mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-16 19:33:11 +02:00
dda3f65f40e1bcb43bced4a197a368f2c737fcf1
100
Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
3cc3037408 |
Bump me.friwi:jcefmaven from 132.3.1 to 135.0.20 (#3548)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [me.friwi:jcefmaven](https://github.com/jcefmaven/jcefmaven) from 132.3.1 to 135.0.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jcefmaven/jcefmaven/releases">me.friwi:jcefmaven's releases</a>.</em></p> <blockquote> <h2>JCEF Maven 135.0.20</h2> <p><strong>Update JCEF to <a href="https://bitbucket.org/chromiumembedded/java-cef/commits/ca49ada5c7e3fc98cd7058b6253b59f967530a65">ca49ada</a></strong></p> <p>Build: [GitHub Actions <a href="https://redirect.github.com/jcefmaven/jcefmaven/issues/94">#94</a>](<a href="https://github.com/jcefmaven/jcefmaven/actions/runs/15018447852">https://github.com/jcefmaven/jcefmaven/actions/runs/15018447852</a>) MVN version: 135.0.20 JCEF commit: ca49ada CEF version: 135.0.20+ge7de5c3+chromium-135.0.7049.85</p> <p><strong>Use with Maven:</strong></p> <pre><code><dependency> <groupId>me.friwi</groupId> <artifactId>jcefmaven</artifactId> <version>135.0.20</version> </dependency> </code></pre> <!-- raw HTML omitted --> <h5>Linux AMD64</h5> <pre><code><dependency> <groupId>me.friwi</groupId> <artifactId>jcef-natives-linux-amd64</artifactId> <version>jcef-ca49ada+cef-135.0.20+ge7de5c3+chromium-135.0.7049.85</version> </dependency> </code></pre> <h5>Linux ARM</h5> <pre><code><dependency> <groupId>me.friwi</groupId> <artifactId>jcef-natives-linux-arm</artifactId> <version>jcef-ca49ada+cef-135.0.20+ge7de5c3+chromium-135.0.7049.85</version> </dependency> </code></pre> <h5>Linux ARM64</h5> <pre><code><dependency> <groupId>me.friwi</groupId> <artifactId>jcef-natives-linux-arm64</artifactId> <version>jcef-ca49ada+cef-135.0.20+ge7de5c3+chromium-135.0.7049.85</version> </dependency> </code></pre> <h5>Macosx AMD64</h5> <pre><code><dependency> </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jcefmaven/jcefmaven/commit/91b0aca9c0fbe76cd9df609aa6f10230dddf54c6"><code>91b0aca</code></a> Update README.md to 135.0.20</li> <li>See full diff in <a href="https://github.com/jcefmaven/jcefmaven/compare/132.3.1...135.0.20">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
70a9b5f009 |
Bump jakarta.servlet:jakarta.servlet-api from 6.0.0 to 6.1.0 (#3631)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [jakarta.servlet:jakarta.servlet-api](https://github.com/eclipse-ee4j/servlet-api) from 6.0.0 to 6.1.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/eclipse-ee4j/servlet-api/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b08bc191fc |
Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.6 to 2.8.8 (#3628)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.8.6 to 2.8.8. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/springdoc/springdoc-openapi/releases">org.springdoc:springdoc-openapi-starter-webmvc-ui's releases</a>.</em></p> <blockquote> <h2>v2.8.8</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.7...v2.8.8">https://github.com/springdoc/springdoc-openapi/compare/v2.8.7...v2.8.8</a></p> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a> - Handle projects not using kotlin-reflect <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li> </ul> <h2>springdoc-openapi v2.8.7 released!</h2> <h2>What's Changed</h2> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a> - Introducing springdoc-openapi-bom project</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2948">#2948</a> - Customize Servers via application.yml</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2963">#2963</a> - Set default content type for problem details object to application/problem+jso</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a> - List of value classes in Kotlin</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade swagger-ui to v5.21.0</li> <li>Upgrade swagger-core to 2.2.30</li> <li>Upgrade spring-boot to version 3.4.5</li> <li>Upgrade spring-security-oauth2-authorization-server to version 1.4.3</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2947">#2947</a> - Unexpected warning "Appended trailing slash to static resource location"</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2960">#2960</a> - NPE when customizing group's open-api without specifying any schema</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2969">#2969</a> - fix path to register resource handler to work SwaggerIndexPageTransformer considering /webjar path prefix</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2964">#2964</a> - Cannot add custom description and example for java.time.Duration since v2.8.6</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2972">#2972</a> - <a href="https://github.com/Header"><code>@Header</code></a>(schema = <a href="https://github.com/Schema"><code>@Schema</code></a>(type = "string")) generates empty or broken schema in OpenAPI output since 2.8.0</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>, <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a> - Build Failure due to Private Inner Class.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2556">#2556</a> - Unable to determine if it is a Kotlin type</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lagoshny"><code>@lagoshny</code></a> made their first contribution in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/2970">springdoc/springdoc-openapi#2970</a></li> <li><a href="https://github.com/mymx2"><code>@mymx2</code></a> made their first contribution in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/2950">springdoc/springdoc-openapi#2950</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.7">https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md">org.springdoc:springdoc-openapi-starter-webmvc-ui's changelog</a>.</em></p> <blockquote> <h2>[2.8.8] - 2025-05-04</h2> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a> - Handle projects not using kotlin-reflect <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li> </ul> <h2>[2.8.7] - 2025-05-04</h2> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a> - Introducing springdoc-openapi-bom project</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2948">#2948</a> - Customize Servers via application.yml</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2963">#2963</a> - Set default content type for problem details object to application/problem+jso</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a> - List of value classes in Kotlin</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade swagger-ui to v5.21.0</li> <li>Upgrade swagger-core to 2.2.30</li> <li>Upgrade spring-boot to version 3.4.5</li> <li>Upgrade spring-security-oauth2-authorization-server to version 1.4.3</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2947">#2947</a> - Unexpected warning "Appended trailing slash to static resource location"</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2960">#2960</a> - NPE when customizing group's open-api without specifying any schema</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2969">#2969</a> - fix path to register resource handler to work SwaggerIndexPageTransformer considering /webjar path prefix</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2964">#2964</a> - Cannot add custom description and example for java.time.Duration since v2.8.6</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2972">#2972</a> - <a href="https://github.com/Header"><code>@Header</code></a>(schema = <a href="https://github.com/Schema"><code>@Schema</code></a>(type = "string")) generates empty or broken schema in OpenAPI output since 2.8.0</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>, <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a> - Build Failure due to Private Inner Class.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/bce44dbe502cbaeeff6188fe210042859aa0ed54"><code>bce44db</code></a> [maven-release-plugin] prepare release v2.8.8</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/707fce0271fda0c713c412488247dba4cc32d98c"><code>707fce0</code></a> Handle projects not using kotlin-reflect. Fixes <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/7a3546cb733d3ca493b6e622778a97c73b39b04a"><code>7a3546c</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/764ef2fd42040232a7a9280d826ed72a591da3df"><code>764ef2f</code></a> [maven-release-plugin] prepare release v2.8.7</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/98dacbda5cbdb0a278aa407ddc6aa05c8f23f031"><code>98dacbd</code></a> Prepare for the next release</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/5eb7d77e55df6b1b4ea1964fb146233f88b71e2d"><code>5eb7d77</code></a> pom.xml cleanup for <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a></li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/9dffa3d7d43e11ee1abfa86c7bf9b1886fc23e11"><code>9dffa3d</code></a> pom.xml cleanup for <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a></li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/a68b42edf1465f1888c42263dac5547622ebd4cc"><code>a68b42e</code></a> List of value classes in Kotlin. Fixes <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a></li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/95fa3bbb71859e428092034efbb3deae9bf4c892"><code>95fa3bb</code></a> Regression: <a href="https://github.com/Header"><code>@Header</code></a>(schema = <a href="https://github.com/Schema"><code>@Schema</code></a>(type = "string")) generates empty or bro...</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/3d056d8c55ec3139fc3e2d4a2f0eed7d8384d5f0"><code>3d056d8</code></a> Build Failure due to Private Inner Class. Fixes <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>, <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a></li> <li>Additional commits viewable in <a href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.8">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d12aca0ca6 |
Bump org.postgresql:postgresql from 42.7.5 to 42.7.6 (#3629)
Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from 42.7.5 to 42.7.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pgjdbc/pgjdbc/releases">org.postgresql:postgresql's releases</a>.</em></p> <blockquote> <h2>v42.7.6</h2> <h2>Changes</h2> <ul> <li>Prepare release notes for release 42_7_6 (new format) <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3628">#3628</a>)</li> <li>fix: isValid incorrectly called execute, instead of executeWithFlags fixes Issue <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3630">#3630</a> <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3631">#3631</a>)</li> <li>add override <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3629">#3629</a>)</li> <li>add the ability to turn off automatic LSN flush <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3403">#3403</a>)</li> <li>test: add tests with reWriteBatchedInserts=true <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3616">#3616</a>)</li> <li>test: add CI executions with adaptive_fetch=true by default <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3615">#3615</a>)</li> <li>test: simplify TestUtil.openDB, add tests with various assumeMinServerVersion values <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3614">#3614</a>)</li> <li>Deprecate group startup parms <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3613">#3613</a>)</li> <li>Add back application name setting <a href="https://github.com/joejensen"><code>@joejensen</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3509">#3509</a>)</li> <li>Copr: Use Java 21 as the build dependency <a href="https://github.com/mkoncek"><code>@mkoncek</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3607">#3607</a>)</li> <li>fix indentation of return child to allow built pass in Checkstyle's CIs <a href="https://github.com/mohitsatr"><code>@mohitsatr</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3611">#3611</a>)</li> <li>Set column name explicitely when using <code>current_database()</code> in queries <a href="https://github.com/kneth"><code>@kneth</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3526">#3526</a>)</li> <li>add PgMessageType and use static variables for protocol literals <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3609">#3609</a>)</li> <li>Handle protocol 3.2 and wider cancel keys. <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3592">#3592</a>)</li> <li>refactor empty resultset to use empty result set if the catalog is not correct <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3588">#3588</a>)</li> <li>Use query to find the current catalog instead of relying on the database in the connection URL or connection properties as this could be different if connected through a pooler or proxy <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3565">#3565</a>)</li> <li>ci: add Java 24 tests <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3580">#3580</a>)</li> <li>docs: Relabel 42.7.4 as past version as it is no longer the latest <a href="https://github.com/sehrope"><code>@sehrope</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3586">#3586</a>)</li> <li>test: remove stale logging message from SslTest <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3584">#3584</a>)</li> <li>chore: appply the latest byte-buddy version for tests so we support the latest Java versions <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3583">#3583</a>)</li> <li>fix: make PgConnection#abort compatible with Java 24 <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3582">#3582</a>)</li> <li>chore(deps): update plugin com.github.burrunan.s3-build-cache to v1.8.5 <a href="https://github.com/renovate-bot"><code>@renovate-bot</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3573">#3573</a>)</li> <li>Fix JavadocTagContinuationIndentation in AfterBeforeParameterResolver <a href="https://github.com/Anmol202005"><code>@Anmol202005</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3566">#3566</a>)</li> <li>Revert "use in row values instead of union all (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3510">#3510</a>)" <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3524">#3524</a>)</li> <li>use in row values instead of union all <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3510">#3510</a>)</li> <li>feat: enhanced DatabaseMetadata.getIndexInfo() method, added index comment as REMARKS property <a href="https://github.com/raminorujov"><code>@raminorujov</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3513">#3513</a>)</li> <li>Nit: correct message in main.yml test action <a href="https://github.com/ecki"><code>@ecki</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3503">#3503</a>)</li> <li>chore: use import instead of require to support modern NodeJS <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3502">#3502</a>)</li> <li>chore: use PostgreSQL 17 rather than 17rc1 for CI tests <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3501">#3501</a>)</li> <li>chore: add ErrorProne verification to catch bugs ealier <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3493">#3493</a>)</li> <li>fix: ArrayIndexOutOfBounds when write big object into GSS enabled connection, make GSSInputStream robust in face of streams that produce incomplete reads <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3500">#3500</a>)</li> <li>refactor: factor out duplicated .getBytes() when converting date/time to Date/Time/Timestamp <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3497">#3497</a>)</li> <li>chore: exclude Oracle Java 17 from CI tests <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3499">#3499</a>)</li> <li>chore: remove unused Travis CI configuration <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3498">#3498</a>)</li> <li>Undeprecate sslfactoryarg connection property <a href="https://github.com/sehrope"><code>@sehrope</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3496">#3496</a>)</li> <li>fix:Fix sending extra_float_digits <a href="https://github.com/davecramer"><code>@davecramer</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3491">#3491</a>)</li> </ul> <h2>🐛 Bug Fixes</h2> <ul> <li>fix: EOFException on PreparedStatement#toString with unset bytea parameter since 42.7.4 <a href="https://github.com/MrEasy"><code>@MrEasy</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3369">#3369</a>)</li> </ul> <h2>🧰 Maintenance</h2> <ul> <li>chore: use Java 21 for building pgjdbc by default <a href="https://github.com/vlsi"><code>@vlsi</code></a> (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3612">#3612</a>)</li> </ul> <h2>⬆️ Dependencies</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md">org.postgresql:postgresql's changelog</a>.