search

spring-projects / spring-security-samples

1.46k stars 711 forks source link

Bump org.springframework.boot from 3.1.7 to 3.1.8 #188

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 10 months ago

Bumps org.springframework.boot from 3.1.7 to 3.1.8.

Release notes

Sourced from org.springframework.boot's releases.

v3.1.8

:lady_beetle: Bug Fixes

  • SslBundle implementations do not provide useful toString() results #39137
  • Mixing PEM and JKS certificate material in server.ssl properties does not work #39105
  • spring.rabbitmq.listener.stream.auto-startup property has no effect #39072
  • Error mark in the log message for PatternParseException is in the wrong place #38944
  • AutoConfigurationSorter does not always respect @AutoConfigureOrder(Ordered.LOWEST_PRECEDENCE) #38904
  • Throwable from logging system initialization may result in the application silently failing to start #38885
  • Actuator endpoints with no operations that use selectors are not accessible when mapped to / #35426

:notebook_with_decorative_cover: Documentation

  • Remove entry for OCI starter as it is no longer maintained #39164
  • Fix link to Log4j2's JDK logging adapter documentation #39163
  • Update links to Micrometer docs in metrics section of reference docs #39114
  • Correct the documentation on injecting dependencies into FailureAnalyzer implementations #39099
  • Improve "Sanitize Sensitive Values" section in reference documentation #39094

:hammer: Dependency Upgrades

  • Upgrade to Byte Buddy 1.14.11 #39174
  • Upgrade to Groovy 4.0.17 #39175
  • Upgrade to Hibernate 6.2.20.Final #39176
  • Upgrade to jOOQ 3.18.9 #39177
  • Upgrade to Micrometer 1.11.8 #38974
  • Upgrade to Micrometer Tracing 1.1.9 #38975
  • Upgrade to Neo4j Java Driver 5.15.0 #39135
  • Upgrade to Netty 4.1.105.Final #39178
  • Upgrade to R2DBC MySQL 1.0.6 #39179
  • Upgrade to R2DBC Postgresql 1.0.4.RELEASE #39180
  • Upgrade to R2DBC Proxy 1.1.4.RELEASE #39181
  • Upgrade to Reactor Bom 2022.0.15 #38976
  • Upgrade to SLF4J 2.0.11 #39182
  • Upgrade to Spring Data Bom 2023.0.8 #38977
  • Upgrade to Spring Framework 6.0.16 #39069
  • Upgrade to Spring WS 4.0.10 #39129
  • Upgrade to Tomcat 10.1.18 #39183

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​BenchmarkingBuffalo, @​FBibonne, @​Wzy19930507, @​amparab, @​dependabot[bot], @​dreis2211, and @​tobias-lippert

Commits
  • 0465bb6 Release v3.1.8
  • 7f9bd1c Switch harbor push location
  • 9e2a312 Update CI to use harbor
  • 8147b7a Merge pull request #39162 from Wzy19930507
  • bc52ac6 Polish 'Reactor PemPrivateKeyParser to use DerElement'
  • cc6303f Reactor PemPrivateKeyParser to use DerElement
  • c2ca6bf Upgrade RedHat UBI to 9.3-1476
  • 35b4545 Upgrade test images to ubuntu:jammy-20240111
  • a8c1782 Upgrade to Java 21 to 21.0.2+14
  • 3139447 Upgrade CI images to ubuntu:jammy-20240111
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)