search

spring-projects / spring-security-samples

1.45k stars 703 forks source link

Bump org.springframework.boot from 3.2.3 to 3.2.6 #255

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 5 months ago

Bumps org.springframework.boot from 3.2.3 to 3.2.6.

Release notes

Sourced from org.springframework.boot's releases.

v3.2.6

:lady_beetle: Bug Fixes

  • Image building fails during cleanup when bind mount has read-only content #40760
  • Failure Analysis for InvalidConfigurationPropertyValueException is skipped when the property is not set #40690
  • setReadTimeout can't be set via Reflective factory on JettyClientHttpRequestFactory #40635
  • URISyntaxException is raised if the spring boot application is started in a location that contains invalid URI characters #40615
  • Help information for spring init's build option has the wrong default #40605
  • When using JPA and ImportTestcontainers, test context may fail to refresh due to "Mapped port can only be obtained after the container is started" #40585
  • IllegalArgumentException can be thrown when running an uber jar on a shared drive #40549
  • spring-boot-dependencies cannot be used with repositories that ban com.oracle.database.jdbc:ojdbc-bom #40534
  • SpringBootMockMvcBuilderCustomizer can crash cryptically while collecting data that it would have discarded anyway #40516
  • Containers not shut down between tests when using .withReuse(true) but env. does not support reuse (e.g. CI builds) #40508
  • Pulsar auth parameters don't properly encode JSON values #40493
  • Runtime hint registration for property binding should not fail when parameter information is unavailable #40485
  • ServiceLevelObjectiveBoundary properties cannot be bound in a native image application #40482
  • spring.data.redis.cluster.nodes and spring.data.redis.sentinel.nodes do not handle IPv6 addresses correctly #40466
  • Using relative paths to describe the classpath in the error message from ResolveMainClassName hinders problem diagnosis #40464
  • Native image doesn't start and doesn't log anything if an environment post processor throws an exception #40450
  • Unlike DataSourceAutoConfiguration, DevToolsDataSourceAutoConfiguration assumes that javax.sql.DataSource will always be available #40440
  • Starting from 3.2.x, @SpyBean is not able to initialise MongoRepository bean of the generic type #40234
  • AnsiOutput.detectIfAnsiCapable broken on JDK22 #40172
  • Buildpacks do not support Docker with containerd image store #40100
  • resolveMainClassName fails when building with Gradle using Java 22 #40074
  • server.error.include-binding-errors does not recognize MethodValidationResult exceptions #39865
  • JarUrlConnection.getPermission() can throw NullPointerException if jarFileConnection is null #39856
  • gradlew bootBuildImage fails with Podman on macOS Sonoma #39830
  • CookieSameSiteSupplier influences session cookie #39766
  • Auto-configuration ordering change breaks DocumentReference (in non-reactive MongoTemplate) when depending on mongodb-driver-reactivestreams #39405
  • Properties binding eagerly creates superfluous maps #39375
  • Configuring SSL bundle reload for non-file resource types causes errors that are difficult to diagnose #38903
  • In some situations, the failure when the AOT-generated initializer cannot be loaded is less helpful than before #38645

:notebook_with_decorative_cover: Documentation

  • Improve graceful shutdown documentation to remove ambiguity #40845
  • Document ways to opt out from immutable @ConfigurationProperties binding with single constructor #40843
  • Document that a custom HttpMessageConverters bean can be used to reorder json message converters when needed #40838
  • Address ambiguity now that Testcontainers has two classes named KafkaContainer #40699
  • Clarify devtools restart class loader #40607
  • Note that spring-boot-docker-compose is excluded by default from packaged jars #40564
  • Clarify docs around spring.jpa.generate-ddl #40522
  • Clarify the directory that's used by default to find Docker Compose compose.yaml #40514
  • Clarify that all named properties must match for @ConditionalOnProperty to match #40470
  • Links to Spring Batch javadoc for EnableBatchProcessing and DefaultBatchConfiguration are broken #40468
  • Suggest testAndDevelopmentOnly configuration when using Docker Compose support in tests #40171

:hammer: Dependency Upgrades

  • Upgrade to Byte Buddy 1.14.16 #40877

... (truncated)

Commits
  • 106ae49 Release v3.2.6
  • f9c10f3 Merge branch '3.1.x' into 3.2.x
  • 6b0f875 Next development version (v3.1.13-SNAPSHOT)
  • e77ffd8 Upgrade to Spring Framework 6.1.8
  • 477cdca Upgrade to Spring Batch 5.1.2
  • 6ca3db0 Upgrade to Netty 4.1.110.Final
  • 0ffd7e6 Upgrade to Byte Buddy 1.14.16
  • 9437ab9 Merge branch '3.1.x' into 3.2.x
  • 5620994 Upgrade to Spring Framework 6.0.21
  • 29dbc04 Upgrade to Netty 4.1.110.Final
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)