</em></p> <blockquote> <h2>[42.7.6]</h2> <h4>Features</h4> <ul> <li>fix: Enhanced DatabaseMetadata.getIndexInfo() method, added index comment as REMARKS property [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3513">#3513</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3513">pgjdbc/pgjdbc#3513</a>)</li> </ul> <h3>Performance Improvements</h3> <ul> <li>performance: Improve ResultSetMetadata.fetchFieldMetaData by using IN row values instead of UNION ALL for improved query performance (later reverted) [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3510">#3510</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3510">pgjdbc/pgjdbc#3510</a>)</li> <li>feat:Use a single simple query for all startup parameters, so groupStartupParameters is no longer needed [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3613">#3613</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3613">pgjdbc/pgjdbc#3613</a>)</li> <li></li> </ul> <h2>Bug Fixes</h2> <h3>Protocol & Connection Handling</h3> <ul> <li>fix: Send extra_float_digits=3 for PostgreSQL 12+ as well [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3491">#3491</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3491">pgjdbc/pgjdbc#3491</a>)</li> <li>fix: Fixed handling of protocol 3.2 and wider cancel keys [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3592">#3592</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3592">pgjdbc/pgjdbc#3592</a>)</li> <li>fix: Made PgConnection#abort compatible with Java 24 [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3582">#3582</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3582">pgjdbc/pgjdbc#3582</a>)</li> <li>fix: Fixed ArrayIndexOutOfBounds when writing big objects into GSS enabled connections [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3500">#3500</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3500">pgjdbc/pgjdbc#3500</a>)</li> <li>fix: Added back application name setting [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3509">#3509</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3509">pgjdbc/pgjdbc#3509</a>)</li> </ul> <h3>Metadata & Catalog Handling</h3> <ul> <li>fix: Set column name explicitly when using current_database() in queries [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3526">#3526</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3526">pgjdbc/pgjdbc#3526</a>)</li> <li>fix: Use query to find the current catalog instead of relying on the database in the connection URL [pull <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3565">#3565</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3565">pgjdbc/pgjdbc#3565</a>)</li> <li>fix: Refactored empty resultset to use empty result set if the catalog is not correct [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3588">#3588</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3588">pgjdbc/pgjdbc#3588</a>)</li> </ul> <h3>API Improvements</h3> <ul> <li>fix: Undeprecated Fastpath API and fixed deprecation warnings [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3493">#3493</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3493">pgjdbc/pgjdbc#3493</a>)</li> <li>fix: Undeprecated sslfactoryarg [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3496">#3496</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3496">pgjdbc/pgjdbc#3496</a>)</li> <li>fix: Added PgMessageType and used static variables for protocol literals [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3609">#3609</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3609">pgjdbc/pgjdbc#3609</a>)</li> <li>fix: Add the ability to turn off automatic LSN flush [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3403">#3403</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3403">pgjdbc/pgjdbc#3403</a>)</li> <li>fix: isValid incorrectly called execute, instead of executeWithFlags [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3631">#3631</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3631">pgjdbc/pgjdbc#3631</a>). Fixes [Issue <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3630">#3630</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3630">pgjdbc/pgjdbc#3630</a>)</li> <li>fix: EOFException on PreparedStatement#toString with unset bytea parameter since 42.7.4 <a href="https://github.com/pgjdbc/pgjdbc/commit/0a88ea425e86dce691a96d6aa7023c20ac887b98">Commit 0a88ea4</a>. Fixes [Issue <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3365">#3365</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3365">pgjdbc/pgjdbc#3365</a>)</li> </ul> <h2>Infrastructure & Build Improvements</h2> <h3>Java Support</h3> <ul> <li>update: Updated to use Java 21 for building pgjdbc by default [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3612">#3612</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3612">pgjdbc/pgjdbc#3612</a>)</li> <li>update: Updated Java 21 as the build dependency for copr [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3607">#3607</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3607">pgjdbc/pgjdbc#3607</a>)</li> <li>update: Updated latest JDK to version 24 [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3580">#3580</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3580">pgjdbc/pgjdbc#3580</a>)</li> <li>update: Applied the latest byte-buddy version for tests to support the latest Java versions [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3583">#3583</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3583">pgjdbc/pgjdbc#3583</a>)</li> </ul> <h3>Testing & Quality</h3> <ul> <li>test: Added ErrorProne verification to detect bugs earlier [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3493">#3493</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3493">pgjdbc/pgjdbc#3493</a>)</li> <li>test: Simplified TestUtil.openDB, added tests with various assumeMinServerVersion values [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3624">#3624</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3614">pgjdbc/pgjdbc#3614</a>)</li> <li>test: Updated to use PostgreSQL 17 rather than 17rc1 for CI tests [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3501">#3501</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3501">pgjdbc/pgjdbc#3501</a>)</li> <li>test: Removed stale logging message from SslTest [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3584">#3584</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3584">pgjdbc/pgjdbc#3584</a>)</li> <li>test: Added CI executions with adaptive_fetch=true by default for performance testing [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3615">#3615</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3615">pgjdbc/pgjdbc#3615</a>)</li> <li>test: Added tests with reWriteBatchedInserts=true [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3616">#3616</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3616">pgjdbc/pgjdbc#3616</a>)</li> </ul> <h3>Code Quality</h3> <ul> <li>doc: Fixed javadoc warnings [PR <a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3493">#3493</a>](<a href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3493">pgjdbc/pgjdbc#3493</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/689708f96d446993cd264cbf5bd5696a726cf8b7"><code>689708f</code></a> Prepare release notes for release 42_7_6 (new format) (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3628">#3628</a>)</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/0a88ea425e86dce691a96d6aa7023c20ac887b98"><code>0a88ea4</code></a> fix: EOFException on PreparedStatement#toString with unset bytea parameter si...</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/2de9b943c693c745ea9280444d72b408165caa11"><code>2de9b94</code></a> fix: make sure Connection.isValid correctly uses executeWithFlags fixes Issu...</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/d9e20874590f59543c39a99b824e09344f00a813"><code>d9e2087</code></a> add override (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3629">#3629</a>)</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/665b27b8656c8288d9d6c1f8e8d6a7072c238d64"><code>665b27b</code></a> add the ability to turn off automatic LSN flush (<a href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3403">#3403</a>)</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/253c68243c9794644d3cbd9d61b4505b9d079ea5"><code>253c682</code></a> chore(deps): update burrunan/gradle-cache-action action to v3</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/2d1ae0cbd44660a9d172c9b4a90e16e198f43d43"><code>2d1ae0c</code></a> chore(deps): update plugin com.gradle.develocity to v4</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/baeb89321b26a1a13d430d50ed1102ba80bff183"><code>baeb893</code></a> fix(deps): update dependency org.openrewrite.rewrite:org.openrewrite.rewrite....</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/e24d599952af46cca3c03ced4f574c7e205bdda0"><code>e24d599</code></a> fix(deps): update dependency com.google.errorprone:error_prone_core to v2.38.0</li> <li><a href="https://github.com/pgjdbc/pgjdbc/commit/1617c68d510b86cd5500b0e9d1a1427156bffcbf"><code>1617c68</code></a> fix(deps): update dependency net.ltgt.errorprone:net.ltgt.errorprone.gradle.p...</li> <li>Additional commits viewable in <a href="https://github.com/pgjdbc/pgjdbc/compare/REL42.7.5...REL42.7.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
5ec78b5425 |
Bump org.springframework.boot:spring-boot-dependencies from 3.4.5 to 3.5.0 (#3627)
Bumps [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 3.4.5 to 3.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-dependencies's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
3bec51f4e5 |
Bump com.diffplug.spotless from 7.0.3 to 7.0.4 (#3626)
Bumps com.diffplug.spotless from 7.0.3 to 7.0.4. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d83d8b4748 |
Bump ossf/scorecard-action from 2.4.1 to 2.4.2 (#3625)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's releases</a>.</em></p> <blockquote> <h2>v2.4.2</h2> <h2>What's Changed</h2> <p>This update bumps the Scorecard version to the v5.2.1 release. For a complete list of changes, please refer to the Scorecard <a href="https://github.com/ossf/scorecard/releases/tag/v5.2.0">v5.2.0</a> and <a href="https://github.com/ossf/scorecard/releases/tag/v5.2.1">v5.2.1</a> release notes.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/ossf/scorecard-action/compare/v2.4.1...v2.4.2">https://github.com/ossf/scorecard-action/compare/v2.4.1...v2.4.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ossf/scorecard-action/commit/05b42c624433fc40578a4040d5cf5e36ddca8cde"><code>05b42c6</code></a> 🌱 bump docker to ghcr v2.4.2 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1548">#1548</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/b225da6b2b97811a123bb34532642f3ad6a4f011"><code>b225da6</code></a> Bump github.com/ossf/scorecard/v5 from v5.2.0 to v5.2.1 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1550">#1550</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/9399f6f42496e38fbb8dbcf85e17223226a5dafe"><code>9399f6f</code></a> 🌱 Bump the docker-images group across 1 directory with 2 updates (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1">#1</a>...</li> <li><a href="https://github.com/ossf/scorecard-action/commit/e1daa8c5c7ed469dbb0167e261ed1c9fa673a9ae"><code>e1daa8c</code></a> 🌱 Bump the github-actions group across 1 directory with 5 updates (#...</li> <li><a href="https://github.com/ossf/scorecard-action/commit/9fe6511b9b36af3b03200e49cf8fb09d261b5402"><code>9fe6511</code></a> 🌱 Bump golang.org/x/net from 0.39.0 to 0.40.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1542">#1542</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/25b9cd9cd11610dcac11e59afed9910714b12129"><code>25b9cd9</code></a> 🌱 Bump github.com/ossf/scorecard/v5 from v5.1.1 to v5.2.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1547">#1547</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/18cc9b81307fc5ab3c2cd7092955f06dcfdf8c42"><code>18cc9b8</code></a> 🌱 Bump golang.org/x/net from 0.38.0 to 0.39.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1536">#1536</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/db7814227b097a902957aa24d989c6e473613a8e"><code>db78142</code></a> 🌱 Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1538">#1538</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/de386ed459e2f85111697f50fe076d0ea617a32f"><code>de386ed</code></a> 🌱 Bump golang from 1.24.1 to 1.24.2 in the docker-images group (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1534">#1534</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/5b7cedba4eccfb66a6277e40cbe18d1d559ecc00"><code>5b7cedb</code></a> 🌱 Bump github.com/sigstore/cosign/v2 from 2.4.3 to 2.5.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1537">#1537</a>)</li> <li>Additional commits viewable in <a href="https://github.com/ossf/scorecard-action/compare/f49aabe0b5af0936a0987cfb85d86b75731b0186...05b42c624433fc40578a4040d5cf5e36ddca8cde">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
03d27013d6 |
Bump alpine from 3.21.3 to 3.22.0 (#3623)
Bumps alpine from 3.21.3 to 3.22.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
679ecdd50d |
Bump docker/build-push-action from 6.17.0 to 6.18.0 (#3624)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.17.0 to 6.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.18.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.61.0 to 0.62.1 in <a href="https://redirect.github.com/docker/build-push-action/pull/1381">docker/build-push-action#1381</a></li> </ul> <blockquote> <p>[!NOTE] <a href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build summary</a> is now supported with <a href="https://docs.docker.com/build-cloud/">Docker Build Cloud</a>.</p> </blockquote> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0">https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/263435318d21b8e681c14492fe198d362a7d2c83"><code>2634353</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1381">#1381</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/c0432d2e016ab17a336cee48256683e74d5c4c9e"><code>c0432d2</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/0bb1f27d6b9fc90993f41febd9b53ee89397d3f8"><code>0bb1f27</code></a> set builder driver and endpoint attributes for dbc summary support</li> <li><a href="https://github.com/docker/build-push-action/commit/5f9dbf956c8481ecf630d0e53941d9d3afaa53bb"><code>5f9dbf9</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.61.0 to 0.62.1</li> <li><a href="https://github.com/docker/build-push-action/commit/0788c444d8b4d67580213712e34a148cae3a6c4e"><code>0788c44</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1375">#1375</a> from crazy-max/remove-gcr</li> <li><a href="https://github.com/docker/build-push-action/commit/aa179ca4f405fed7a76dad90a23bd02d6f2a8d2d"><code>aa179ca</code></a> e2e: remove GCR</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/1dc73863535b631f98b2378be8619f83b136f4a0...263435318d21b8e681c14492fe198d362a7d2c83">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
feb84f001c |
Bump org.springframework.session:spring-session-core from 3.4.3 to 3.5.0 (#3591)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [org.springframework.session:spring-session-core](https://github.com/spring-projects/spring-session) from 3.4.3 to 3.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-session/releases">org.springframework.session:spring-session-core's releases</a>.</em></p> <blockquote> <h2>3.5.0</h2> <h2>🪲 Bug Fixes</h2> <ul> <li>Fix Race Condition in Integration Tests Using Redis SessionEventRegistry <a href="https://redirect.github.com/spring-projects/spring-session/issues/3400">#3400</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump com.fasterxml.jackson.core:jackson-databind from 2.18.3 to 2.18.4 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3393">#3393</a></li> <li>Bump io.projectreactor:reactor-bom from 2024.0.5 to 2024.0.6 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3395">#3395</a></li> <li>Bump io.projectreactor:reactor-core from 3.6.16 to 3.6.17 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3394">#3394</a></li> <li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to 1.0.6 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3392">#3392</a></li> <li>Bump io.spring.javaformat:spring-javaformat-checkstyle from 0.0.43 to 0.0.45 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3402">#3402</a></li> <li>Bump io.spring.javaformat:spring-javaformat-gradle-plugin from 0.0.43 to 0.0.45 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3404">#3404</a></li> <li>Bump org.springframework.data:spring-data-bom from 2025.0.0-RC1 to 2025.0.1-SNAPSHOT <a href="https://redirect.github.com/spring-projects/spring-session/pull/3397">#3397</a></li> <li>Bump org.springframework.security:spring-security-bom from 6.5.0-RC1 to 6.5.1-SNAPSHOT <a href="https://redirect.github.com/spring-projects/spring-session/pull/3401">#3401</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3403">#3403</a></li> <li>Spring Security 6.5.0 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3406">#3406</a></li> <li>Update to Spring Data 2025.0.0 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3405">#3405</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/rwinch"><code>@rwinch</code></a></p> <h2>3.5.0-RC1</h2> <h2>⭐ New Features</h2> <ul> <li>Introduce CompositeHttpSessionIdResolver <a href="https://redirect.github.com/spring-projects/spring-session/pull/3264">#3264</a></li> <li>Start JDBC transactions only when there is an update <a href="https://redirect.github.com/spring-projects/spring-session/pull/3330">#3330</a></li> </ul> <h2>🪲 Bug Fixes</h2> <ul> <li>Explicitly use junit-platform-launcher <a href="https://redirect.github.com/spring-projects/spring-session/issues/3367">#3367</a></li> <li>Fix jdbc session with special characters <a href="https://redirect.github.com/spring-projects/spring-session/pull/3316">#3316</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump io.projectreactor:reactor-bom from 2024.0.4 to 2024.0.5 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3380">#3380</a></li> <li>Bump io.projectreactor:reactor-core from 3.6.15 to 3.6.16 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3381">#3381</a></li> <li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to 1.0.4 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3377">#3377</a></li> <li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.4 to 1.0.5 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3387">#3387</a></li> <li>Bump org.aspectj:aspectjweaver from 1.9.23 to 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3378">#3378</a></li> <li>Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3369">#3369</a></li> <li>Bump org.mariadb.jdbc:mariadb-java-client from 3.5.2 to 3.5.3 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3371">#3371</a></li> <li>Bump org.springframework.boot:spring-boot-gradle-plugin from 3.5.0-M3 to 3.5.0-SNAPSHOT <a href="https://redirect.github.com/spring-projects/spring-session/pull/3373">#3373</a></li> <li>Bump org.springframework.data:spring-data-bom from 2025.0.0-M2 to 2025.0.0-SNAPSHOT <a href="https://redirect.github.com/spring-projects/spring-session/pull/3372">#3372</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3384">#3384</a></li> <li>Update to Spring Boot 3.5.0 (dependencies) <a href="https://redirect.github.com/spring-projects/spring-session/issues/3368">#3368</a></li> <li>Update to Spring Security 6.5.0-rc1 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3386">#3386</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-session/commit/817b17251ab34a473a03b9707f55c42d687c7758"><code>817b172</code></a> Release 3.5.0</li> <li><a href="https://github.com/spring-projects/spring-session/commit/5a9c22000aa1ed5f38dea04ec99883a71728875b"><code>5a9c220</code></a> Update to Spring Security 6.5.0</li> <li><a href="https://github.com/spring-projects/spring-session/commit/ce5efb7e51910a49591c015c8a1a2bbf67b73fd3"><code>ce5efb7</code></a> Update to Spring Data 2025.0.0</li> <li><a href="https://github.com/spring-projects/spring-session/commit/d6391a8a42c03f4307eea2edfb926d7310b11632"><code>d6391a8</code></a> Revert "Bump io.spring.javaformat:spring-javaformat-checkstyle"</li> <li><a href="https://github.com/spring-projects/spring-session/commit/f75cd2454a5d52406d8e8c4822ee654fbd72309f"><code>f75cd24</code></a> Revert "Bump org.springframework.security:spring-security-bom"</li> <li><a href="https://github.com/spring-projects/spring-session/commit/ca4694310104e6ecb76e089805fc0810788e5efe"><code>ca46943</code></a> Bump org.springframework.security:spring-security-bom</li> <li><a href="https://github.com/spring-projects/spring-session/commit/bf09912a7f697168a21a90ba47ab275a765f8608"><code>bf09912</code></a> Bump io.spring.javaformat:spring-javaformat-checkstyle</li> <li><a href="https://github.com/spring-projects/spring-session/commit/ae2f60668bcf026e651ee65589ecf6a1c082bffc"><code>ae2f606</code></a> Bump io.spring.javaformat:spring-javaformat-gradle-plugin</li> <li><a href="https://github.com/spring-projects/spring-session/commit/05e9a3ec755d212de4dff85811ea8e2c27ec9c28"><code>05e9a3e</code></a> Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7</li> <li><a href="https://github.com/spring-projects/spring-session/commit/6fb972d633e144ef3c9eea8577e0074e24caab8b"><code>6fb972d</code></a> Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to 1.0.6</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-session/compare/3.4.3...3.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
8c061ea644 |
Bump springBootVersion from 3.4.5 to 3.5.0 (#3592)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps `springBootVersion` from 3.4.5 to 3.5.0. Updates `org.springframework.boot:spring-boot-starter-web` from 3.4.5 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-web's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.4.5 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-jetty's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.4.5 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-thymeleaf's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-security` from 3.4.5 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-security's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.4.5 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-data-jpa's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-oauth2-client` from 3.4.5 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-oauth2-client's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-mail` from 3.4.5 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-mail's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-test` from 3.4.5 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-test's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a... _Description has been truncated_ Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
ea5515b614 |
Bump org.mockito:mockito-core from 5.17.0 to 5.18.0 (#3593)
Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.17.0 to 5.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mockito/mockito/releases">org.mockito:mockito-core's releases</a>.</em></p> <blockquote> <h2>v5.18.0</h2> <p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog generated by <a href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h4>5.18.0</h4> <ul> <li>2025-05-20 - <a href="https://github.com/mockito/mockito/compare/v5.17.0...v5.18.0">5 commit(s)</a> by Eugene Platonov, Patrick Doyle, Tim van der Lippe, dependabot[bot]</li> <li>Make vararg checks Scala friendly (for mockito-scala) [(<a href="https://redirect.github.com/mockito/mockito/issues/3651">#3651</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3651">mockito/mockito#3651</a>)</li> <li>For UnfinishedStubbingException, suggest the possibility of another thread [(<a href="https://redirect.github.com/mockito/mockito/issues/3636">#3636</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3636">mockito/mockito#3636</a>)</li> <li>UnfinishedStubbingException ought to suggest the possibility of another thread [(<a href="https://redirect.github.com/mockito/mockito/issues/3635">#3635</a>)](<a href="https://redirect.github.com/mockito/mockito/issues/3635">mockito/mockito#3635</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mockito/mockito/commit/06737471ea19ca023581351eeac778ffbce8da74"><code>0673747</code></a> Force Jacoco version for Android</li> <li><a href="https://github.com/mockito/mockito/commit/65388f01eb8a555c4df5dec692ba9abf8a2591b8"><code>65388f0</code></a> Update Jacoco version to 0.8.13</li> <li><a href="https://github.com/mockito/mockito/commit/60179ca10dbd29ff959d7eae670ce95b3f19f5fd"><code>60179ca</code></a> Bump bytebuddy from 1.15.11 to 1.16.1</li> <li><a href="https://github.com/mockito/mockito/commit/8f15169774cb639b5757f121f27d6c0d8ca18c97"><code>8f15169</code></a> Make vararg checks Scala friendly (<a href="https://redirect.github.com/mockito/mockito/issues/3651">#3651</a>)</li> <li><a href="https://github.com/mockito/mockito/commit/3a631cb87082fff212bc00c00970508b4ce63072"><code>3a631cb</code></a> Add hint for multithreading in <code>UnfinishedStubbingException</code> (<a href="https://redirect.github.com/mockito/mockito/issues/3636">#3636</a>)</li> <li>See full diff in <a href="https://github.com/mockito/mockito/compare/v5.17.0...v5.18.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b1a6e1b481 |
Bump org.springframework.boot from 3.4.5 to 3.5.0 (#3594)
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.4.5 to 3.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <p>Full <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.5-Release-Notes">release notes for Spring Boot 3.5</a> are available on the wiki.</p> <h2>⭐ New Features</h2> <ul> <li>Make heapdump endpoint restricted by default <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45624">#45624</a></li> <li>Remove SSL status tag from metrics <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45602">#45602</a></li> <li>Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45507">#45507</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Unable to override/set nested ConfigurationProperties by passing as a system property <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45639">#45639</a></li> <li>ValidationAutoConfiguration triggers early initialization of properties binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45618">#45618</a></li> <li>Micrometer "enable" annotations property does not cover observed aspect <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45617">#45617</a></li> <li>spring.graphql.sse.timeout is no longer exposed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45613">#45613</a></li> <li>SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45549">#45549</a></li> <li>IllegalStateException when extracting using layers a module with no code of its own <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45449">#45449</a></li> <li>Removed spring.batch.initialize-schema property is still considered <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45380">#45380</a></li> <li>ReactorHttpClientBuilder does not offer a factory method to create the HttpClient <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45378">#45378</a></li> <li>Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45351">#45351</a></li> <li>Custom default units declared on a field are ignored when binding properties in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45347">#45347</a></li> <li>DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45345">#45345</a></li> <li>Various spring.datasource properties are mistakenly marked as ignored <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45342">#45342</a></li> <li>JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45297">#45297</a></li> <li>DockerRegistryConfigAuthentication does not align with Docker CLI <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45292">#45292</a></li> <li>Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password <a href="https://redirect.github.com/spring-projects/spring-boot/pull/45290">#45290</a></li> <li>CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method <a href="https://redirect.github.com/spring-projects/spring-boot/issues/32622">#32622</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document the java info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45634">#45634</a></li> <li>Document the process info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45632">#45632</a></li> <li>Document the os info contribution <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45630">#45630</a></li> <li>Document typical spring.application.group and name use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45628">#45628</a></li> <li>Document that bean methods should be static when annotated with <code>@ConfigurationPropertiesBinding</code> <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45626">#45626</a></li> <li>Document the way that primary Kotlin constructors are used when binding <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45553">#45553</a></li> <li>Improve "profile" reference documentation with additional admonitions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45551">#45551</a></li> <li>Improve setEnvironmentPrefix(...) reference documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45376">#45376</a></li> <li>Document all the available Testcontainers integrations <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45367">#45367</a></li> <li>Document when a spring.config.import value is relative and when it is fixed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45363">#45363</a></li> <li>Update org.cyclonedx.bom version in docs to 2.3.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45320">#45320</a></li> <li>Update link to "Parameter Name Retention" section of Spring Framework's release notes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45299">#45299</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Prevent upgrade to Prometheus Client 1.3.7 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45541">#45541</a></li> <li>Upgrade to Couchbase Client 3.8.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45539">#45539</a></li> <li>Upgrade to Elasticsearch 8.18.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45447">#45447</a></li> <li>Upgrade to GraphQL Java 24.0 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45588">#45588</a></li> <li>Upgrade to Hibernate 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45540">#45540</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/8c2d6453243f319accaef7a190ff8ddf89f482a2"><code>8c2d645</code></a> Release v3.5.0</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0b49e78c21f5afaf2db23bea2a1f8b369b3d92a7"><code>0b49e78</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c684fa4050d89a505f28257fef5462745671b6e5"><code>c684fa4</code></a> Switch <code>make-default</code> for publish-to-sdkman to 3.5.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/569519285046967a85f20cefe4200fcfc35a21c8"><code>5695192</code></a> Ensure descendants are always recalculated on cache refresh</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/31f549efc699e8f2f597ddf08bb572ad9a74b358"><code>31f549e</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/68df6f594167d760e67dd97eed0783e3f3a5fafd"><code>68df6f5</code></a> Next development version (v3.4.7-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/9f46877c7ea17452f1f744281aa0008fadcc82f9"><code>9f46877</code></a> Merge branch '3.4.x'</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/404a0df5e8cffad3c9cbc896b0382347586102bf"><code>404a0df</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/e331846302f763905e9e0d3cf96438f60c7bd3c4"><code>e331846</code></a> Next development version (v3.3.13-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/b142798bdb8dde5d8a6ab01e70d6d78c1a6752c7"><code>b142798</code></a> Merge branch '3.4.x'</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.5...v3.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d59e39b4b6 |
Bump org.mockito:mockito-core from 5.11.0 to 5.17.0 (#3551)
Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.11.0 to 5.17.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mockito/mockito/releases">org.mockito:mockito-core's releases</a>.</em></p> <blockquote> <h2>v5.17.0</h2> <p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog generated by <a href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h4>5.17.0</h4> <ul> <li>2025-04-04 - <a href="https://github.com/mockito/mockito/compare/v5.16.1...v5.17.0">7 commit(s)</a> by Adrian Roos, Andre Kurait, Jan Ouwens, Rafael Winterhalter, Taeik Lim, Thach Le, Tim van der Lippe</li> <li>Fixes <a href="https://redirect.github.com/mockito/mockito/issues/3631">#3631</a>: Fix broken banner image link [(<a href="https://redirect.github.com/mockito/mockito/issues/3632">#3632</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3632">mockito/mockito#3632</a>)</li> <li>Banner image is broken [(<a href="https://redirect.github.com/mockito/mockito/issues/3631">#3631</a>)](<a href="https://redirect.github.com/mockito/mockito/issues/3631">mockito/mockito#3631</a>)</li> <li>Update exception message with mockito-inline [(<a href="https://redirect.github.com/mockito/mockito/issues/3628">#3628</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3628">mockito/mockito#3628</a>)</li> <li>Clarify structure of commit messages [(<a href="https://redirect.github.com/mockito/mockito/issues/3626">#3626</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3626">mockito/mockito#3626</a>)</li> <li>Fixes <a href="https://redirect.github.com/mockito/mockito/issues/3622">#3622</a>: MockitoExtension fails cleanup when aborted before setup [(<a href="https://redirect.github.com/mockito/mockito/issues/3623">#3623</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3623">mockito/mockito#3623</a>)</li> <li>MockitoExtension fails cleanup when aborted before setup [(<a href="https://redirect.github.com/mockito/mockito/issues/3622">#3622</a>)](<a href="https://redirect.github.com/mockito/mockito/issues/3622">mockito/mockito#3622</a>)</li> <li>Since mockito-inline has been removed, the exception messages with <code>mockito-inline</code> should be modified. [(<a href="https://redirect.github.com/mockito/mockito/issues/3621">#3621</a>)](<a href="https://redirect.github.com/mockito/mockito/issues/3621">mockito/mockito#3621</a>)</li> <li>Fixes <a href="https://redirect.github.com/mockito/mockito/issues/3171">#3171</a>: Fall back to Throwable Location strategy on Android [(<a href="https://redirect.github.com/mockito/mockito/issues/3619">#3619</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3619">mockito/mockito#3619</a>)</li> <li>Fixes <a href="https://redirect.github.com/mockito/mockito/issues/3615">#3615</a> : broken links to javadoc.io [(<a href="https://redirect.github.com/mockito/mockito/issues/3616">#3616</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3616">mockito/mockito#3616</a>)</li> <li>Broken links to javadoc.io [(<a href="https://redirect.github.com/mockito/mockito/issues/3615">#3615</a>)](<a href="https://redirect.github.com/mockito/mockito/issues/3615">mockito/mockito#3615</a>)</li> <li>Mocks are not working on particular devices after update Android SDK from 33 to 34 [(<a href="https://redirect.github.com/mockito/mockito/issues/3171">#3171</a>)](<a href="https://redirect.github.com/mockito/mockito/issues/3171">mockito/mockito#3171</a>)</li> </ul> <h2>v5.16.1</h2> <p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog generated by <a href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h4>5.16.1</h4> <ul> <li>2025-03-15 - <a href="https://github.com/mockito/mockito/compare/v5.16.0...v5.16.1">3 commit(s)</a> by Adrian Roos, Jérôme Prinet, Rafael Winterhalter</li> <li>Remove Arrays.asList from critical stubbing path in GenericMetadataSu… [(<a href="https://redirect.github.com/mockito/mockito/issues/3610">#3610</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3610">mockito/mockito#3610</a>)</li> <li>Rework of injection strategy in the context of modules [(<a href="https://redirect.github.com/mockito/mockito/issues/3608">#3608</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3608">mockito/mockito#3608</a>)</li> <li>Adjust inline mocking snippet to allow task relocatability [(<a href="https://redirect.github.com/mockito/mockito/issues/3606">#3606</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3606">mockito/mockito#3606</a>)</li> <li>Inline mocking configuration snippet for Gradle should allow task relocatability [(<a href="https://redirect.github.com/mockito/mockito/issues/3605">#3605</a>)](<a href="https://redirect.github.com/mockito/mockito/issues/3605">mockito/mockito#3605</a>)</li> </ul> <h2>v5.16.0</h2> <p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog generated by <a href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h4>5.16.0</h4> <ul> <li>2025-03-03 - <a href="https://github.com/mockito/mockito/compare/v5.15.2...v5.16.0">10 commit(s)</a> by Brice Dutheil, Rafael Winterhalter, TDL, dependabot[bot]</li> <li>Add support for including module-info in Mockito. [(<a href="https://redirect.github.com/mockito/mockito/issues/3597">#3597</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3597">mockito/mockito#3597</a>)</li> <li>Bump com.gradle.develocity from 3.19 to 3.19.1 [(<a href="https://redirect.github.com/mockito/mockito/issues/3579">#3579</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3579">mockito/mockito#3579</a>)</li> <li>Bump org.assertj:assertj-core from 3.27.2 to 3.27.3 [(<a href="https://redirect.github.com/mockito/mockito/issues/3577">#3577</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3577">mockito/mockito#3577</a>)</li> <li>Bump com.diffplug.spotless:spotless-plugin-gradle from 7.0.1 to 7.0.2 [(<a href="https://redirect.github.com/mockito/mockito/issues/3574">#3574</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3574">mockito/mockito#3574</a>)</li> <li>Bump com.diffplug.spotless:spotless-plugin-gradle from 6.25.0 to 7.0.1 [(<a href="https://redirect.github.com/mockito/mockito/issues/3571">#3571</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3571">mockito/mockito#3571</a>)</li> <li>Bump org.assertj:assertj-core from 3.27.1 to 3.27.2 [(<a href="https://redirect.github.com/mockito/mockito/issues/3569">#3569</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3569">mockito/mockito#3569</a>)</li> <li>Tweaks documentation on mockito agent config for maven [(<a href="https://redirect.github.com/mockito/mockito/issues/3568">#3568</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3568">mockito/mockito#3568</a>)</li> <li>Adds <code>--info</code> to diagnose closeAndReleaseStagingRepositories issues [(<a href="https://redirect.github.com/mockito/mockito/issues/3567">#3567</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3567">mockito/mockito#3567</a>)</li> <li>Refine reflection when calling management factory [(<a href="https://redirect.github.com/mockito/mockito/issues/3566">#3566</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3566">mockito/mockito#3566</a>)</li> <li>Avoid warning when dynamic attach is enabled [(<a href="https://redirect.github.com/mockito/mockito/issues/3551">#3551</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3551">mockito/mockito#3551</a>)</li> </ul> <h2>v5.15.2</h2> <p><!-- raw HTML omitted --><!-- raw HTML omitted --><em>Changelog generated by <a href="https://github.com/shipkit/shipkit-changelog">Shipkit Changelog Gradle Plugin</a></em><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h4>5.15.2</h4> <ul> <li>2025-01-02 - <a href="https://github.com/mockito/mockito/compare/v5.15.1...v5.15.2">2 commit(s)</a> by Brice Dutheil, dependabot[bot]</li> <li>Fix javadoc publication [(<a href="https://redirect.github.com/mockito/mockito/issues/3561">#3561</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3561">mockito/mockito#3561</a>)</li> <li>Bump org.assertj:assertj-core from 3.27.0 to 3.27.1 [(<a href="https://redirect.github.com/mockito/mockito/issues/3560">#3560</a>)](<a href="https://redirect.github.com/mockito/mockito/pull/3560">mockito/mockito#3560</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mockito/mockito/commit/7764992d1250f4e7f6ffd10f650dc89516139c8d"><code>7764992</code></a> Remove mention of <code>mockito-inline</code> from mockmaker exception (<a href="https://redirect.github.com/mockito/mockito/issues/3628">#3628</a>)</li> <li><a href="https://github.com/mockito/mockito/commit/ee92ad4916d9f3f6ae6836bdba5c30f8404d3d50"><code>ee92ad4</code></a> Fix broken banner image link (<a href="https://redirect.github.com/mockito/mockito/issues/3632">#3632</a>)</li> <li><a href="https://github.com/mockito/mockito/commit/3edab5283552c3c6c393d8c818c8d6a8fa1f94a5"><code>3edab52</code></a> Clarify structure of commit messages (<a href="https://redirect.github.com/mockito/mockito/issues/3626">#3626</a>)</li> <li><a href="https://github.com/mockito/mockito/commit/bfab74365e91135b2f88ccb0228372a8799d9279"><code>bfab743</code></a> Fall back to Throwable Location strategy on Android (<a href="https://redirect.github.com/mockito/mockito/issues/3619">#3619</a>)</li> <li><a href="https://github.com/mockito/mockito/commit/4f469c830b2f6ab0e1f061e9383aff2e6f9f8376"><code>4f469c8</code></a> MockitoExtension fails cleanup when aborted before setup (<a href="https://redirect.github.com/mockito/mockito/issues/3623">#3623</a>)</li> <li><a href="https://github.com/mockito/mockito/commit/1764e62102f525ff9a82b8166b8596edd25f5b7f"><code>1764e62</code></a> Update links to javadoc.io (<a href="https://redirect.github.com/mockito/mockito/issues/3616">#3616</a>)</li> <li><a href="https://github.com/mockito/mockito/commit/1e029d767b33ee8de42e58459a2c3e63ab3f7c41"><code>1e029d7</code></a> Add missing requirement to objenesis.</li> <li><a href="https://github.com/mockito/mockito/commit/d000e630775cfa45752eeb491a197283e7370621"><code>d000e63</code></a> Rework of injection strategy in the context of modules (<a href="https://redirect.github.com/mockito/mockito/issues/3608">#3608</a>)</li> <li><a href="https://github.com/mockito/mockito/commit/0215884a5e68016504be98599b3045070a558002"><code>0215884</code></a> Remove Arrays.asList from critical stubbing path in GenericMetadataSupport (#...</li> <li><a href="https://github.com/mockito/mockito/commit/d18503512b01eed650f5fdf78f7e3c02755c8ee5"><code>d185035</code></a> Add reference to Gradle documentation on how to make task relocatable (<a href="https://redirect.github.com/mockito/mockito/issues/3606">#3606</a>)</li> <li>Additional commits viewable in <a href="https://github.com/mockito/mockito/compare/v5.11.0...v5.17.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
9514370cc3 |
Bump org.gradle.toolchains.foojay-resolver-convention from 0.10.0 to 1.0.0 (#3552)
Bumps org.gradle.toolchains.foojay-resolver-convention from 0.10.0 to 1.0.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b9dd78ced6 |
Bump io.micrometer:micrometer-core from 1.14.7 to 1.15.0 (#3550)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.14.7 to 1.15.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's releases</a>.</em></p> <blockquote> <h2>1.15.0</h2> <h2>⭐ New Features</h2> <ul> <li>Further enhancement to OtlpMetricsSender <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6025">#6025</a></li> <li>Make Prometheus Metric and Label naming conventions consistent <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5923">#5923</a></li> <li>Metrics for Executors.newVirtualThreadPerTaskExecutor() <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5488">#5488</a></li> <li>Metrics for live virtual threads <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5950">#5950</a></li> <li>More flexible OTLP per meter configuration <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6099">#6099</a></li> <li>Prometheus/OpenMetrics <code>_created</code> timestamp <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/2625">#2625</a></li> <li>Make jvm.classes.unloaded description generic <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5745">#5745</a></li> <li>Use String.toLowerCase()/toUpperCase() with Locale.ROOT consistently <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5711">#5711</a></li> <li>Use failWithActualExpectedAndMessage() where possible <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5696">#5696</a></li> <li>Provide target host/port info in ObservationExecChainHandler when HttpHostConnectException is thrown <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5615">#5615</a></li> <li>Enable Gauge builders to take a subclass of Number <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5601">#5601</a></li> <li>micrometer-observation-test support for assertions on events <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5576">#5576</a></li> <li>Log delta count in addition to throughput in LoggingMeterRegistry <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5548">#5548</a></li> <li>Add peer name and port to gRPC observation contexts <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/3512">#3512</a></li> <li>Use direct equals call instead of Objects.equals wrapper <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5840">#5840</a></li> <li>Remove special handling of 404/301 from JDK HTTP client instrumentation <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5838">#5838</a></li> <li>Make Timer and LongTaskTimer output similar in LoggingMeterRegistry <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5835">#5835</a></li> <li>Remove special handling of 404 and redirection statuses from Jetty client instrumentation <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5825">#5825</a></li> <li>Log deprecation warning when creating SignalFxMeterRegistry <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5824">#5824</a></li> <li>Log metrics recording failures in CountedAspect and TimedAspect <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5820">#5820</a></li> <li>Remove special handling of 404/301 from OkHttp instrumentation <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5814">#5814</a></li> <li>Support AutoShutdownDelegatedExecutorService in ExecutorServiceMetrics <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5811">#5811</a></li> <li>Deprecate micrometer-registry-signalfx in favor of micrometer-registry-otlp <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5807">#5807</a></li> <li>Rebind <code>Log4j2Metrics</code> when <code>LoggerContext#reconfigure</code> is called <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5756">#5756</a></li> <li>Send metrics via any protocol in the OTLP Registry <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5690">#5690</a></li> <li>Improve average performance of DefaultLongTaskTimer for out-of-order stopping <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5591">#5591</a></li> <li>Improve OtlpMetricsSender API <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5994">#5994</a></li> <li>Support configuring exponential histograms at the meter level <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5459">#5459</a></li> <li>Allow TimedAspect/CountedAspect to create tags based on method result <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/3058">#3058</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Do not leak OTLP types on public-facing API <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5699">#5699</a></li> <li>micrometer-observation-test brings unnecessary JUnit dependencies, leading to conflicts <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6012">#6012</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump io.opentelemetry.proto:opentelemetry-proto from 1.4.0-alpha to 1.5.0-alpha <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5798">#5798</a></li> <li>Bump com.google.cloud:libraries-bom from 26.55.0 to 26.56.0 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5991">#5991</a></li> <li>Bump com.google.cloud:google-cloud-monitoring from 3.59.0 to 3.60.0 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5986">#5986</a></li> <li>Bump com.google.auth:google-auth-library-oauth2-http from 1.32.1 to 1.33.0 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5963">#5963</a></li> <li>Bump software.amazon.awssdk:cloudwatch from 2.29.46 to 2.30.11 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5863">#5863</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/e13042badcc34c2ca833bfd692924bd86e9d4c1e"><code>e13042b</code></a> Bump software.amazon.awssdk:cloudwatch from 2.31.40 to 2.31.41 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6228">#6228</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/571793b84ed71c90012b378b94df02fdb417ecf2"><code>571793b</code></a> Merge branch '1.14.x'</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/315c1b1817ca77b6d91b890586ae1826186b57c4"><code>315c1b1</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/a3ae027d8c6dd0fbd7851eb59a61e29341498f2b"><code>a3ae027</code></a> Bump com.tngtech.archunit:archunit-junit5 from 1.3.1 to 1.3.2 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6225">#6225</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/ac6c26f7baf6c742a5daf509113d0197a23361d0"><code>ac6c26f</code></a> Merge branch '1.14.x'</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/163203f98102e4e7bb8e9e4bc893257b162e2d49"><code>163203f</code></a> Add missing colons in "Environment" section in bug_report.md (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6223">#6223</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/1713feed26a18f676b0e9f395354e4b8688731b1"><code>1713fee</code></a> Bump maven-resolver from 1.9.22 to 1.9.23 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6222">#6222</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/e31548477ade9ab7933d2ff7f2a8817540598c5c"><code>e315484</code></a> Bump software.amazon.awssdk:cloudwatch from 2.31.39 to 2.31.40 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6221">#6221</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/d6b8d4e8472dda214252a184ff8d244a7934e13a"><code>d6b8d4e</code></a> Bump com.google.cloud:libraries-bom from 26.59.0 to 26.60.0 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6220">#6220</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/121056e6d59fb6995b65adf0b4a53aabbb47d63d"><code>121056e</code></a> Bump software.amazon.awssdk:cloudwatch from 2.31.38 to 2.31.39 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6217">#6217</a>)</li> <li>Additional commits viewable in <a href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.7...v1.15.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f50f7230d0 |
Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.5 to 6.5.0 (#3549)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security) from 6.4.5 to 6.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's releases</a>.</em></p> <blockquote> <h2>6.5.0</h2> <h2>⭐ New Features</h2> <ul> <li>Add documentation for DPoP support <a href="https://redirect.github.com/spring-projects/spring-security/issues/17072">#17072</a></li> <li>Add logging to CsrfTokenRequestHandler implementations <a href="https://redirect.github.com/spring-projects/spring-security/pull/16994">#16994</a></li> <li>Add mapping for DPoP in DefaultMapOAuth2AccessTokenResponseConverter <a href="https://redirect.github.com/spring-projects/spring-security/pull/16806">#16806</a></li> <li>Bump Gradle Wrapper from 8.13 to 8.14 <a href="https://redirect.github.com/spring-projects/spring-security/issues/17018">#17018</a></li> <li>ClientRegistrations.fromIssuerLocation does not include failure information <a href="https://redirect.github.com/spring-projects/spring-security/issues/17015">#17015</a></li> <li>Fix Typo In SubjectDnX509PrincipalExtractorTests <a href="https://redirect.github.com/spring-projects/spring-security/pull/16997">#16997</a></li> <li>Implement internal cache in JtiClaimValidator <a href="https://redirect.github.com/spring-projects/spring-security/issues/17107">#17107</a></li> <li>Polish javadoc <a href="https://redirect.github.com/spring-projects/spring-security/pull/16924">#16924</a></li> <li>Remove unused classes <a href="https://redirect.github.com/spring-projects/spring-security/pull/16935">#16935</a></li> <li>Replace NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector in Documentation <a href="https://redirect.github.com/spring-projects/spring-security/pull/16962">#16962</a></li> <li>RequestHeaderAuthenticationFilter creates a session even if not configured to do so <a href="https://redirect.github.com/spring-projects/spring-security/issues/17147">#17147</a></li> </ul> <h2>🪲 Bug Fixes</h2> <ul> <li>Add FunctionalInterface To X509PrincipalExtractor <a href="https://redirect.github.com/spring-projects/spring-security/pull/16952">#16952</a></li> <li>Change NonNull import from reactor to spring <a href="https://redirect.github.com/spring-projects/spring-security/pull/16571">#16571</a></li> <li>Fix DPoP jkt claim to be JWK SHA-256 thumbprint <a href="https://redirect.github.com/spring-projects/spring-security/pull/17080">#17080</a></li> <li>Minor error in the Handling Logouts documentation <a href="https://redirect.github.com/spring-projects/spring-security/issues/17049">#17049</a></li> <li>SecurityAnnotationScanner's method comparison should use .equals <a href="https://redirect.github.com/spring-projects/spring-security/issues/17145">#17145</a></li> <li>Use proper configuration key in Opaque Token documentation <a href="https://redirect.github.com/spring-projects/spring-security/issues/17014">#17014</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 <a href="https://redirect.github.com/spring-projects/spring-security/issues/17069">#17069</a></li> <li>Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.19.0 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16995">#16995</a></li> <li>Bump com.google.code.gson:gson from 2.13.0 to 2.13.1 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16990">#16990</a></li> <li>Bump com.webauthn4j:webauthn4j-core from 0.29.0.RELEASE to 0.29.1.RELEASE <a href="https://redirect.github.com/spring-projects/spring-security/pull/17024">#17024</a></li> <li>Bump com.webauthn4j:webauthn4j-core from 0.29.1.RELEASE to 0.29.2.RELEASE <a href="https://redirect.github.com/spring-projects/spring-security/pull/17095">#17095</a></li> <li>Bump io.micrometer:micrometer-observation from 1.14.6 to 1.14.7 <a href="https://redirect.github.com/spring-projects/spring-security/pull/17096">#17096</a></li> <li>Bump io.mockk:mockk from 1.14.0 to 1.14.2 <a href="https://redirect.github.com/spring-projects/spring-security/pull/17019">#17019</a></li> <li>Bump io.projectreactor:reactor-bom from 2023.0.17 to 2023.0.18 <a href="https://redirect.github.com/spring-projects/spring-security/issues/17111">#17111</a></li> <li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to 1.0.6 <a href="https://redirect.github.com/spring-projects/spring-security/pull/17040">#17040</a></li> <li>Bump org-apache-maven-resolver from 1.9.22 to 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-security/pull/17088">#17088</a></li> <li>Bump org-eclipse-jetty from 11.0.24 to 11.0.25 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16761">#16761</a></li> <li>Bump org.hibernate.orm:hibernate-core from 6.6.13.Final to 6.6.14.Final <a href="https://redirect.github.com/spring-projects/spring-security/pull/17089">#17089</a></li> <li>Bump org.hibernate.orm:hibernate-core from 6.6.14.Final to 6.6.15.Final <a href="https://redirect.github.com/spring-projects/spring-security/pull/17105">#17105</a></li> <li>Bump org.seleniumhq.selenium:selenium-java from 4.31.0 to 4.32.0 <a href="https://redirect.github.com/spring-projects/spring-security/pull/17037">#17037</a></li> <li>Bump org.springframework.data:spring-data-bom from 2024.1.4 to 2024.1.5 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16981">#16981</a></li> <li>Bump org.springframework.data:spring-data-bom from 2024.1.5 to 2024.1.6 <a href="https://redirect.github.com/spring-projects/spring-security/pull/17137">#17137</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 <a href="https://redirect.github.com/spring-projects/spring-security/pull/17124">#17124</a></li> </ul> <h2>🔩 Build Updates</h2> <ul> <li>Release 6.5.0 <a href="https://redirect.github.com/spring-projects/spring-security/issues/17138">#17138</a></li> </ul> <h2>❤️ Contributors</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-security/commit/0fd0e9335ae3a6ff3538045d098dd6b94679d99e"><code>0fd0e93</code></a> Release 6.5.0</li> <li><a href="https://github.com/spring-projects/spring-security/commit/78dd02a4c18502fa668ca7736581eaed8193891c"><code>78dd02a</code></a> Merge branch '6.4.x' into 6.5.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/edc8735eb8ba1c378826499db5160cea44db462a"><code>edc8735</code></a> Merge branch '6.3.x' into 6.4.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/cae3467a8d5fdf4ef0f5c2343d48aa9c48445be2"><code>cae3467</code></a> Improve AbstractPreAuthenticatedProcessingFilter docs</li> <li><a href="https://github.com/spring-projects/spring-security/commit/9a8f9a91bc1e4b97cd47dd3c61ac7451e62c15ca"><code>9a8f9a9</code></a> Merge branch '6.4.x' into 6.5.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/c972de5369a1261ab674a3f5e3a80e8ce3e8cdfb"><code>c972de5</code></a> Use .equals to Compare Methods</li> <li><a href="https://github.com/spring-projects/spring-security/commit/bf2aaa1b1830e534ba651d422545ac08a115151b"><code>bf2aaa1</code></a> Use .equals to Compare Methods</li> <li><a href="https://github.com/spring-projects/spring-security/commit/6fb0591109e3c6d9fef9ee2d1a4f215c738c22da"><code>6fb0591</code></a> Merge branch 'gradle/6.5.x/org.springframework.data-spring-data-bom-2024.1.6'...</li> <li><a href="https://github.com/spring-projects/spring-security/commit/390972c4a05b3a664c0e1b936d63712559c53a1f"><code>390972c</code></a> Merge branch '6.4.x' into 6.5.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/36905173951d20085c226b82da552ec4ff9ab9ee"><code>3690517</code></a> Merge branch 'gradle/6.4.x/org.springframework.data-spring-data-bom-2024.1.6'...</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-security/compare/6.4.5...6.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
8ecd4e9c36 |
