Merge pull request #126 from spring-io/upgrade-boot-m6

build.gradle

@@ -1,7 +1,8 @@
 buildscript {
-    ext.vSpringBoot = '0.5.0.M4'
+    ext.vSpringBoot = '0.5.0.M6'
     ext.vSpringCore = '4.0.0.RC1'
-    ext.vHttpClient = '4.3-beta2'
+    ext.vSpringSec = '3.2.0.RC2'
+    ext.vHttpClient = '4.3'
     ext.vJunit = '4.11'
 
     repositories {

sagan-common/build.gradle

@@ -7,9 +7,9 @@ sourceSets {
 
 dependencies {
     compile "org.springframework:spring-context:${vSpringCore}"
-    compile 'org.springframework.security:spring-security-core:3.2.0.RC1'
+    compile "org.springframework.security:spring-security-core:${vSpringSec}"
     compile 'org.springframework.social:spring-social-github:1.0.0.M4'
-    compile 'org.springframework.boot:spring-boot-starter-data-jpa:0.5.0.M4'
+    compile "org.springframework.boot:spring-boot-starter-data-jpa:${vSpringBoot}"
 
     compile 'org.elasticsearch:elasticsearch:0.90.2'
     compile('io.searchbox:jest:0.0.4') {

sagan-indexer/src/main/resources/application.yml

@@ -23,6 +23,7 @@ spring:
     show_sql: false
     hibernate:
       namingstrategy: org.hibernate.cfg.EJB3NamingStrategy
+      ddl-auto: false
 
 security:
   basic:

sagan-site/build.gradle

@@ -20,14 +20,16 @@ dependencies {
     compile "org.springframework.boot:spring-boot-starter-web:${vSpringBoot}"
     compile "org.springframework.boot:spring-boot-starter-actuator:${vSpringBoot}"
     compile "org.springframework.boot:spring-boot-starter-security:${vSpringBoot}"
-    compile "org.springframework.security:spring-security-acl:3.2.0.RC1"
-
-    // thymeleaf is used as the template engine for serving HTML
-    compile 'org.thymeleaf:thymeleaf-spring3:2.0.18'
-    compile 'org.thymeleaf:thymeleaf:2.0.18'
-    compile 'nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect:1.1.1'
+    compile "org.springframework.security:spring-security-acl:${vSpringSec}"
+
+    // Thymeleaf is used as the template engine for serving HTML
+    // NOTE: versions below are intended to be in sync with spring-boot-dependencies pom @ ${vSpringBoot}
+    // e.g.: https://github.com/spring-projects/spring-boot/blob/v0.5.0.M6/spring-boot-dependencies/pom.xml
+    compile 'org.thymeleaf:thymeleaf-spring3:2.0.19'
+    compile 'org.thymeleaf:thymeleaf:2.0.19'
+    compile 'nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect:1.1.3'
     compile 'com.github.mxab.thymeleaf.extras:thymeleaf-extras-data-attribute:1.2'
-    compile 'org.thymeleaf.extras:thymeleaf-extras-springsecurity3:2.0.0'
+    compile 'org.thymeleaf.extras:thymeleaf-extras-springsecurity3:2.0.1'
 
     // nekohtml is required for thymeleaf's LEGACYHTML5 mode
     runtime 'net.sourceforge.nekohtml:nekohtml:1.9.15'

sagan-site/src/it/java/requestpostprocessors/SecurityRequestPostProcessors.java

@@ -36,6 +36,7 @@
  * Security is planned.
  * 
  * @author Rob Winch
+ * @author Chris Beams
  */
 public final class SecurityRequestPostProcessors {
 
@@ -81,7 +82,8 @@ private static class CsrfRequestPostProcessor implements RequestPostProcessor {
          */
         @Override
         public MockHttpServletRequest postProcessRequest(MockHttpServletRequest request) {
-            CsrfToken token = repository.generateAndSaveToken(request, new MockHttpServletResponse());
+            CsrfToken token = repository.generateToken(request);
+            repository.saveToken(token, request, new MockHttpServletResponse());
             request.setParameter(token.getParameterName(), token.getToken());
             return request;
         }

sagan-site/src/main/resources/application.yml

@@ -26,6 +26,7 @@ spring:
     show_sql: false
     hibernate:
       namingstrategy: org.hibernate.cfg.EJB3NamingStrategy
+      ddl-auto: false
 
 security:
   basic: