auth0-samples / auth0-spring-security5-api-sample

Sample demonstrating how to secure your API using Spring Boot 2 and Spring Security 5
MIT License
96 stars 67 forks source link

Bump org.springframework.boot from 3.2.0 to 3.3.0 in /01-Authorization-MVC #32

Open dependabot[bot] opened 6 months ago

dependabot[bot] commented 6 months ago

Bumps org.springframework.boot from 3.2.0 to 3.3.0.

Release notes

Sourced from org.springframework.boot's releases.

v3.3.0

:star: New Features

  • Add support for descriptions of record components in configuration metadata generation #29403

:lady_beetle: Bug Fixes

  • gradlew bootBuildImage fails with Podman on macOS Sonoma #40871
  • Pulsar auth parameters don't properly encode JSON values #40869
  • When using JPA and ImportTestcontainers, test context may fail to refresh due to "Mapped port can only be obtained after the container is started" #40863
  • Default MIME mappings are not loaded unless additional mappings are configured #40860
  • Starting from 3.2.x, @SpyBean is not able to initialise MongoRepository bean of the generic type #40855
  • Auto-configuration ordering change breaks DocumentReference (in non-reactive MongoTemplate) when depending on mongodb-driver-reactivestreams #40851
  • Neo4jReactiveDataAutoConfiguration creates incorrectly named bean #40836
  • Image building fails during cleanup when bind mount has read-only content #40799
  • Failure Analysis for InvalidConfigurationPropertyValueException is skipped when the property is not set #40691
  • IllegalArgumentException can be thrown when running an uber jar on a shared drive #40643
  • setReadTimeout can't be set via Reflective factory on JettyClientHttpRequestFactory #40638
  • URISyntaxException is raised if the spring boot application is started in a location that contains invalid URI characters #40616
  • resolveMainClassName fails when building with Gradle using Java 22 #40613
  • AnsiOutput.detectIfAnsiCapable broken on JDK22 #40609
  • Help information for spring init's build option has the wrong default #40606
  • JarUrlConnection.getPermission() can throw NullPointerException if jarFileConnection is null #40599
  • Whitespace is not correctly trimmed when generating configuration properties metadata from records #40593
  • In some situations, the failure when the AOT-generated initializer cannot be loaded is less helpful than before #40584
  • Properties binding eagerly creates superfluous maps #40561
  • Configuring SSL bundle reload for non-file resource types causes errors that are difficult to diagnose #40560
  • spring-boot-dependencies cannot be used with repositories that ban com.oracle.database.jdbc:ojdbc-bom #40535
  • Buildpacks do not support Docker with containerd image store #40526
  • SpringBootMockMvcBuilderCustomizer can crash cryptically while collecting data that it would have discarded anyway #40517
  • Containers not shut down between tests when using .withReuse(true) but env. does not support reuse (e.g. CI builds) #40509
  • CookieSameSiteSupplier influences session cookie #40501
  • <springProperty> and <springProfile> do not work in <include> after Logback upgrade #40491
  • Runtime hint registration for property binding should not fail when parameter information is unavailable #40486
  • ServiceLevelObjectiveBoundary properties cannot be bound in a native image application #40483
  • server.error.include-binding-errors does not recognize MethodValidationResult exceptions #40474
  • spring.data.redis.cluster.nodes and spring.data.redis.sentinel.nodes do not handle IPv6 addresses correctly #40467
  • Using relative paths to describe the classpath in the error message from ResolveMainClassName hinders problem diagnosis #40465
  • Jartools extract command doesn't extract all files from META-INF #40456
  • Native image doesn't start and doesn't log anything if an environment post processor throws an exception #40451
  • Unlike DataSourceAutoConfiguration, DevToolsDataSourceAutoConfiguration assumes that javax.sql.DataSource will always be available #40441

:notebook_with_decorative_cover: Documentation

  • Improve graceful shutdown documentation to remove ambiguity #40846
  • Document ways to opt out from immutable @ConfigurationProperties binding with single constructor #40844
  • Document that a custom HttpMessageConverters bean can be used to reorder json message converters when needed #40839
  • Address ambiguity now that Testcontainers has two classes named KafkaContainer #40756
  • Publish API documentation for Spring Boot's Kotlin APIs #40692
  • Fix typo in features doc #40631

... (truncated)

Commits
  • a25e1eb Release v3.3.0
  • ed0a3fd Update publish-to-sdkman job to make new candidates the default
  • 42d6f2c Merge branch '3.2.x'
  • 234e0fd Stop mark 3.2.x as the default SDKman release
  • 226b900 Merge branch '3.2.x'
  • c857eb6 Fix SDKman "make default" step
  • 13e13f9 Merge branch '3.2.x'
  • a5ee37c Next development version (v3.2.7-SNAPSHOT)
  • dffdd6d Explicitly set SDKman's make-default to false
  • 86c206a Merge branch '3.2.x'
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)