search

spring-projects / spring-security-samples

1.46k stars 709 forks source link

Bump org.springframework.boot from 3.1.8 to 3.1.9 #214

Closed dependabot[bot] closed 8 months ago

dependabot[bot] commented 9 months ago

Bumps org.springframework.boot from 3.1.8 to 3.1.9.

Release notes

Sourced from org.springframework.boot's releases.

v3.1.9

:warning: Noteworthy

  • This release upgrades to Hibernate 6.2.22.Final. While it contains a number of valuable bug fixes, it does not work correctly in a native image. If you are using GraalVM, Hibernate should be temporarily downgraded to 6.2.20.Final using the hibernate.version property.

:lady_beetle: Bug Fixes

  • Image building runs for a long time when a long image name is used and the tag contains an illegal character #39617
  • Banner printing doesn't respect set charset #39601
  • Gradle plugin allows the use of Gradle 7.4 but the documented and tested minimum is 7.5 #39508
  • Property placeholders aren't resolved when configuration property binding creates a Map from a property value using a converter #39507
  • Several gson properties, including spring.gson.disable-html-escaping, do not behave correctly when set to false #39504
  • TestcontainersPropertySource assertion has typo #39440
  • Building images fails with Docker 25.0 when custom buildpacks are configured #39323
  • Metadata reading during configuration class parsing uses the default resource loader rather than the application's resource loader #39321
  • Mockito's MockedStatic isn't closed in all cases #39271
  • TracingProperties exposes package-private PropagationType from public methods #39265
  • Webflux actuator endpoints respond with 500 when a parameter is missing #39236

:notebook_with_decorative_cover: Documentation

  • Add note regarding mixing of bundle-based and direct SSL configuration #39616
  • Document default value for show-value configuration properties #39589
  • Update the Debugging Documentation of the Spring Boot Maven Plugin #39392
  • Endpoint documentation contains the typo 'Unuthorized' #39279
  • Update Revved up by Develocity badge #39242

:hammer: Dependency Upgrades

  • Upgrade to Byte Buddy 1.14.12 #39659
  • Upgrade to Dropwizard Metrics 4.2.25 #39553
  • Upgrade to Groovy 4.0.18 #39554
  • Upgrade to Hibernate 6.2.22.Final #39555
  • Upgrade to Infinispan 14.0.24.Final #39556
  • Upgrade to Jackson Bom 2.15.4 #39660
  • Upgrade to Janino 3.1.12 #39557
  • Upgrade to Jetty 11.0.20 #39559
  • Upgrade to Jetty Reactive HTTPClient 3.0.12 #39558
  • Upgrade to jOOQ 3.18.11 #39661
  • Upgrade to JsonPath 2.9.0 #39328
  • Upgrade to Micrometer 1.11.9 #39454
  • Upgrade to Micrometer Tracing 1.1.10 #39455
  • Upgrade to Neo4j Java Driver 5.17.0 #39551
  • Upgrade to Netty 4.1.107.Final #39561
  • Upgrade to Postgresql 42.6.1 #39662
  • Upgrade to Reactor Bom 2022.0.16 #39456
  • Upgrade to SLF4J 2.0.12 #39562
  • Upgrade to Spring AMQP 3.0.11 #39457
  • Upgrade to Spring Authorization Server 1.1.5 #39458
  • Upgrade to Spring Batch 5.0.5 #39459
  • Upgrade to Spring Data Bom 2023.0.9 #39460

... (truncated)

Commits
  • e07df98 Release v3.1.9
  • 3930414 Upgrade CI images to ubuntu:jammy-20240212
  • 2c4909a Update copyright year of changed files
  • 3e46fff Upgrade to Undertow 2.3.12.Final
  • 2581c5c Upgrade to Tomcat 10.1.19
  • 1c5858e Upgrade to Spring Security 6.1.7
  • f0da887 Upgrade to Spring LDAP 3.1.4
  • 1036182 Upgrade to Spring Kafka 3.0.14
  • 6a67eea Upgrade to Spring Integration 6.1.6
  • d14fa83 Upgrade to Spring GraphQL 1.2.5
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)