spring-projects / spring-security-samples

1.46k stars 709 forks source link

Bump org.springframework.boot from 3.2.6 to 3.2.8 #291

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 4 months ago

Bumps org.springframework.boot from 3.2.6 to 3.2.8.

Release notes

Sourced from org.springframework.boot's releases.

v3.2.8

:lady_beetle: Bug Fixes

  • NPE during auto-configuration in OnClassCondition.resolveOutcomesThreaded because firstHalf is null #41492
  • No configuration property for defaultTimeout setting that was introduced in Spring Integration 6.2 #41477
  • NoSuchMethodException on org.apache.activemq.ActiveMQConnectionFactory.<init> when using spring-boot-starter-activemq in a native image #41212
  • build-image failures after docker desktop update with 'Illegal char at index 5: npipe:////' #41199
  • DirtiesContext used with Webflux, a random port and multiple contexts causes multiple contexts to misbehave #38199
  • When using Jetty, filters, listeners, and servlets are not initialized with the same thread context classloader #37649
  • Error message can be misleading if spring.config.import fails to resolve #36243
  • TestcontainersLifecycleBeanPostProcessor does not work correctly with scoped beans #35786
  • PropertiesMigrationListener wrongly reports property as deprecated #35774

:notebook_with_decorative_cover: Documentation

  • Fix documentation links in the README #41547
  • Document the types to which each spring.mvc.format and spring.webflux.format property applies #41482
  • Fix typos in javadoc of BootstrapContext #41443
  • Document that logging.file.name and logging.file.path cannot be used together #41351
  • Document tracing support for RestClient #41182
  • Update Kotlin DSL examples that configure the environment of bootBuildImage to be additive #41173

:hammer: Dependency Upgrades

  • Upgrade to AspectJ 1.9.22.1 #41470
  • Upgrade to Byte Buddy 1.14.18 #41361
  • Upgrade to Dependency Management Plugin 1.1.6 #41362
  • Upgrade to GraphQL Java 21.5 #41340
  • Upgrade to Groovy 4.0.22 #41363
  • Upgrade to HttpCore5 5.2.5 #41364
  • Upgrade to Jetty 12.0.11 #41365
  • Upgrade to JsonAssert 1.5.3 #41366
  • Upgrade to JUnit Jupiter 5.10.3 #41367
  • Upgrade to Lombok 1.18.34 #41368
  • Upgrade to Micrometer 1.12.8 #41292
  • Upgrade to Micrometer Tracing 1.2.8 #41293
  • Upgrade to Neo4j Java Driver 5.22.0 #41370
  • Upgrade to Reactor Bom 2023.0.8 #41436
  • Upgrade to Spring Data Bom 2023.1.8 #41294
  • Upgrade to Spring Framework 6.1.11 #41295
  • Upgrade to Spring GraphQL 1.2.8 #41523
  • Upgrade to Spring HATEOAS 2.2.3 #41493
  • Upgrade to Spring Integration 6.2.7 #41296
  • Upgrade to Spring Kafka 3.1.7 #41297
  • Upgrade to Spring Pulsar 1.0.8 #41532
  • Upgrade to Spring Retry 2.0.7 #41484
  • Upgrade to SQLite JDBC 3.43.2.2 #41495
  • Upgrade to Tomcat 10.1.26 #41496

:heart: Contributors

... (truncated)

Commits
  • 45a6c53 Release v3.2.8
  • f5df7e7 Fix documentation links in the README
  • 07b103c Prohibit upgrades to Undertow 2.3.15
  • 4e205ed Upgrade to Spring Pulsar 1.0.8
  • 0eb830d Upgrade to Spring Integration 6.2.7
  • 7966d11 Upgrade to Spring GraphQL 1.2.8
  • 1cc7498 Add property for Integration's default endpoint timeout
  • 17d6f90 Document types to which format properties apply
  • 6941d0e Document that logging.file.path if logging.file.name is set
  • 49538ad Upgrade to Spring Kafka 3.1.7
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)