Bump org.springframework.boot:spring-boot-dependencies from 2.7.16 to 2.7.17

[dependabot]

Bumps org.springframework.boot:spring-boot-dependencies from 2.7.16 to 2.7.17.

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v2.7.17

⚠️ Noteworthy Changes

• The behavior of spring.jms.listener.concurrency has been corrected to match the documentation (#37180). If you were setting spring.jms.listener.concurrency without also setting spring.jms.listener.max-concurrency, please review your configuration when upgrading.

🐞 Bug Fixes

• @Order does not work on (CommandLine|Application)Runner @Bean methods #37905
• Gradle plugin uses to-be-deprecated API for getting and setting file permissions #37878
• Task executor metrics are not registered when using lazy initialization #37832
• Constructor binding with a custom collection type does not work #37734
• Dependency management for kafka-server-common with a test classifier is missing #37499
• fileMode and dirMode are not applied to all entries in an archive produced by BootJar #37496
• Gradle plugin's build info support produces a deprecation warning when using Gradle 8.4-rc-1 #37493
• RepackageMojo doesn't support 1 digit numerical values for project.build.outputTimestamp #37438
• Restarter creates memory leak in tests #37373
• Contrary to the documentation, setting spring.jms.listener.concurrency alone configures the maximum concurrency #37180
• Application fails to start when an optional config import cannot be resolved #35683
• @ComponentScan on a test class is processed when creating a test context but is not included in the context's cache key #31577
• AspectJ transaction management with compile-time weaving does not work with spring.main.lazy-initialization=true #37506

📔 Documentation

• Remove link to LiveReload website due to timeout #37643
• Refer to ActiveMQ as ActiveMQ "Classic" #37606
• Use more idiomatic Kotlin in example for "Map Health Indicators to Micrometer Metrics" #37491
• Document support for Java 21 #37371

🔨 Dependency Upgrades

• Upgrade to Dropwizard Metrics 4.2.21 #37893
• Upgrade to Elasticsearch 7.17.14 #37840
• Upgrade to Infinispan 13.0.20.Final #37841
• Upgrade to Jetty 9.4.53.v20231009 #37842
• Upgrade to Jetty Reactive HTTPClient 1.1.15 #37927
• Upgrade to Micrometer 1.9.16 #37674
• Upgrade to Netty 4.1.100.Final #37843
• Upgrade to Pooled JMS 1.2.5 #37894
• Upgrade to Reactor Bom 2020.0.37 #37675
• Upgrade to Spring AMQP 2.4.17 #37676
• Upgrade to Spring Data Bom 2021.2.17 #37677
• Upgrade to Spring Session Bom 2021.2.3 #37928
• Upgrade to Tomcat 9.0.82 #37895
• Upgrade to UnboundID LDAPSDK 6.0.10 #37753
• Upgrade to Undertow 2.2.28.Final #37929

❤️ Contributors

Thank you to all the contributors who worked on this release:

... (truncated)

Commits

• 2caabd0 Release v2.7.17
• c7d6fbc Upgrade to Ubuntu Jammy 20231004
• b226ff4 Upgrade to Java 21.0.1+12
• d226ba8 Upgrade to Java 17.0.9+11
• ad93386 Upgrade to Java 11.0.21+10
• 62a074a Upgrade to Java 8u392+9
• 9a4e16a Upgrade to Ubuntu Jammy 20231004 in CI images #37954
• 817debb Fix constructor binding with conversion to custom collection type
• 7d6532c Merge pull request #37905 from ttddyy
• 04307aa Polish "Support @​Order on [CommandLine|Application]Runner @​Bean definitions"
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #13251 (a88703f) into 3.2 (ad26a69) will increase coverage by 0.06%.
Report is 1 commits behind head on 3.2.
The diff coverage is n/a.

@@             Coverage Diff              @@
##                3.2   #13251      +/-   ##
============================================
+ Coverage     69.49%   69.56%   +0.06%     
  Complexity        2        2              
============================================
  Files          1653     1653              
  Lines         68937    68937              
  Branches      10045    10045              
============================================
+ Hits          47907    47955      +48     
+ Misses        16398    16359      -39     
+ Partials       4632     4623       -9     

see 30 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information