spring-cloud / spring-cloud-cli

Spring Cloud CLI features
Apache License 2.0
156 stars 80 forks source link

Bump spring-boot-loader from 2.1.9.RELEASE to 2.3.4.RELEASE #162

Closed dependabot-preview[bot] closed 4 years ago

dependabot-preview[bot] commented 4 years ago

Bumps spring-boot-loader from 2.1.9.RELEASE to 2.3.4.RELEASE.

Release notes

Sourced from spring-boot-loader's releases.

v2.3.4.RELEASE

:beetle: Bug Fixes

  • @ManagementContextConfiguration is meta-annotated with @Configuration(proxyBeanMethods=false) which does not disable proxying #23305
  • Signed jar dependency performance problem when repackaged in a single jar #23264
  • ValidationHandler no longer works with certain map keys #23260
  • MVC error model unnecessarily requires timestamp entry to be a java.util.Date #23258
  • Missing sanitization in lists of URIs properties on actuator endpoints #23252
  • Cassandra's pool duration mapping uses a wrong duration unit #23249
  • When using HSQLDB, Hikari logs a warning message about the driver class name when the first connection is retrieved from the pool #23203
  • ErrorPageFilter is no longer ordered at HIGHEST_PRECEDENCE + 1 #23200
  • spring-boot-dependencies should not define a spring-boot.version property #23174
  • PropertiesLauncher fails to load PBKDF-OpenSSL of bcprov-jdk15on-1.64.jar #23165
  • Configurable SSL Logback extensions can't be supported due to URL checks #23135
  • Image building support does not zero-pad digest hashes to 64 characters #23132
  • Image builder fails silently when there's an error loading the ephemeral image #23130
  • Large files can throw YAMLException due to node limits #23096
  • RSocketPortInfoApplicationContextInitializer can throw NPE #23087
  • UndertowWebServerFactoryCustomizer requires commons lang via an unintended import on ClassUtils #23063
  • JarFile can cause memory issues when running on Java 11+ #22998
  • Dependency convergence error for nimbus-jose-jwt when depending on spring-boot-starter-oauth2-client #22996
  • LayoutFactory can be presented with empty source file #22995
  • Metrics auto-configurations are not ordered correctly #22989
  • The @TypeExcludeFilters annotation is not @Inherited #22966
  • Exception inclusion cannot be disabled when sub-classing DefaultErrorAttributes and using its deprecated constructor #22750
  • Too much logging when building an OCI image with Maven #22674

:notebook_with_decorative_cover: Documentation

  • Document that @ConfigurationProperties beans are not scanned in sliced tests #23243
  • Fix documentation on Elasticsearch client configuration #23074
  • Provide examples of Actuator custom endpoints in the reference documentation #23060
  • Mention correct JUnit 5 annotations in Kotlin testing section #23004
  • Document that extracting layers with layertools doesn't work with executable JAR files #22993
  • Javadoc inaccuracy in SpringApplicationBuilder.properties(Properties) #22964
  • Fix typo Assert4J -> AssertJ #22960
  • Document that graceful shutdown may not work from IDEs #22959
  • Fix typos in docs #22945
  • Fix Gradle Plugin custom image name example and documentation #22918
  • Document how to use spring.factories to add auto-configuration to a test slice #22531
  • Update Maven Plugin's documentation to note the importance of configuring start and stop goals with the same JMX port #22401
  • Document how to perform tasks after application startup #22100
  • Document setting buildpack Java version from compiler plugin version #21796
  • Document that buildpacks use non-root users for building container images and running containers #21122

:hammer: Dependency Upgrades

  • Upgrade to Micrometer 1.5.5 #23393
  • Upgrade to Spring REST Docs 2.0.5.RELEASE #23376
  • Upgrade to Spring AMQP 2.2.11 #23373
Commits
  • c99c82a Release v2.3.4.RELEASE
  • 07dc202 Upgrade to Micrometer 1.5.5
  • 6e369c9 Merge branch '2.2.x' into 2.3.x
  • bd8300c Next development version (v2.2.11.BUILD-SNAPSHOT)
  • 16ff702 Merge branch '2.2.x' into 2.3.x
  • c23e420 Merge branch '2.1.x' into 2.2.x
  • dbd2783 Polish logging in BintrayService
  • 0fd61c1 Merge branch '2.2.x' into 2.3.x
  • 71e3844 Merge branch '2.1.x' into 2.2.x
  • cb4eb92 Next development version (v2.1.18.BUILD-SNAPSHOT)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 4 years ago

Superseded by #165.