator 6.1.5.Final [#​21401](https://togithub.com/spring-projects/spring-boot/issues/21401) - Upgrade to Hibernate 5.4.15.Final [#​21400](https://togithub.com/spring-projects/spring-boot/issues/21400) - Upgrade to Dropwizard Metrics 4.1.7 [#​21399](https://togithub.com/spring-projects/spring-boot/issues/21399) - Upgrade to Couchbase Client 3.0.4 [#​21398](https://togithub.com/spring-projects/spring-boot/issues/21398) - Upgrade to Cassandra Driver 4.6.1 [#​21397](https://togithub.com/spring-projects/spring-boot/issues/21397) - Upgrade to AssertJ 3.16.1 [#​21396](https://togithub.com/spring-projects/spring-boot/issues/21396) - Upgrade to Spring Kafka 2.5.0.RELEASE [#​21387](https://togithub.com/spring-projects/spring-boot/issues/21387) - Upgrade to Spring Session Dragonfruit-RELEASE [#​21386](https://togithub.com/spring-projects/spring-boot/issues/21386) - Upgrade to Spring Integration 5.3.0.RELEASE [#​21385](https://togithub.com/spring-projects/spring-boot/issues/21385) - Upgrade to Spring HATEOAS 1.1.0.RELEASE [#​21384](https://togithub.com/spring-projects/spring-boot/issues/21384) - Upgrade to Spring Data Neumann-RELEASE [#​21383](https://togithub.com/spring-projects/spring-boot/issues/21383) - Upgrade to Testcontainers 1.14.1 [#​21378](https://togithub.com/spring-projects/spring-boot/pull/21378) - Upgrade to Spring Ldap 2.3.3.RELEASE [#​21352](https://togithub.com/spring-projects/spring-boot/issues/21352) - Upgrade to Spring Security 5.3.2.RELEASE [#​21349](https://togithub.com/spring-projects/spring-boot/issues/21349) #### :heart: Contributors We'd like to thank all the contributors who worked on this release! - [@​izeye](https://togithub.com/izeye) - [@​dreis2211](https://togithub.com/dreis2211) - [@​kylehoehns](https://togithub.com/kylehoehns) - [@​rnorth](https://togithub.com/rnorth) - [@​jkatada](https://togithub.com/jkatada) - [@​nosan](https://togithub.com/nosan) - [@​Grubhart](https://togithub.com/Grubhart) ### [`v2.2.13.RELEASE`](https://togithub.com/spring-projects/spring-boot/releases/tag/v2.2.13.RELEASE) #### :beetle: Bug Fixes - Default servlet location is not registered using a ServletContextResource [#​24745](https://togithub.com/spring-projects/spring-boot/issues/24745) #### :notebook_with_decorative_cover: Documentation - Migrate away from pivotal-legacy/homebrew-tap [#​24659](https://togithub.com/spring-projects/spring-boot/issues/24659) #### :hammer: Dependency Upgrades - Upgrade to Appengine Sdk 1.9.84 [#​24770](https://togithub.com/spring-projects/spring-boot/issues/24770) - Upgrade to Byte Buddy 1.10.19 [#​24776](https://togithub.com/spring-projects/spring-boot/issues/24776) - Upgrade to Dependency Management Plugin 1.0.11 [#​24742](https://togithub.com/spring-projects/spring-boot/issues/24742) - Upgrade to Dropwizard Metrics 4.1.17 [#​24772](https://togithub.com/spring-projects/spring-boot/issues/24772) - Upgrade to Hazelcast 3.12.11 [#​24771](https://togithub.com/spring-projects/spring-boot/issues/24771) - Upgrade to Hibernate 5.4.27.Final [#​24778](https://togithub.com/spring-projects/spring-boot/issues/24778) - Upgrade to Hibernate Validator 6.0.22.Final [#​24779](https://togithub.com/spring-projects/spring-boot/issues/24779) - Upgrade to Joda Time 2.10.9 [#​24775](https://togithub.com/spring-projects/spring-boot/issues/24775) - Upgrade to Johnzon Jsonb 1.2.9 [#​24777](https://togithub.com/spring-projects/spring-boot/issues/24777) - Upgrade to Neo4j Ogm 3.2.19 [#​24780](https://togithub.com/spring-projects/spring-boot/issues/24780) - Upgrade to Netty 4.1.56.Final [#​24773](https://togithub.com/spring-projects/spring-boot/issues/24773) - Upgrade to Netty 4.1.58.Final [#​24818](https://togithub.com/spring-projects/spring-boot/issues/24818) - Upgrade to Netty Tcnative 2.0.36.Final [#​24774](https://togithub.com/spring-projects/spring-boot/issues/24774) - Upgrade to Reactor Dysprosium-SR16 [#​24766](https://togithub.com/spring-projects/spring-boot/issues/24766) - Upgrade to Spring Amqp 2.2.14.RELEASE [#​24819](https://togithub.com/spring-projects/spring-boot/issues/24819) - Upgrade to Spring Integration 5.2.11.RELEASE [#​24820](https://togithub.com/spring-projects/spring-boot/issues/24820) - Upgrade to Thymeleaf 3.0.12.RELEASE [#​24781](https://togithub.com/spring-projects/spring-boot/issues/24781) #### :heart: Contributors We'd like to thank all the contributors who worked on this release! - [@​runningcode](https://togithub.com/runningcode) ### [`v2.2.12.RELEASE`](https://togithub.com/spring-projects/spring-boot/releases/tag/v2.2.12.RELEASE) #### :beetle: Bug Fixes - Redis health indicator requests more information than it needs resulting in unnecessarily large responses from Redis [#​24208](https://togithub.com/spring-projects/spring-boot/pull/24208) - elasticsearch-rest-client-sniffer is missing from the dependency management for Elasticsearch's REST client modules [#​24173](https://togithub.com/spring-projects/spring-boot/pull/24173) - WebFluxTags performs unnecessary Pattern compilation when ignoring trailing slashes [#​24147](https://togithub.com/spring-projects/spring-boot/pull/24147) - Actuator web endpoints cannot respond with custom HTTP status codes when running on MVC or WebFlux [#​24123](https://togithub.com/spring-projects/spring-boot/issues/24123) - Missing Spring Integration metrics due to the MeterRegistry bean being looked for before it has been defined [#​24095](https://togithub.com/spring-projects/spring-boot/pull/24095) - Configuration property binding processes JavaBean methods in a non-deterministic order which may result in variable behavior [#​24068](https://togithub.com/spring-projects/spring-boot/issues/24068) - When using Tomcat, key and trust store passwords set via javax.net.ssl system properties are overwritten with null when Spring Boot's equivalent properties have not been set [#​24041](https://togithub.com/spring-projects/spring-boot/issues/24041) - Configuration metadata annotation processor may use the wrong accessor for boolean properties [#​24002](https://togithub.com/spring-projects/spring-boot/issues/24002) - TestTypeExcludeFilter does not implement hashCode and equals as required by its super-class [#​23978](https://togithub.com/spring-projects/spring-boot/issues/23978) - Configuration property annotation processor does not notice overriding getter methods [#​23966](https://togithub.com/spring-projects/spring-boot/issues/23966) - Our auto-configuration should not use `@PostConstruct` as it's ignored on Java 11+ without a dependency on jakarta-annotation-api [#​23723](https://togithub.com/spring-projects/spring-boot/issues/23723) - JdbcStoreTypeConfiguration picks transaction of primary data source when Quartz data source is not the primary data source [#​20184](https://togithub.com/spring-projects/spring-boot/issues/20184) - `@DataJpaTest` using H2 with schema.sql and spring.datasource.schema-username fails [#​19321](https://togithub.com/spring-projects/spring-boot/issues/19321) #### :notebook_with_decorative_cover: Documentation - Document how to use Devtools without an IDE [#​24271](https://togithub.com/spring-projects/spring-boot/pull/24271) - Add link to appendix from error handling documentation [#​24265](https://togithub.com/spring-projects/spring-boot/issues/24265) - Fix link to Flyway callback docs [#​24119](https://togithub.com/spring-projects/spring-boot/pull/24119) - Provide more details about overriding SpringPhysicalNamingStrategy's case insensitive flag [#​24045](https://togithub.com/spring-projects/spring-boot/issues/24045) - Clarify the javadoc of AutoConfigureTestDatabase to make it clearer that it only replaces the main DataSource [#​23808](https://togithub.com/spring-projects/spring-boot/issues/23808) - Security properties appendix contains spring.session and spring.ldap properties that belong elsewhere [#​23558](https://togithub.com/spring-projects/spring-boot/issues/23558) - Improve Spring Session back off documentation [#​23151](https://togithub.com/spring-projects/spring-boot/issues/23151) - Clarify documentation regarding relaxed binding of environment variables [#​22974](https://togithub.com/spring-projects/spring-boot/issues/22974) - Recommend that bean definitions provide as much type information as possible [#​22925](https://togithub.com/spring-projects/spring-boot/issues/22925) - Recommend disabling context path redirects when using proxy-terminated SSL with Tomcat [#​22908](https://togithub.com/spring-projects/spring-boot/issues/22908) - Enhance spring.datasource.initialization-mode property description [#​21121](https://togithub.com/spring-projects/spring-boot/issues/21121) #### :hammer: Dependency Upgrades - Upgrade to Activemq 5.15.14 [#​24434](https://togithub.com/spring-projects/spring-boot/issues/24434) - Upgrade to Appengine Sdk 1.9.83 [#​24354](https://togithub.com/spring-projects/spring-boot/issues/24354) - Upgrade to Byte Buddy 1.10.18 [#​24358](https://togithub.com/spring-projects/spring-boot/issues/24358) - Upgrade to Caffeine 2.8.8 [#​24430](https://togithub.com/spring-projects/spring-boot/issues/24430) - Upgrade to Couchbase Client 2.7.18 [#​24351](https://togithub.com/spring-projects/spring-boot/issues/24351) - Upgrade to Db2 Jdbc 11.5.5.0 [#​24355](https://togithub.com/spring-projects/spring-boot/issues/24355) - Upgrade to Dropwizard Metrics 4.1.16 [#​24356](https://togithub.com/spring-projects/spring-boot/issues/24356) - Upgrade to Groovy 2.5.14 [#​24361](https://togithub.com/spring-projects/spring-boot/issues/24361) - Upgrade to Hibernate 5.4.25.Final [#​24363](https://togithub.com/spring-projects/spring-boot/issues/24363) - Upgrade to Httpcore 4.4.14 [#​24359](https://togithub.com/spring-projects/spring-boot/issues/24359) - Upgrade to Infinispan 9.4.21.Final [#​24364](https://togithub.com/spring-projects/spring-boot/issues/24364) - Upgrade to Jackson 2.10.5.20201202 [#​24352](https://togithub.com/spring-projects/spring-boot/issues/24352) - Upgrade to Jetty 9.4.35.v20201120 [#​24362](https://togithub.com/spring-projects/spring-boot/issues/24362) - Upgrade to Micrometer 1.3.16 [#​24279](https://togithub.com/spring-projects/spring-boot/issues/24279) - Upgrade to Neo4j Ogm 3.2.18 [#​24365](https://togithub.com/spring-projects/spring-boot/issues/24365) - Upgrade to Netty 4.1.55.Final [#​24431](https://togithub.com/spring-projects/spring-boot/issues/24431) - Upgrade to Netty Tcnative 2.0.35.Final [#​24432](https://togithub.com/spring-projects/spring-boot/issues/24432) - Upgrade to Reactor Dysprosium-SR15 [#​24273](https://togithub.com/spring-projects/spring-boot/issues/24273) - Upgrade to Spring AMQP 2.2.13 [#​24286](https://togithub.com/spring-projects/spring-boot/issues/24286) - Upgrade to Spring Batch 4.2.5 [#​24289](https://togithub.com/spring-projects/spring-boot/issues/24289) - Upgrade to Spring Data Moore-SR12 [#​24282](https://togithub.com/spring-projects/spring-boot/issues/24282) - Upgrade to Spring Framework 5.2.12 [#​24276](https://togithub.com/spring-projects/spring-boot/issues/24276) - Upgrade to Spring Integration 5.2.10 [#​24429](https://togithub.com/spring-projects/spring-boot/issues/24429) - Upgrade to Spring Kafka 2.3.13 [#​24292](https://togithub.com/spring-projects/spring-boot/issues/24292) - Upgrade to Spring Security 5.2.8.RELEASE [#​24366](https://togithub.com/spring-projects/spring-boot/issues/24366) - Upgrade to Tomcat 9.0.41 [#​24435](https://togithub.com/spring-projects/spring-boot/issues/24435) - Upgrade to Undertow 2.0.33.Final [#​24433](https://togithub.com/spring-projects/spring-boot/issues/24433) #### :heart: Contributors We'd like to thank all the contributors who worked on this release! - [@​izeye](https://togithub.com/izeye) - [@​xJoeWoo](https://togithub.com/xJoeWoo) - [@​PascalSchumacher](https://togithub.com/PascalSchumacher) - [@​stokpop](https://togithub.com/stokpop) - [@​dreis2211](https://togithub.com/dreis2211) - [@​CubeOfCheese](https://togithub.com/CubeOfCheese) - [@​artembilan](https://togithub.com/artembilan)