Skip to content

Bump org.springframework.boot from 2.1.5.RELEASE to 2.3.5.RELEASE #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump org.springframework.boot from 2.1.5.RELEASE to 2.3.5.RELEASE #55

wants to merge 1 commit into from

Conversation

@dependabot-preview
Copy link
Contributor

@dependabot-preview dependabot-preview bot commented Oct 29, 2020

Bumps org.springframework.boot from 2.1.5.RELEASE to 2.3.5.RELEASE.

Release notes

Sourced from org.springframework.boot's releases.

v2.3.4.RELEASE

🪲 Bug Fixes

  • @ManagementContextConfiguration is meta-annotated with @Configuration(proxyBeanMethods=false) which does not disable proxying #23305
  • Signed jar dependency performance problem when repackaged in a single jar #23264
  • ValidationHandler no longer works with certain map keys #23260
  • MVC error model unnecessarily requires timestamp entry to be a java.util.Date #23258
  • Missing sanitization in lists of URIs properties on actuator endpoints #23252
  • Cassandra's pool duration mapping uses a wrong duration unit #23249
  • When using HSQLDB, Hikari logs a warning message about the driver class name when the first connection is retrieved from the pool #23203
  • ErrorPageFilter is no longer ordered at HIGHEST_PRECEDENCE + 1 #23200
  • spring-boot-dependencies should not define a spring-boot.version property #23174
  • PropertiesLauncher fails to load PBKDF-OpenSSL of bcprov-jdk15on-1.64.jar #23165
  • Configurable SSL Logback extensions can't be supported due to URL checks #23135
  • Image building support does not zero-pad digest hashes to 64 characters #23132
  • Image builder fails silently when there's an error loading the ephemeral image #23130
  • Large files can throw YAMLException due to node limits #23096
  • RSocketPortInfoApplicationContextInitializer can throw NPE #23087
  • UndertowWebServerFactoryCustomizer requires commons lang via an unintended import on ClassUtils #23063
  • JarFile can cause memory issues when running on Java 11+ #22998
  • Dependency convergence error for nimbus-jose-jwt when depending on spring-boot-starter-oauth2-client #22996
  • LayoutFactory can be presented with empty source file #22995
  • Metrics auto-configurations are not ordered correctly #22989
  • The @TypeExcludeFilters annotation is not @Inherited #22966
  • Exception inclusion cannot be disabled when sub-classing DefaultErrorAttributes and using its deprecated constructor #22750
  • Too much logging when building an OCI image with Maven #22674

📔 Documentation

  • Document that @ConfigurationProperties beans are not scanned in sliced tests #23243
  • Fix documentation on Elasticsearch client configuration #23074
  • Provide examples of Actuator custom endpoints in the reference documentation #23060
  • Mention correct JUnit 5 annotations in Kotlin testing section #23004
  • Document that extracting layers with layertools doesn't work with executable JAR files #22993
  • Javadoc inaccuracy in SpringApplicationBuilder.properties(Properties) #22964
  • Fix typo Assert4J -> AssertJ #22960
  • Document that graceful shutdown may not work from IDEs #22959
  • Fix typos in docs #22945
  • Fix Gradle Plugin custom image name example and documentation #22918
  • Document how to use spring.factories to add auto-configuration to a test slice #22531
  • Update Maven Plugin's documentation to note the importance of configuring start and stop goals with the same JMX port #22401
  • Document how to perform tasks after application startup #22100
  • Document setting buildpack Java version from compiler plugin version #21796
  • Document that buildpacks use non-root users for building container images and running containers #21122

🔨 Dependency Upgrades

  • Upgrade to Micrometer 1.5.5 #23393
  • Upgrade to Spring REST Docs 2.0.5.RELEASE #23376
  • Upgrade to Spring AMQP 2.2.11 #23373
Commits
  • 4bc56fd Release v2.3.5.RELEASE
  • 33d66b7 Fix to spring-doc-resources version
  • b0c2687 Update copyright year of changed files
  • 2992f40 Upgrade to spring-doc-resources 0.2.3.RELEASE
  • 70d9602 Merge branch '2.2.x' into 2.3.x
  • e7eb773 Use overriding rather than overridden getter methods in config prop AP
  • eb77a20 Merge branch '2.2.x' into 2.3.x
  • 79a8335 Next development version (v2.2.12.BUILD-SNAPSHOT)
  • cc3c898 Upgrade to github-changelog-generator 0.0.4
  • 3b899ee Merge branch '2.1.x' into 2.2.x
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview
Bump org.springframework.boot from 2.1.5.RELEASE to 2.3.5.RELEASE
5e3e611 
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 2.1.5.RELEASE to 2.3.5.RELEASE.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.1.5.RELEASE...v2.3.5.RELEASE)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Oct 29, 2020
@dependabot-preview dependabot-preview bot mentioned this pull request Oct 29, 2020
Closed
@dependabot-preview
Copy link
Contributor Author

dependabot-preview bot commented Nov 12, 2020

Superseded by #57.

@dependabot-preview dependabot-preview bot deleted the dependabot/gradle/org.springframework.boot-2.3.5.RELEASE branch November 12, 2020 20:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant