search

spring-projects / spring-security-samples

1.4k stars 685 forks source link

Bump org.springframework.boot from 3.1.9 to 3.1.11 #246

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 5 months ago

Bumps org.springframework.boot from 3.1.9 to 3.1.11.

Release notes

Sourced from org.springframework.boot's releases.

v3.1.11

:lady_beetle: Bug Fixes

  • ClientObservationConventionAdapter overwrites WebClient request attributes #40330
  • Loading of custom deny-all filter can cause a StackOverflowError when deploying to Tomcat with Log4j2 configured to use a single JVM-wide logger context #40235
  • Log4j2LoggingSystem pollutes Log4j2's environment with a SpringEnvironmentPropertySource that is never removed #40178
  • BindValidationFailureAnalyzer uses wrong target #40035
  • When using Maven, configuring the spring-boot.excludes or spring-boot-includes user properties causes the build to fail with "Cannot find default setter" #39837
  • @ServletComponentScan does not register servlet components in a mock web environment #39736

:notebook_with_decorative_cover: Documentation

  • Producible's javadoc has the wrong link text for @WriteOperation and @DeleteOperation #40385

:hammer: Dependency Upgrades

  • Upgrade to ActiveMQ 5.18.4 #40388
  • Upgrade to AspectJ 1.9.22 #40279
  • Upgrade to Byte Buddy 1.14.13 #40280
  • Upgrade to Groovy 4.0.21 #40281
  • Upgrade to Hibernate 6.2.24.Final #40282
  • Upgrade to Jakarta Json Bind 3.0.1 #40283
  • Upgrade to Jersey 3.1.6 #40284
  • Upgrade to jOOQ 3.18.14 #40285
  • Upgrade to Lombok 1.18.32 #40286
  • Upgrade to Micrometer 1.11.11 #40196
  • Upgrade to Micrometer Tracing 1.1.12 #40197
  • Upgrade to Neo4j Java Driver 5.19.0 #40205
  • Upgrade to Netty 4.1.109.Final #40389
  • Upgrade to R2DBC Postgresql 1.0.5.RELEASE #40390
  • Upgrade to Reactor Bom 2022.0.18 #40198
  • Upgrade to SLF4J 2.0.13 #40391
  • Upgrade to Spring AMQP 3.0.13 #40373
  • Upgrade to Spring Authorization Server 1.1.7 #40199
  • Upgrade to Spring Data Bom 2023.0.11 #40200
  • Upgrade to Spring Framework 6.0.19 #40201
  • Upgrade to Spring GraphQL 1.2.6 #40288
  • Upgrade to Spring HATEOAS 2.1.5 #40374
  • Upgrade to Spring Integration 6.1.8 #40202
  • Upgrade to Spring Kafka 3.0.16 #40375
  • Upgrade to Spring LDAP 3.1.5 #40203
  • Upgrade to Spring Security 6.1.9 #40204
  • Upgrade to Tomcat 10.1.20 #40289

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​FelixDes, @​dependabot[bot], @​izeye, @​mstahv, @​ppkarwasz, and @​spencergibb

... (truncated)

Commits
  • f104903 Release v3.1.11
  • 8a22108 Use the version not the tag when creating the build name
  • 22698ea Fix references to inputs in Sync to Maven Central action
  • e0d00c0 Fix version output of build-and-stage-release job
  • 35725b4 Reverse order so one checkout does not delete the other
  • b48cf9b Improve verify workflow's handling of secrets
  • 3479304 Disable creation time verification on Linux
  • 20e291d Correct the name of the Gradle Enterprise access key input
  • 1b03cf0 Remove type from secrets declarations
  • 9a589ea Fix passing of repository username and password into verify
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 3 months ago

Superseded by #257.