Skip to content
This repository has been archived by the owner on Apr 4, 2022. It is now read-only.

Bump spring-boot-dependencies from 2.4.2 to 2.4.3 in /java/backend #192

Merged
merged 1 commit into from Mar 14, 2021
Merged

Bump spring-boot-dependencies from 2.4.2 to 2.4.3 in /java/backend #192

merged 1 commit into from Mar 14, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 14, 2021

Bumps spring-boot-dependencies from 2.4.2 to 2.4.3.

Release notes

Sourced from spring-boot-dependencies's releases.

v2.4.3

🗒️ Noteworthy Changes

Nimbus JOSE JWT

In versions 5.4.4 and earlier, Spring Security 5.4.x depended on versions of oauth2-oidc-sdk and nimbus-jose-jwt that were not compatible with each other. This was corrected in Spring Security 5.4.5 by downgrading from nimbus-jose-jwt 9.x to 8.x. A similar change has been made to Spring Boot's dependency management in this release. If you were relying on nimbus-jose-jwt 9.x, you can restore the 9.x version using the nimbus-jose-jwt.version property.

🪲 Bug Fixes

  • DataSourceBuilder no longer invokes setUser on org.postgresql.ds.PGSimpleDataSource #25363
  • DatabaseDriver does not detect Amazon Redshift correctly #25312
  • Migrations performed by Flyway or Liquibase may not have completed before the database is accessed via jOOQ #25310
  • No error message when using spring.profiles.include in a profile-specific config file if it's written as a YAML list #25309
  • Dependency management for Hibernate's new hibernate-micrometer module is missing #25305
  • DataSourceBuilder no longer invokes setUser on org.h2.jdbcx.JdbcDataSource #25263
  • Missing RabbitMQ metrics if bean is defined as a ConnectionFactory #25185
  • A ContextRefreshedEvent from a child context may result in deadlock when using JPA deferred repositories #25174
  • Gradle plugin does not include transitive project dependencies into application layer #25163
  • initQueryTimeout and ildeTimeout defaults are not aligned with Cassandra defaults #25150
  • Remote application from devtools does not work with security filter in WebSecurityConfigurerAdapter #25147
  • TestRestTemplate exchange triggers UnsupportedOperationException when using a UriTemplateRequestEntity #25097
  • WebMvcTest and WebFluxTest ignore user-provided Thymeleaf IDialect beans #25072
  • Managed versions of oauth2-oidc-sdk and nimbus-jose-jwt are incompatible #25070
  • BeanCreationException thrown creating 'neo4jMappingContext' with Spring Boot 2.4.2 when combined with MongoDB #25069
  • Collection conversion doesn't work for configtree properties #25057
  • ConfigData with Option.IGNORE_IMPORTS can cause NPE #25029
  • spring.config.activate.on-profile cannot be used in profile specific file #24990
  • ConfigDataLoaders cannot have a DeferredLogFactory injected preventing their subcomponents from logging accurately #24988
  • Spring Data Solr support is not flagged as deprecated #24943
  • Since 2.4.2, the Logback charset defaults to UTF-8 rather than the OS's default #24894
  • InvalidConfigDataPropertyException thrown when server processed ConfigData contains profiles #24890
  • When spring.mvc.pathmatch.matching-strategy is set to path-pattern-parser, the error handling of a management server listening on a separate port is broken #24877
  • mappings endpoint fails due to an NPE when spring.mvc.pathmatch.matching-strategy is set to path-pattern-parser #24874
  • Failures when recording metrics in MetricsClientHttpRequestInterceptor may interfere with RestTemplate's main behaviour #24872
  • Auto-configured DataSourceTransactionManager uses spring.dao.exceptiontranslation.enable rather than spring.dao.exceptiontranslation.enabled to control exception translation #24867
  • Illegal reflective access by org.springframework.cglib.core.ReflectUtils #24857
  • Configuration metadata for logging.charset.* has invalid reference for java.nio.charset.Charset #24851
  • Asynchronous deserialization performed by Hazelcast may fail due to the wrong ClassLoader being used #24836

📔 Documentation

  • Update the Gradle plugin documentation to recommend the maven-publish plugin over the maven plugin #25307
  • Document Kafka Streams metrics support #25297
  • Default values of integer properties in the application properties appendix are rendered as decimals #25176
  • Clarify usage of BufferingApplicationStartup #25075
  • Since 2.3.8 and 2.4.2, the documented index format does not match the implementation #25066
  • Clarify when retaining . characters in property keys requires bracket notation to be used #25064
  • Highlight that Duration and Period conversion is provided by the ApplicationConversionService and, by default, is not available for web conversion #25061
  • Document logging.register-shutdown-hook and why you may want to enable it #25044
  • bootRun project property command line example is incomplete #25042
  • Document the need to use the launcher to be able to use application.* properties in a custom banner #25040

... (truncated)

Commits
  • 49ea417 Release v2.4.3
  • 526474f Add username alias for Postgres's PGSimpleDataSource
  • bb56de7 Upgrade to Spring Security 5.4.5
  • 08f73e0 Upgrade to Spring Kafka 2.6.6
  • 50a258a Upgrade to Spring Integration 5.4.4
  • 332ab5e Upgrade to Spring AMQP 2.3.5
  • a2695f2 Upgrade to Spring Data 2020.0.5
  • 0a72f4d Merge branch '2.3.x' into 2.4.x
  • 90fb65d Upgrade to 0.0.6 of the changelog generator
  • 83a18a3 Start using 0.0.6 snapshots of the changelog generator
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump spring-boot-dependencies from 2.4.2 to 2.4.3 in /java/backend
dc79ffa 
Bumps [spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.4.2...v2.4.3)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 14, 2021
@banderous banderous merged commit fd788b5 into master Mar 14, 2021
@banderous banderous deleted the dependabot/gradle/java/backend/org.springframework.boot-spring-boot-dependencies-2.4.3 branch March 14, 2021 13:17
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@banderous