Bump org.springframework:spring-webmvc from 6.2.6 to 6.2.7 (#3547)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.2.6 to 6.2.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-webmvc's releases</a>.</em></p> <blockquote> <h2>v6.2.7</h2> <h2>⭐ New Features</h2> <ul> <li>Forward more methods to underlying InputStream in NonClosingInputStream <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34893">#34893</a></li> <li>Introduce Spring property for the default property placeholder escape character <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34865">#34865</a></li> <li>Close ApplicationContext once AOT processing has completed <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34841">#34841</a></li> <li>Fix <code>AbstractJackson2HttpMessageConverter#getObjectMappersForType</code> nullness <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34811">#34811</a></li> <li>Add option for case-insensitive match to PatternMatchUtils <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34801">#34801</a></li> <li>RestClient <code>@RequestBody</code> parameters lose generic type information when creating HTTP service beans <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34793">#34793</a></li> <li>Adds option to set Principal in MockServerWebExchange <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34789">#34789</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Beans created by FactoryBean are not considered as autowiring candidates if another thread holds a singletonLock <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34902">#34902</a></li> <li><code>PropertySourcesPlaceholderConfigurer</code> placeholder resolution fails in several scenarios <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34861">#34861</a></li> <li>HttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34851">#34851</a></li> <li>Fragment.create() requires mutable map - which is unusable when used with Kotlin <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34848">#34848</a></li> <li>Duplicate <code>BeanOverrideHandler</code> discovered in <code>@Nested</code> test case with superclass from different class or in interface implemented multiple times <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34844">#34844</a></li> <li>Accidental ClassLoader defineClass enforcement after <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34677">#34677</a> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34824">#34824</a></li> <li>HttpEntity.EMPTY headers should not be possible to mutate via HttpHeaders constructor <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34812">#34812</a></li> <li>AbstractFileResolvingResource.exists incorrectly reports result for resources inside of spring-boot executable jar <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34796">#34796</a></li> <li>Correctly expand query param with same name from URI variables array <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34783">#34783</a></li> <li>R2DBC <code>NamedParameterUtils</code> only expands reused collection parameter once <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34768">#34768</a></li> <li><code>PathMatchingResourcePatternResolver</code> wrongly assumes that <code>target/classes</code> always exists <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34764">#34764</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Clarify <code>CompositePropertySource</code> behavior for <code>EnumerablePropertySource</code> contract <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34886">#34886</a></li> <li>Javadoc and <code>@Nullable</code> annotation for <code>servletContext</code> parameter of <code>ConfigurableWebEnvironment.initPropertySources</code> are contradictory <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34845">#34845</a></li> <li>Spring MVC: <code>@EnableAsync</code> needs to be redeclared for each ApplicationContext <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34843">#34843</a></li> <li>Provide a working example instead of unclear placeholders <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34828">#34828</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Micrometer 1.14.7 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34889">#34889</a></li> <li>Upgrade to Reactor 2024.0.6 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34898">#34898</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/Artur"><code>@Artur</code></a>-, <a href="https://github.com/blake-bauman"><code>@blake-bauman</code></a>, <a href="https://github.com/iifawzi"><code>@iifawzi</code></a>, <a href="https://github.com/kilink"><code>@kilink</code></a>, <a href="https://github.com/quaff"><code>@quaff</code></a>, <a href="https://github.com/whlit"><code>@whlit</code></a>, and <a href="https://github.com/zzoe2346"><code>@zzoe2346</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-framework/commit/ba590ac9e49b46d347dc56f4498ee436a3b5969b"><code>ba590ac</code></a> Release v6.2.7</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/ee62701f5634e904e42e218baad142cea2bcd332"><code>ee62701</code></a> Make use of PatternMatchUtils ignoreCase option</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/fa168ca78ae134e82db8eacc109bb29266b36fb1"><code>fa168ca</code></a> Revise FactoryBean locking behavior for strict/lenient consistency</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/3c228a5c1d07874d0bf2b9456921ab20fc6d5e22"><code>3c228a5</code></a> Add missing <a href="https://github.com/since"><code>@since</code></a> tags in PatternMatchUtils</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/9bf6b8cddffac2c0034e0e2f7a799a81ddb1f09f"><code>9bf6b8c</code></a> Upgrade to Reactor 2024.0.6</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/37ecdd14372555c018c644e980666e47c06dcbe8"><code>37ecdd1</code></a> Forward more methods to underlying InputStream in NonClosingInputStream</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/73f1c5a189b0f6e65b5b8507d6862b480ec7193c"><code>73f1c5a</code></a> Polishing</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/4d296fb4ca1b3f87fe4b9cd97132f2688533de2d"><code>4d296fb</code></a> Upgrade to Micrometer 1.14.7</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/6a9444473f1aad080bf659563e56cc2bbd8f9512"><code>6a94444</code></a> Clarify CompositePropertySource behavior for EnumerablePropertySource contract</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/03ae97b2ebe2ff97ed3f78253758fb3cf6cacbbd"><code>03ae97b</code></a> Introduce Spring property for default escape character for placeholders</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-framework/compare/v6.2.6...v6.2.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
9aa692674f |
Bump org.sonarqube from 6.1.0.5360 to 6.2.0.5505 (#3546)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps org.sonarqube from 6.1.0.5360 to 6.2.0.5505. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
89992fe643 |
Bump org.springframework:spring-jdbc from 6.2.6 to 6.2.7 (#3545)
Bumps [org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework) from 6.2.6 to 6.2.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-jdbc's releases</a>.</em></p> <blockquote> <h2>v6.2.7</h2> <h2>⭐ New Features</h2> <ul> <li>Forward more methods to underlying InputStream in NonClosingInputStream <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34893">#34893</a></li> <li>Introduce Spring property for the default property placeholder escape character <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34865">#34865</a></li> <li>Close ApplicationContext once AOT processing has completed <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34841">#34841</a></li> <li>Fix <code>AbstractJackson2HttpMessageConverter#getObjectMappersForType</code> nullness <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34811">#34811</a></li> <li>Add option for case-insensitive match to PatternMatchUtils <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34801">#34801</a></li> <li>RestClient <code>@RequestBody</code> parameters lose generic type information when creating HTTP service beans <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34793">#34793</a></li> <li>Adds option to set Principal in MockServerWebExchange <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34789">#34789</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Beans created by FactoryBean are not considered as autowiring candidates if another thread holds a singletonLock <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34902">#34902</a></li> <li><code>PropertySourcesPlaceholderConfigurer</code> placeholder resolution fails in several scenarios <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34861">#34861</a></li> <li>HttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34851">#34851</a></li> <li>Fragment.create() requires mutable map - which is unusable when used with Kotlin <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34848">#34848</a></li> <li>Duplicate <code>BeanOverrideHandler</code> discovered in <code>@Nested</code> test case with superclass from different class or in interface implemented multiple times <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34844">#34844</a></li> <li>Accidental ClassLoader defineClass enforcement after <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34677">#34677</a> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34824">#34824</a></li> <li>HttpEntity.EMPTY headers should not be possible to mutate via HttpHeaders constructor <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34812">#34812</a></li> <li>AbstractFileResolvingResource.exists incorrectly reports result for resources inside of spring-boot executable jar <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34796">#34796</a></li> <li>Correctly expand query param with same name from URI variables array <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34783">#34783</a></li> <li>R2DBC <code>NamedParameterUtils</code> only expands reused collection parameter once <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34768">#34768</a></li> <li><code>PathMatchingResourcePatternResolver</code> wrongly assumes that <code>target/classes</code> always exists <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34764">#34764</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Clarify <code>CompositePropertySource</code> behavior for <code>EnumerablePropertySource</code> contract <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34886">#34886</a></li> <li>Javadoc and <code>@Nullable</code> annotation for <code>servletContext</code> parameter of <code>ConfigurableWebEnvironment.initPropertySources</code> are contradictory <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34845">#34845</a></li> <li>Spring MVC: <code>@EnableAsync</code> needs to be redeclared for each ApplicationContext <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34843">#34843</a></li> <li>Provide a working example instead of unclear placeholders <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34828">#34828</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Micrometer 1.14.7 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34889">#34889</a></li> <li>Upgrade to Reactor 2024.0.6 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34898">#34898</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/Artur"><code>@Artur</code></a>-, <a href="https://github.com/blake-bauman"><code>@blake-bauman</code></a>, <a href="https://github.com/iifawzi"><code>@iifawzi</code></a>, <a href="https://github.com/kilink"><code>@kilink</code></a>, <a href="https://github.com/quaff"><code>@quaff</code></a>, <a href="https://github.com/whlit"><code>@whlit</code></a>, and <a href="https://github.com/zzoe2346"><code>@zzoe2346</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-framework/commit/ba590ac9e49b46d347dc56f4498ee436a3b5969b"><code>ba590ac</code></a> Release v6.2.7</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/ee62701f5634e904e42e218baad142cea2bcd332"><code>ee62701</code></a> Make use of PatternMatchUtils ignoreCase option</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/fa168ca78ae134e82db8eacc109bb29266b36fb1"><code>fa168ca</code></a> Revise FactoryBean locking behavior for strict/lenient consistency</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/3c228a5c1d07874d0bf2b9456921ab20fc6d5e22"><code>3c228a5</code></a> Add missing <a href="https://github.com/since"><code>@since</code></a> tags in PatternMatchUtils</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/9bf6b8cddffac2c0034e0e2f7a799a81ddb1f09f"><code>9bf6b8c</code></a> Upgrade to Reactor 2024.0.6</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/37ecdd14372555c018c644e980666e47c06dcbe8"><code>37ecdd1</code></a> Forward more methods to underlying InputStream in NonClosingInputStream</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/73f1c5a189b0f6e65b5b8507d6862b480ec7193c"><code>73f1c5a</code></a> Polishing</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/4d296fb4ca1b3f87fe4b9cd97132f2688533de2d"><code>4d296fb</code></a> Upgrade to Micrometer 1.14.7</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/6a9444473f1aad080bf659563e56cc2bbd8f9512"><code>6a94444</code></a> Clarify CompositePropertySource behavior for EnumerablePropertySource contract</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/03ae97b2ebe2ff97ed3f78253758fb3cf6cacbbd"><code>03ae97b</code></a> Introduce Spring property for default escape character for placeholders</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-framework/compare/v6.2.6...v6.2.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
1f56ccfc99 |
Bump gradle/actions from 4.3.1 to 4.4.0 (#3544)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.1 to 4.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.4.0</h2> <p>This release updates 2 downstream components:</p> <ul> <li>Develocity injection has been updated to <a href="https://github.com/gradle/develocity-ci-injection/releases/tag/v2.0">v2.0</a> <ul> <li>Some environment variables related to Develocity injection have been renamed. All vars now being with <code>DEVELOCITY_INJECTION_</code>. Check <a href="https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-develocity-injection">the docs</a> for more details.</li> </ul> </li> <li>Dependency-graph plugin has been updated to <a href="https://github.com/gradle/github-dependency-graph-gradle-plugin/releases/tag/v1.4.0">v1.4.0</a> <ul> <li>The 'detector' values included in the generated graph can now be configured via environment variables.</li> </ul> </li> </ul> <h2>What's Changed</h2> <ul> <li>Update develocity-injection init script to v1.3 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/592">gradle/actions#592</a></li> <li>Update develocity-injection init script to v2.0 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/593">gradle/actions#593</a></li> <li>[StepSecurity] ci: Harden GitHub Actions by <a href="https://github.com/step-security-bot"><code>@step-security-bot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li> <li>Use v1.4.0 of dependency graph plugin by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/638">gradle/actions#638</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/step-security-bot"><code>@step-security-bot</code></a> made their first contribution in <a href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.3.1...v4.4.0">https://github.com/gradle/actions/compare/v4.3.1...v4.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/8379f6a1328ee0e06e2bb424dadb7b159856a326"><code>8379f6a</code></a> Use v1.4.0 of dependency graph plugin (<a href="https://redirect.github.com/gradle/actions/issues/638">#638</a>)</li> <li><a href="https://github.com/gradle/actions/commit/9f79b5fa2c0d6f1157051630d2fb45b9f10ca6a5"><code>9f79b5f</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/e093fac84ca6df405f28ca0317458de1a4c7ad65"><code>e093fac</code></a> Bump the npm-dependencies group in /sources with 5 updates (<a href="https://redirect.github.com/gradle/actions/issues/636">#636</a>)</li> <li><a href="https://github.com/gradle/actions/commit/768a17f3488dc3fe0155ff431553e1f53d57e22e"><code>768a17f</code></a> Bump the npm-dependencies group in /sources with 2 updates (<a href="https://redirect.github.com/gradle/actions/issues/635">#635</a>)</li> <li><a href="https://github.com/gradle/actions/commit/36541137722dacf3739105e1b760c6856d5369e4"><code>3654113</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/2ad385cb2aee647fa33b18e52b479ae14fed4c6c"><code>2ad385c</code></a> Replace use of typed-rest-client with <code>@actions/http-client</code> (<a href="https://redirect.github.com/gradle/actions/issues/634">#634</a>)</li> <li><a href="https://github.com/gradle/actions/commit/95dcf96b0d6e55b48ba036a7d7480ce25a00e6ef"><code>95dcf96</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/2e3238a6642725202f6a5656922bbe434f25b03e"><code>2e3238a</code></a> Bump actions/download-artifact from 4.2.1 to 4.3.0 in /.github/actions/init-i...</li> <li><a href="https://github.com/gradle/actions/commit/39dddb8ae7ff59c7416189aac27a8980abd89bd0"><code>39dddb8</code></a> Remove direct use of octokit/request-error (<a href="https://redirect.github.com/gradle/actions/issues/632">#632</a>)</li> <li><a href="https://github.com/gradle/actions/commit/755ed7db09daddecb584fd9d200146c632f1af98"><code>755ed7d</code></a> [bot] Update dist directory</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/06832c7b30a0129d7fb559bcc6e43d26f6374244...8379f6a1328ee0e06e2bb424dadb7b159856a326">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f290f62e23 |
Bump actions/dependency-review-action from 4.7.0 to 4.7.1 (#3543)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.7.0 to 4.7.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's releases</a>.</em></p> <blockquote> <h2>v4.7.1</h2> <ul> <li>Packages added to <code>allow-dependencies-licenses</code> will be allowed even if the package in question has no license information <a href="https://redirect.github.com/actions/dependency-review-action/issues/889">#889</a></li> <li>License expressions (e.g. <code>Ruby OR GPL-2.0</code>) in the allow list are automatically discarded so that they don't invalidate the whole allow list, which should just be license identifier (e.g. <code>Ruby</code>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/dependency-review-action/commit/da24556b548a50705dd671f47852072ea4c105d9"><code>da24556</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/933">#933</a> from actions/dangoor/471-release</li> <li><a href="https://github.com/actions/dependency-review-action/commit/9af0caf0e50bd16cea055a1319f959e718f9cd5d"><code>9af0caf</code></a> Bump version number for 4.7.1</li> <li><a href="https://github.com/actions/dependency-review-action/commit/d8f2df20d5605f0dd46db3bd283002c24e357724"><code>d8f2df2</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/932">#932</a> from actions/907-disallow-expression</li> <li><a href="https://github.com/actions/dependency-review-action/commit/6e9307a3d4e5049e0dd8b5f9d51dfa0544391d3a"><code>6e9307a</code></a> Discard allow list entries that are not SPDX IDs</li> <li><a href="https://github.com/actions/dependency-review-action/commit/8805179dc9a63c54224914839d370dd93bd37b2e"><code>8805179</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/930">#930</a> from actions/889-allow-no-license</li> <li><a href="https://github.com/actions/dependency-review-action/commit/014300b08cd78d8944f631eb3415e4c079cdb3e8"><code>014300b</code></a> Update build</li> <li><a href="https://github.com/actions/dependency-review-action/commit/34486f306eacc0b5ba73c8d12b5af19a58d22364"><code>34486f3</code></a> Check namespaces when excluding license checks</li> <li><a href="https://github.com/actions/dependency-review-action/commit/9b155d6432a2e91d56f1d2ad084483e8cd766a23"><code>9b155d6</code></a> Update build</li> <li><a href="https://github.com/actions/dependency-review-action/commit/f199659a6a39762ca0753d8a2fb41192144f257a"><code>f199659</code></a> Allowing dependencies works with no licenses</li> <li>See full diff in <a href="https://github.com/actions/dependency-review-action/compare/38ecb5b593bf0eb19e335c03f97670f792489a8b...da24556b548a50705dd671f47852072ea4c105d9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
74fcf01d03 |
Bump github/codeql-action from 3.28.17 to 3.28.18 (#3542)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.17 to 3.28.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.18</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.18/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/ff0a06e83cb2de871e5a09832bc6a81e7276941f"><code>ff0a06e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2896">#2896</a> from github/update-v3.28.18-b86edfc27</li> <li><a href="https://github.com/github/codeql-action/commit/a41e0844be4d25fcef7ce7fa536f3e30275a9a1c"><code>a41e084</code></a> Update changelog for v3.28.18</li> <li><a href="https://github.com/github/codeql-action/commit/b86edfc27a1e0d3b55127a7496a1c770a02b2f84"><code>b86edfc</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2893">#2893</a> from github/update-bundle/codeql-bundle-v2.21.3</li> <li><a href="https://github.com/github/codeql-action/commit/e93b90025f7c49dccc3ee640c4155b63eb9a6b39"><code>e93b900</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.21.3</li> <li><a href="https://github.com/github/codeql-action/commit/510dfa3460b15b34a807ab5609b4691aed5ebbee"><code>510dfa3</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2894">#2894</a> from github/henrymercer/skip-validating-codeql-sarif</li> <li><a href="https://github.com/github/codeql-action/commit/492d7832457da825a964331d860789f3f19d105b"><code>492d783</code></a> Merge branch 'main' into henrymercer/skip-validating-codeql-sarif</li> <li><a href="https://github.com/github/codeql-action/commit/83bdf3b7f92061d2f6d74e2a4555ecf719adad68"><code>83bdf3b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2859">#2859</a> from github/update-supported-enterprise-server-versions</li> <li><a href="https://github.com/github/codeql-action/commit/cffc916774454a5ead1c8fb7925abad20cda85e4"><code>cffc916</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2891">#2891</a> from austinpray-mixpanel/patch-1</li> <li><a href="https://github.com/github/codeql-action/commit/4420887272f1c68c7c58ca2970bdfb5eb657cf08"><code>4420887</code></a> Add deprecation warning for CodeQL 2.16.5 and earlier</li> <li><a href="https://github.com/github/codeql-action/commit/4e178c584157c51ff3d6fb87c764e7ed0715f82a"><code>4e178c5</code></a> Update supported versions table in README</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/60168efe1c415ce0f5521ea06d5c2062adbeed1b...ff0a06e83cb2de871e5a09832bc6a81e7276941f">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
1346abf0e5 |
Bump docker/build-push-action from 6.16.0 to 6.17.0 (#3541)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.16.0 to 6.17.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.17.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.59.0 to 0.61.0 by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1364">docker/build-push-action#1364</a></li> </ul> <blockquote> <p>[!NOTE] Build record is now exported using the <a href="https://docs.docker.com/reference/cli/docker/buildx/history/export/"><code>buildx history export</code></a> command instead of the legacy export-build tool.</p> </blockquote> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0">https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/1dc73863535b631f98b2378be8619f83b136f4a0"><code>1dc7386</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1364">#1364</a> from crazy-max/history-export-cmd</li> <li><a href="https://github.com/docker/build-push-action/commit/9c9803f36437c54a2bf7b2c9a4a9011c2a812d71"><code>9c9803f</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/db1f6c46e8d64f89ec10010e409681bcf7951c05"><code>db1f6c4</code></a> DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export</li> <li><a href="https://github.com/docker/build-push-action/commit/721e8c79de660781840d3a69a11e39e1e836ef8e"><code>721e8c7</code></a> Bump <code>@docker/actions-toolkit</code> from 0.59.0 to 0.61.0</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/14487ce63c7a62a4a324b0bfb37086795e31c6c1...1dc73863535b631f98b2378be8619f83b136f4a0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
70717813f6 |
Bump io.micrometer:micrometer-core from 1.14.6 to 1.14.7 (#3521)
Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.14.6 to 1.14.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's releases</a>.</em></p> <blockquote> <h2>1.14.7</h2> <h2>⭐ New Features</h2> <ul> <li>Replace Meter.Id.getTags() with cheaper alternatives <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6147">#6147</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>MultiGauge doesn't work with MeterFilter.map() <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6146">#6146</a></li> <li>Record cache.size in CaffeineCacheMetrics without enabling recordStats() <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6128">#6128</a></li> <li>TimedHandler shutdown hanging indefinitely <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6194">#6194</a></li> <li>Use snapshot consistently in AppOpticsMeterRegistry.writeSummary() <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6181">#6181</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/AlexElin"><code>@AlexElin</code></a>, <a href="https://github.com/RafeArnold"><code>@RafeArnold</code></a>, and <a href="https://github.com/izeye"><code>@izeye</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/b6e5031303afbdf43073dc19377d84d8e858c048"><code>b6e5031</code></a> Bump com.tngtech.archunit:archunit-junit5 from 1.3.1 to 1.3.2 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6226">#6226</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/6567cdccd3440b9fb1624463f4470e255d449314"><code>6567cdc</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/80d4c9d986dfddee331a22f16a533ee3e4725116"><code>80d4c9d</code></a> Call Shutdown#check after finishing timing (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6194">#6194</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/7f82709bb221470065f23c312e7441952ff78cb4"><code>7f82709</code></a> Bump maven-resolver from 1.9.22 to 1.9.23 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6219">#6219</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/a1a4f3d83dfaef791949c5cd042e28535e60165b"><code>a1a4f3d</code></a> Bump maven-resolver from 1.9.22 to 1.9.23 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6218">#6218</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/a6adb3a05862e5c8896a997a755daa159e06eba5"><code>a6adb3a</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/fb2d4da16e9388852064b10b6004441848c69dce"><code>fb2d4da</code></a> Get Google Cloud project ID from env var for integration tests</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/4f0cf532a923f31c89f80e4a85e1bf3eb61a58e9"><code>4f0cf53</code></a> Bump com.fasterxml.jackson.core:jackson-databind from 2.18.3 to 2.18.4 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6214">#6214</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/33d1f7ebfd4e33bd027ced975adcd044d83fad12"><code>33d1f7e</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/79939c3958fe95b03da844c55e9ce4f03d5e2d3d"><code>79939c3</code></a> Fix JavaDurationGetSecondsToToSeconds warnings for tests (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6207">#6207</a>)</li> <li>Additional commits viewable in <a href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.6...v1.14.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
662c2a4dfe |
Bump org.apache.xmlgraphics:batik-all from 1.18 to 1.19 (#3520)
Bumps org.apache.xmlgraphics:batik-all from 1.18 to 1.19. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
9fc174d12d |
Bump actions/dependency-review-action from 4.6.0 to 4.7.0 (#3519)
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.6.0 to 4.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's releases</a>.</em></p> <blockquote> <h2>v4.7.0</h2> <ul> <li>Handle complex license expressions (e.g. <code>MIT AND GPL-2.0</code>) in allow lists (fixes <a href="https://redirect.github.com/actions/dependency-review-action/issues/809">#809</a> and probably others)</li> <li>Replace <code>OTHER</code> in package licenses with <code>LicenseRef-clearlydefined-OTHER</code> so that parsing passes</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/dependency-review-action/commit/38ecb5b593bf0eb19e335c03f97670f792489a8b"><code>38ecb5b</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/929">#929</a> from actions/dangoor/4.7-release</li> <li><a href="https://github.com/actions/dependency-review-action/commit/0e9e935cc870609b60e95f0ca9c5439df6c5a001"><code>0e9e935</code></a> Version 4.7.0 release</li> <li><a href="https://github.com/actions/dependency-review-action/commit/69d2faa36575aaf6f3b6e83344dccafd1434b31e"><code>69d2faa</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/926">#926</a> from dangoor/dangoor/replace-other</li> <li><a href="https://github.com/actions/dependency-review-action/commit/7e14978e0e6d56c5c368d665cfe64859530ae43e"><code>7e14978</code></a> Merge branch 'actions:main' into dangoor/replace-other</li> <li><a href="https://github.com/actions/dependency-review-action/commit/8477905b0e5eb937fce8d6d92309aee88f4a4295"><code>8477905</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/927">#927</a> from dangoor/dangoor/multilicense</li> <li><a href="https://github.com/actions/dependency-review-action/commit/f3ff3564fad5f71b84386e8dd99dcdd5f25b6e9e"><code>f3ff356</code></a> Update dist</li> <li><a href="https://github.com/actions/dependency-review-action/commit/c7565d44ece013dd49742989a6bd8f2042aed16a"><code>c7565d4</code></a> Fix tests and respond to review feedback</li> <li><a href="https://github.com/actions/dependency-review-action/commit/82299c3bbe54c01331889c2b0f62af249dfb0ee8"><code>82299c3</code></a> Replace OTHER with a LicenseRef</li> <li><a href="https://github.com/actions/dependency-review-action/commit/2013ccccfe108a74501d552608b81853e407307a"><code>2013ccc</code></a> Update type definition for spdx-satisfies</li> <li><a href="https://github.com/actions/dependency-review-action/commit/3a2b68706a35b3507491b524adfe1c822821e706"><code>3a2b687</code></a> Handle complex licenses (e.g. X AND Y)</li> <li>Additional commits viewable in <a href="https://github.com/actions/dependency-review-action/compare/ce3cf9537a52e8119d91fd484ab5b8a807627bf8...38ecb5b593bf0eb19e335c03f97670f792489a8b">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
1aff1d3480 |
Bump com.opencsv:opencsv from 5.10 to 5.11 (#3476)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps com.opencsv:opencsv from 5.10 to 5.11. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
bfaffe5050 |
Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.6 to 2.8.8 (#3482)
Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.8.6 to 2.8.8. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/springdoc/springdoc-openapi/releases">org.springdoc:springdoc-openapi-starter-webmvc-ui's releases</a>.</em></p> <blockquote> <h2>v2.8.8</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.7...v2.8.8">https://github.com/springdoc/springdoc-openapi/compare/v2.8.7...v2.8.8</a></p> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a> - Handle projects not using kotlin-reflect <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li> </ul> <h2>springdoc-openapi v2.8.7 released!</h2> <h2>What's Changed</h2> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a> - Introducing springdoc-openapi-bom project</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2948">#2948</a> - Customize Servers via application.yml</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2963">#2963</a> - Set default content type for problem details object to application/problem+jso</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a> - List of value classes in Kotlin</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade swagger-ui to v5.21.0</li> <li>Upgrade swagger-core to 2.2.30</li> <li>Upgrade spring-boot to version 3.4.5</li> <li>Upgrade spring-security-oauth2-authorization-server to version 1.4.3</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2947">#2947</a> - Unexpected warning "Appended trailing slash to static resource location"</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2960">#2960</a> - NPE when customizing group's open-api without specifying any schema</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2969">#2969</a> - fix path to register resource handler to work SwaggerIndexPageTransformer considering /webjar path prefix</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2964">#2964</a> - Cannot add custom description and example for java.time.Duration since v2.8.6</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2972">#2972</a> - <a href="https://github.com/Header"><code>@Header</code></a>(schema = <a href="https://github.com/Schema"><code>@Schema</code></a>(type = "string")) generates empty or broken schema in OpenAPI output since 2.8.0</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>, <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a> - Build Failure due to Private Inner Class.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2556">#2556</a> - Unable to determine if it is a Kotlin type</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lagoshny"><code>@lagoshny</code></a> made their first contribution in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/2970">springdoc/springdoc-openapi#2970</a></li> <li><a href="https://github.com/mymx2"><code>@mymx2</code></a> made their first contribution in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/2950">springdoc/springdoc-openapi#2950</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.7">https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md">org.springdoc:springdoc-openapi-starter-webmvc-ui's changelog</a>.</em></p> <blockquote> <h2>[2.8.8] - 2025-05-04</h2> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a> - Handle projects not using kotlin-reflect <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li> </ul> <h2>[2.8.7] - 2025-05-04</h2> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a> - Introducing springdoc-openapi-bom project</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2948">#2948</a> - Customize Servers via application.yml</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2963">#2963</a> - Set default content type for problem details object to application/problem+jso</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a> - List of value classes in Kotlin</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade swagger-ui to v5.21.0</li> <li>Upgrade swagger-core to 2.2.30</li> <li>Upgrade spring-boot to version 3.4.5</li> <li>Upgrade spring-security-oauth2-authorization-server to version 1.4.3</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2947">#2947</a> - Unexpected warning "Appended trailing slash to static resource location"</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2960">#2960</a> - NPE when customizing group's open-api without specifying any schema</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2969">#2969</a> - fix path to register resource handler to work SwaggerIndexPageTransformer considering /webjar path prefix</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2964">#2964</a> - Cannot add custom description and example for java.time.Duration since v2.8.6</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2972">#2972</a> - <a href="https://github.com/Header"><code>@Header</code></a>(schema = <a href="https://github.com/Schema"><code>@Schema</code></a>(type = "string")) generates empty or broken schema in OpenAPI output since 2.8.0</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>, <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a> - Build Failure due to Private Inner Class.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/bce44dbe502cbaeeff6188fe210042859aa0ed54"><code>bce44db</code></a> [maven-release-plugin] prepare release v2.8.8</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/707fce0271fda0c713c412488247dba4cc32d98c"><code>707fce0</code></a> Handle projects not using kotlin-reflect. Fixes <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2977">#2977</a></li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/7a3546cb733d3ca493b6e622778a97c73b39b04a"><code>7a3546c</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/764ef2fd42040232a7a9280d826ed72a591da3df"><code>764ef2f</code></a> [maven-release-plugin] prepare release v2.8.7</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/98dacbda5cbdb0a278aa407ddc6aa05c8f23f031"><code>98dacbd</code></a> Prepare for the next release</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/5eb7d77e55df6b1b4ea1964fb146233f88b71e2d"><code>5eb7d77</code></a> pom.xml cleanup for <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a></li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/9dffa3d7d43e11ee1abfa86c7bf9b1886fc23e11"><code>9dffa3d</code></a> pom.xml cleanup for <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2944">#2944</a></li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/a68b42edf1465f1888c42263dac5547622ebd4cc"><code>a68b42e</code></a> List of value classes in Kotlin. Fixes <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2971">#2971</a></li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/95fa3bbb71859e428092034efbb3deae9bf4c892"><code>95fa3bb</code></a> Regression: <a href="https://github.com/Header"><code>@Header</code></a>(schema = <a href="https://github.com/Schema"><code>@Schema</code></a>(type = "string")) generates empty or bro...</li> <li><a href="https://github.com/springdoc/springdoc-openapi/commit/3d056d8c55ec3139fc3e2d4a2f0eed7d8384d5f0"><code>3d056d8</code></a> Build Failure due to Private Inner Class. Fixes <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2976">#2976</a>, <a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2967">#2967</a></li> <li>Additional commits viewable in <a href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.6...v2.8.8">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
3a615360a0 |
Bump actions/create-github-app-token from 2.0.5 to 2.0.6 (#3475)
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2.0.5 to 2.0.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v2.0.6</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v2.0.5...v2.0.6">2.0.6</a> (2025-05-03)</h2> <h3>Bug Fixes</h3> <ul> <li>replace <code>-</code> with <code>_</code> (<a href="https://redirect.github.com/actions/create-github-app-token/issues/246">#246</a>) (<a href="https://github.com/actions/create-github-app-token/commit/333678481b1f02ee31fa1443aba4f1f7cb5b08b5">3336784</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/df432ceedc7162793a195dd1713ff69aefc7379e"><code>df432ce</code></a> build(release): 2.0.6 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/333678481b1f02ee31fa1443aba4f1f7cb5b08b5"><code>3336784</code></a> fix: replace <code>-</code> with <code>_</code> (<a href="https://redirect.github.com/actions/create-github-app-token/issues/246">#246</a>)</li> <li>See full diff in <a href="https://github.com/actions/create-github-app-token/compare/db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959...df432ceedc7162793a195dd1713ff69aefc7379e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
20f0cf1ac3 |
Bump pdfboxVersion from 3.0.4 to 3.0.5 (#3465)
Bumps `pdfboxVersion` from 3.0.4 to 3.0.5. Updates `org.apache.pdfbox:pdfbox` from 3.0.4 to 3.0.5 Updates `org.apache.pdfbox:preflight` from 3.0.4 to 3.0.5 Updates `org.apache.pdfbox:xmpbox` from 3.0.4 to 3.0.5 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
561d3f4eed |
Bump actions/create-github-app-token from 2.0.2 to 2.0.5 (#3466)
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2.0.2 to 2.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v2.0.5</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v2.0.4...v2.0.5">2.0.5</a> (2025-05-02)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> bump the production-dependencies group with 3 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/240">#240</a>) (<a href="https://github.com/actions/create-github-app-token/commit/d64d7d73555d3f2cb08ce64bdd812e49308a2905">d64d7d7</a>)</li> </ul> <h2>v2.0.4</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v2.0.3...v2.0.4">2.0.4</a> (2025-05-02)</h2> <h3>Bug Fixes</h3> <ul> <li>permission input handling (<a href="https://redirect.github.com/actions/create-github-app-token/issues/243">#243</a>) (<a href="https://github.com/actions/create-github-app-token/commit/2950cbc446a8d3030ea17d3f7cbdd3c0fce4b0f5">2950cbc</a>)</li> </ul> <h2>v2.0.3</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v2.0.2...v2.0.3">2.0.3</a> (2025-05-01)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>README:</strong> use <code>v2</code> in examples (<a href="https://redirect.github.com/actions/create-github-app-token/issues/234">#234</a>) (<a href="https://github.com/actions/create-github-app-token/commit/9ba274d954c9af64fbf4cec63082d0e3f57e9b5f">9ba274d</a>), closes <a href="https://redirect.github.com/actions/create-github-app-token/issues/232">#232</a></li> <li>use <code>core.getBooleanInput()</code> to retrieve boolean input values (<a href="https://redirect.github.com/actions/create-github-app-token/issues/223">#223</a>) (<a href="https://github.com/actions/create-github-app-token/commit/c3c17c79ccedec31f588e88d6ad5ff9036afe580">c3c17c7</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959"><code>db3cdf4</code></a> build(release): 2.0.5 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/d64d7d73555d3f2cb08ce64bdd812e49308a2905"><code>d64d7d7</code></a> fix(deps): bump the production-dependencies group with 3 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/240">#240</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/1b6f53e48e3bd5e9fbd610599fc41fca986c51e9"><code>1b6f53e</code></a> build(deps-dev): bump the development-dependencies group across 1 directory w...</li> <li><a href="https://github.com/actions/create-github-app-token/commit/061a84d5f55008a6dfb441735e1568fcb8da8b50"><code>061a84d</code></a> build(deps-dev): bump <code>@octokit/openapi</code> from 18.2.0 to 19.0.0 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/242">#242</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/c8f34a61a85667dfbbbc74c5468935fc8a369720"><code>c8f34a6</code></a> build(deps): bump stefanzweifel/git-auto-commit-action from 5.1.0 to 5.2.0 in...</li> <li><a href="https://github.com/actions/create-github-app-token/commit/4821f52fa7a8e45784f1d99cdb1c27bec9f00720"><code>4821f52</code></a> build(release): 2.0.4 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/2950cbc446a8d3030ea17d3f7cbdd3c0fce4b0f5"><code>2950cbc</code></a> fix: permission input handling (<a href="https://redirect.github.com/actions/create-github-app-token/issues/243">#243</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/30bf6253fa41bdc8d1501d202ad15287582246b4"><code>30bf625</code></a> build(release): 2.0.3 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/c3c17c79ccedec31f588e88d6ad5ff9036afe580"><code>c3c17c7</code></a> fix: use <code>core.getBooleanInput()</code> to retrieve boolean input values (<a href="https://redirect.github.com/actions/create-github-app-token/issues/223">#223</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/9ba274d954c9af64fbf4cec63082d0e3f57e9b5f"><code>9ba274d</code></a> fix(README): use <code>v2</code> in examples (<a href="https://redirect.github.com/actions/create-github-app-token/issues/234">#234</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/create-github-app-token/compare/3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5...db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
e239bbf89a |
Bump github/codeql-action from 3.28.16 to 3.28.17 (#3467)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.16 to 3.28.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.17</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.17/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/60168efe1c415ce0f5521ea06d5c2062adbeed1b"><code>60168ef</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2886">#2886</a> from github/update-v3.28.17-97a2bfd2a</li> <li><a href="https://github.com/github/codeql-action/commit/0d5a3115da6459f8ab4333164184f8292c0c7a7f"><code>0d5a311</code></a> Update changelog for v3.28.17</li> <li><a href="https://github.com/github/codeql-action/commit/97a2bfd2a3d26d458da69e548f7f859d6fca634d"><code>97a2bfd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2872">#2872</a> from github/update-bundle/codeql-bundle-v2.21.2</li> <li><a href="https://github.com/github/codeql-action/commit/9aba20e4c91fd8c3a71d5ab2bdeba0da11713864"><code>9aba20e</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2</li> <li><a href="https://github.com/github/codeql-action/commit/81a9508deb02898c1a7be79bd5b49bb0ab9c787e"><code>81a9508</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2876">#2876</a> from github/henrymercer/fix-diff-informed-multiple-a...</li> <li><a href="https://github.com/github/codeql-action/commit/1569f4c145413fbce7d6573c6ee9212d2612d27f"><code>1569f4c</code></a> Disable diff-informed queries in code scanning config tests</li> <li><a href="https://github.com/github/codeql-action/commit/62fbeb66b359bfbdec7d4d96af8f68aece59b4db"><code>62fbeb6</code></a> Merge branch 'main' into henrymercer/fix-diff-informed-multiple-analyze</li> <li><a href="https://github.com/github/codeql-action/commit/f122d1dc9eb83b12dc16b38495b667a2dddfa6f9"><code>f122d1d</code></a> Address test failures from computing temporary directory too early</li> <li><a href="https://github.com/github/codeql-action/commit/083772aae48a3be5654921bb6e6ccb00e0e1d563"><code>083772a</code></a> Do not fail diff informed analyses when <code>analyze</code> is run twice in the same job</li> <li><a href="https://github.com/github/codeql-action/commit/5db14d0471303d6eee1e2a51393f5ae1669b6703"><code>5db14d0</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/28deaeda66b76a05916b6923827895f2b14ab387...60168efe1c415ce0f5521ea06d5c2062adbeed1b">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
9635e573d8 |
Bump gradle from 8.13-jdk21 to 8.14-jdk21 (#3439)
Bumps gradle from 8.13-jdk21 to 8.14-jdk21. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
ffb8e98dcd |
Bump springBootVersion from 3.4.4 to 3.4.5 (#3440)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps `springBootVersion` from 3.4.4 to 3.4.5. Updates `org.springframework.boot:spring-boot-starter-web` from 3.4.4 to 3.4.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-web's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li> <li>MessageSourceMessageInterpolator does not replace a parameter when the message matches its code <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li> <li>IntegrationMbeanExporter is not eligible for getting processed by all BeanPostProcessors warnings are shown when using JMX <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li> <li>OAuth2AuthorizationServerJwtAutoConfiguration uses <code>@ConditionalOnClass</code> incorrectly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li> <li>MongoDB's dependency management is missing Kotlin coroutine driver modules <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li> <li>ImagePlatform can cause "OS must not be empty" IllegalArgumentException <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li> <li>TypeUtils does not handle generics with identical names in different positions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li> <li>HttpClient5 5.4.3 breaks local Docker transport <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li> <li>spring.datasource.hikari.data-source-class-name cannot be used as a driver class name is always required and Hikari does not accept both <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li> <li>Post-processing to apply custom JdbcConnectionDetails triggers an NPE in Hikari if the JDBC URL is for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li> <li>DataSourceBuilder triggers an NPE in Hikari when trying to build a DataSource with a JDBC URL for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li> <li>SSL config does not watch for symlink file changes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li> <li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li> <li>DataSourceTransactionManagerAutoConfiguration should run after DataSourceAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li> <li>JsonValueWriter can throw StackOverflowError on deeply nested items <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li> <li>In a reactive web app, SslBundle can no longer open store file locations without using a 'file:' prefix <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li> <li>Logging a Path object using structured logging throws StackOverflowError <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Make <code>@Component</code> a javadoc link <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li> <li>Fix documentation links to buildpacks.io <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li> <li>Clarify the use of multiple profile expressions with "spring.config.activate.on-profile" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li> <li>Show the use of token properties in authorization server clients configuration example <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li> <li>Add details of the purpose of the metrics endpoint <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li> <li>Escape the asterisk in spring-application.adoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li> <li>Add reference to Styra (OPA) Spring Boot SDK <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li> <li>Update CDS documentation to cover AOTCache <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li> <li>WebFlux security documentation incorrectly links to servlet classes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li> <li>Replace mentions of deprecated MockBean annotation <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li> <li>TaskExecution documentation should describe what happens when multiple Executor beans are present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li> <li>Documentation lists coordinates for some dependencies that are not actually managed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li> <li>Polish javadoc of SpringProfileAction <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to AspectJ 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li> <li>Upgrade to Couchbase Client 3.7.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li> <li>Upgrade to Hibernate 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li> <li>Upgrade to HttpClient5 5.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li> <li>Upgrade to HttpCore5 5.3.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li> <li>Upgrade to Jaybird 5.0.7.java11 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li> <li>Upgrade to Jetty 12.0.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li> <li>Upgrade to jOOQ 3.19.22 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li> <li>Upgrade to Lombok 1.18.38 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a> Release v3.4.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a> Next development version (v3.3.12-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a> Revert "Upgrade to Netty 4.1.120.Final"</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a> Fix potential null problem in actuator</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.4.4 to 3.4.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-jetty's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li> <li>MessageSourceMessageInterpolator does not replace a parameter when the message matches its code <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li> <li>IntegrationMbeanExporter is not eligible for getting processed by all BeanPostProcessors warnings are shown when using JMX <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li> <li>OAuth2AuthorizationServerJwtAutoConfiguration uses <code>@ConditionalOnClass</code> incorrectly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li> <li>MongoDB's dependency management is missing Kotlin coroutine driver modules <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li> <li>ImagePlatform can cause "OS must not be empty" IllegalArgumentException <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li> <li>TypeUtils does not handle generics with identical names in different positions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li> <li>HttpClient5 5.4.3 breaks local Docker transport <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li> <li>spring.datasource.hikari.data-source-class-name cannot be used as a driver class name is always required and Hikari does not accept both <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li> <li>Post-processing to apply custom JdbcConnectionDetails triggers an NPE in Hikari if the JDBC URL is for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li> <li>DataSourceBuilder triggers an NPE in Hikari when trying to build a DataSource with a JDBC URL for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li> <li>SSL config does not watch for symlink file changes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li> <li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li> <li>DataSourceTransactionManagerAutoConfiguration should run after DataSourceAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li> <li>JsonValueWriter can throw StackOverflowError on deeply nested items <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li> <li>In a reactive web app, SslBundle can no longer open store file locations without using a 'file:' prefix <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li> <li>Logging a Path object using structured logging throws StackOverflowError <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Make <code>@Component</code> a javadoc link <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li> <li>Fix documentation links to buildpacks.io <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li> <li>Clarify the use of multiple profile expressions with "spring.config.activate.on-profile" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li> <li>Show the use of token properties in authorization server clients configuration example <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li> <li>Add details of the purpose of the metrics endpoint <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li> <li>Escape the asterisk in spring-application.adoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li> <li>Add reference to Styra (OPA) Spring Boot SDK <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li> <li>Update CDS documentation to cover AOTCache <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li> <li>WebFlux security documentation incorrectly links to servlet classes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li> <li>Replace mentions of deprecated MockBean annotation <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li> <li>TaskExecution documentation should describe what happens when multiple Executor beans are present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li> <li>Documentation lists coordinates for some dependencies that are not actually managed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li> <li>Polish javadoc of SpringProfileAction <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to AspectJ 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li> <li>Upgrade to Couchbase Client 3.7.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li> <li>Upgrade to Hibernate 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li> <li>Upgrade to HttpClient5 5.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li> <li>Upgrade to HttpCore5 5.3.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li> <li>Upgrade to Jaybird 5.0.7.java11 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li> <li>Upgrade to Jetty 12.0.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li> <li>Upgrade to jOOQ 3.19.22 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li> <li>Upgrade to Lombok 1.18.38 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a> Release v3.4.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a> Next development version (v3.3.12-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a> Revert "Upgrade to Netty 4.1.120.Final"</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a> Fix potential null problem in actuator</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.4.4 to 3.4.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-thymeleaf's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li> <li>MessageSourceMessageInterpolator does not replace a parameter when the message matches its code <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li> <li>IntegrationMbeanExporter is not eligible for getting processed by all BeanPostProcessors warnings are shown when using JMX <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li> <li>OAuth2AuthorizationServerJwtAutoConfiguration uses <code>@ConditionalOnClass</code> incorrectly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li> <li>MongoDB's dependency management is missing Kotlin coroutine driver modules <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li> <li>ImagePlatform can cause "OS must not be empty" IllegalArgumentException <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li> <li>TypeUtils does not handle generics with identical names in different positions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li> <li>HttpClient5 5.4.3 breaks local Docker transport <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li> <li>spring.datasource.hikari.data-source-class-name cannot be used as a driver class name is always required and Hikari does not accept both <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li> <li>Post-processing to apply custom JdbcConnectionDetails triggers an NPE in Hikari if the JDBC URL is for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li> <li>DataSourceBuilder triggers an NPE in Hikari when trying to build a DataSource with a JDBC URL for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li> <li>SSL config does not watch for symlink file changes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li> <li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li> <li>DataSourceTransactionManagerAutoConfiguration should run after DataSourceAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li> <li>JsonValueWriter can throw StackOverflowError on deeply nested items <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li> <li>In a reactive web app, SslBundle can no longer open store file locations without using a 'file:' prefix <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li> <li>Logging a Path object using structured logging throws StackOverflowError <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Make <code>@Component</code> a javadoc link <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li> <li>Fix documentation links to buildpacks.io <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li> <li>Clarify the use of multiple profile expressions with "spring.config.activate.on-profile" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li> <li>Show the use of token properties in authorization server clients configuration example <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li> <li>Add details of the purpose of the metrics endpoint <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li> <li>Escape the asterisk in spring-application.adoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li> <li>Add reference to Styra (OPA) Spring Boot SDK <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li> <li>Update CDS documentation to cover AOTCache <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li> <li>WebFlux security documentation incorrectly links to servlet classes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li> <li>Replace mentions of deprecated MockBean annotation <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li> <li>TaskExecution documentation should describe what happens when multiple Executor beans are present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li> <li>Documentation lists coordinates for some dependencies that are not actually managed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li> <li>Polish javadoc of SpringProfileAction <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to AspectJ 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li> <li>Upgrade to Couchbase Client 3.7.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li> <li>Upgrade to Hibernate 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li> <li>Upgrade to HttpClient5 5.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li> <li>Upgrade to HttpCore5 5.3.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li> <li>Upgrade to Jaybird 5.0.7.java11 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li> <li>Upgrade to Jetty 12.0.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li> <li>Upgrade to jOOQ 3.19.22 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li> <li>Upgrade to Lombok 1.18.38 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a> Release v3.4.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a> Next development version (v3.3.12-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a> Revert "Upgrade to Netty 4.1.120.Final"</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a> Fix potential null problem in actuator</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-security` from 3.4.4 to 3.4.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-security's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li> <li>MessageSourceMessageInterpolator does not replace a parameter when the message matches its code <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li> <li>IntegrationMbeanExporter is not eligible for getting processed by all BeanPostProcessors warnings are shown when using JMX <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li> <li>OAuth2AuthorizationServerJwtAutoConfiguration uses <code>@ConditionalOnClass</code> incorrectly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li> <li>MongoDB's dependency management is missing Kotlin coroutine driver modules <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li> <li>ImagePlatform can cause "OS must not be empty" IllegalArgumentException <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li> <li>TypeUtils does not handle generics with identical names in different positions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li> <li>HttpClient5 5.4.3 breaks local Docker transport <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li> <li>spring.datasource.hikari.data-source-class-name cannot be used as a driver class name is always required and Hikari does not accept both <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li> <li>Post-processing to apply custom JdbcConnectionDetails triggers an NPE in Hikari if the JDBC URL is for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li> <li>DataSourceBuilder triggers an NPE in Hikari when trying to build a DataSource with a JDBC URL for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li> <li>SSL config does not watch for symlink file changes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li> <li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li> <li>DataSourceTransactionManagerAutoConfiguration should run after DataSourceAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li> <li>JsonValueWriter can throw StackOverflowError on deeply nested items <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li> <li>In a reactive web app, SslBundle can no longer open store file locations without using a 'file:' prefix <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li> <li>Logging a Path object using structured logging throws StackOverflowError <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Make <code>@Component</code> a javadoc link <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li> <li>Fix documentation links to buildpacks.io <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li> <li>Clarify the use of multiple profile expressions with "spring.config.activate.on-profile" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li> <li>Show the use of token properties in authorization server clients configuration example <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li> <li>Add details of the purpose of the metrics endpoint <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li> <li>Escape the asterisk in spring-application.adoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li> <li>Add reference to Styra (OPA) Spring Boot SDK <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li> <li>Update CDS documentation to cover AOTCache <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li> <li>WebFlux security documentation incorrectly links to servlet classes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li> <li>Replace mentions of deprecated MockBean annotation <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li> <li>TaskExecution documentation should describe what happens when multiple Executor beans are present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li> <li>Documentation lists coordinates for some dependencies that are not actually managed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li> <li>Polish javadoc of SpringProfileAction <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to AspectJ 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li> <li>Upgrade to Couchbase Client 3.7.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li> <li>Upgrade to Hibernate 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li> <li>Upgrade to HttpClient5 5.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li> <li>Upgrade to HttpCore5 5.3.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li> <li>Upgrade to Jaybird 5.0.7.java11 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li> <li>Upgrade to Jetty 12.0.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li> <li>Upgrade to jOOQ 3.19.22 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li> <li>Upgrade to Lombok 1.18.38 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a> Release v3.4.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a> Next development version (v3.3.12-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a> Revert "Upgrade to Netty 4.1.120.Final"</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a> Fix potential null problem in actuator</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.4.4 to 3.4.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-data-jpa's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li> <li>MessageSourceMessageInterpolator does not replace a parameter when the message matches its code <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li> <li>IntegrationMbeanExporter is not eligible for getting processed by all BeanPostProcessors warnings are shown when using JMX <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li> <li>OAuth2AuthorizationServerJwtAutoConfiguration uses <code>@ConditionalOnClass</code> incorrectly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li> <li>MongoDB's dependency management is missing Kotlin coroutine driver modules <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li> <li>ImagePlatform can cause "OS must not be empty" IllegalArgumentException <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li> <li>TypeUtils does not handle generics with identical names in different positions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li> <li>HttpClient5 5.4.3 breaks local Docker transport <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li> <li>spring.datasource.hikari.data-source-class-name cannot be used as a driver class name is always required and Hikari does not accept both <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li> <li>Post-processing to apply custom JdbcConnectionDetails triggers an NPE in Hikari if the JDBC URL is for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li> <li>DataSourceBuilder triggers an NPE in Hikari when trying to build a DataSource with a JDBC URL for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li> <li>SSL config does not watch for symlink file changes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li> <li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li> <li>DataSourceTransactionManagerAutoConfiguration should run after DataSourceAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li> <li>JsonValueWriter can throw StackOverflowError on deeply nested items <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li> <li>In a reactive web app, SslBundle can no longer open store file locations without using a 'file:' prefix <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li> <li>Logging a Path object using structured logging throws StackOverflowError <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Make <code>@Component</code> a javadoc link <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li> <li>Fix documentation links to buildpacks.io <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li> <li>Clarify the use of multiple profile expressions with "spring.config.activate.on-profile" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li> <li>Show the use of token properties in authorization server clients configuration example <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li> <li>Add details of the purpose of the metrics endpoint <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li> <li>Escape the asterisk in spring-application.adoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li> <li>Add reference to Styra (OPA) Spring Boot SDK <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li> <li>Update CDS documentation to cover AOTCache <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li> <li>WebFlux security documentation incorrectly links to servlet classes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li> <li>Replace mentions of deprecated MockBean annotation <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li> <li>TaskExecution documentation should describe what happens when multiple Executor beans are present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li> <li>Documentation lists coordinates for some dependencies that are not actually managed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li> <li>Polish javadoc of SpringProfileAction <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to AspectJ 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li> <li>Upgrade to Couchbase Client 3.7.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li> <li>Upgrade to Hibernate 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li> <li>Upgrade to HttpClient5 5.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li> <li>Upgrade to HttpCore5 5.3.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li> <li>Upgrade to Jaybird 5.0.7.java11 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li> <li>Upgrade to Jetty 12.0.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li> <li>Upgrade to jOOQ 3.19.22 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li> <li>Upgrade to Lombok 1.18.38 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a> Release v3.4.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a> Next development version (v3.3.12-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a> Revert "Upgrade to Netty 4.1.120.Final"</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a> Fix potential null problem in actuator</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-oauth2-client` from 3.4.4 to 3.4.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-oauth2-client's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li> <li>MessageSourceMessageInterpolator does not replace a parameter when the message matches its code <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li> <li>IntegrationMbeanExporter is not eligible for getting processed by all BeanPostProcessors warnings are shown when using JMX <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li> <li>OAuth2AuthorizationServerJwtAutoConfiguration uses <code>@ConditionalOnClass</code> incorrectly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li> <li>MongoDB's dependency management is missing Kotlin coroutine driver modules <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li> <li>ImagePlatform can cause "OS must not be empty" IllegalArgumentException <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li> <li>TypeUtils does not handle generics with identical names in different positions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li> <li>HttpClient5 5.4.3 breaks local Docker transport <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li> <li>spring.datasource.hikari.data-source-class-name cannot be used as a driver class name is always required and Hikari does not accept both <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li> <li>Post-processing to apply custom JdbcConnectionDetails triggers an NPE in Hikari if the JDBC URL is for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li> <li>DataSourceBuilder triggers an NPE in Hikari when trying to build a DataSource with a JDBC URL for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li> <li>SSL config does not watch for symlink file changes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li> <li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li> <li>DataSourceTransactionManagerAutoConfiguration should run after DataSourceAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li> <li>JsonValueWriter can throw StackOverflowError on deeply nested items <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li> <li>In a reactive web app, SslBundle can no longer open store file locations without using a 'file:' prefix <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li> <li>Logging a Path object using structured logging throws StackOverflowError <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Make <code>@Component</code> a javadoc link <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li> <li>Fix documentation links to buildpacks.io <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li> <li>Clarify the use of multiple profile expressions with "spring.config.activate.on-profile" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li> <li>Show the use of token properties in authorization server clients configuration example <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li> <li>Add details of the purpose of the metrics endpoint <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li> <li>Escape the asterisk in spring-application.adoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li> <li>Add reference to Styra (OPA) Spring Boot SDK <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li> <li>Update CDS documentation to cover AOTCache <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li> <li>WebFlux security documentation incorrectly links to servlet classes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li> <li>Replace mentions of deprecated MockBean annotation <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li> <li>TaskExecution documentation should describe what happens when multiple Executor beans are present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li> <li>Documentation lists coordinates for some dependencies that are not actually managed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li> <li>Polish javadoc of SpringProfileAction <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to AspectJ 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li> <li>Upgrade to Couchbase Client 3.7.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li> <li>Upgrade to Hibernate 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li> <li>Upgrade to HttpClient5 5.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li> <li>Upgrade to HttpCore5 5.3.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li> <li>Upgrade to Jaybird 5.0.7.java11 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li> <li>Upgrade to Jetty 12.0.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li> <li>Upgrade to jOOQ 3.19.22 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li> <li>Upgrade to Lombok 1.18.38 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a> Release v3.4.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a> Next development version (v3.3.12-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a> Revert "Upgrade to Netty 4.1.120.Final"</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a> Fix potential null problem in actuator</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-test` from 3.4.4 to 3.4.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-test's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li> <li>MessageSourceMessageInterpolator does not replace a parameter when the message matches its code <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li> <li>IntegrationMbeanExporter is not eligible for getting processed by all BeanPostProcessors warnings are shown when using JMX <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li> <li>OAuth2AuthorizationServerJwtAutoConfiguration uses <code>@ConditionalOnClass</code> incorrectly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li> <li>MongoDB's dependency management is missing Kotlin coroutine driver modules <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li> <li>ImagePlatform can cause "OS must not be empty" IllegalArgumentException <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li> <li>TypeUtils does not handle generics with identical names in different positions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li> <li>HttpClient5 5.4.3 breaks local Docker transport <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li> <li>spring.datasource.hikari.data-source-class-name cannot be used as a driver class name is always required and Hikari does not accept both <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li> <li>Post-processing to apply custom JdbcConnectionDetails triggers an NPE in Hikari if the JDBC URL is for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li> <li>DataSourceBuilder triggers an NPE in Hikari when trying to build a DataSource with a JDBC URL for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li> <li>SSL config does not watch for symlink file changes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li> <li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li> <li>DataSourceTransactionManagerAutoConfiguration should run after DataSourceAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li> <li>JsonValueWriter can throw StackOverflowError on deeply nested items <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li> <li>In a reactive web app, SslBundle can no longer open store file locations without using a 'file:' prefix <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li> <li>Logging a Path object using structured logging throws StackOverflowError <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Make <code>@Component</code> a javadoc link <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li> <li>Fix documentation links to buildpacks.io <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li> <li>Clarify the use of multiple profile expressions with "spring.config.activate.on-profile" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li> <li>Show the use of token properties in authorization server clients configuration example <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li> <li>Add details of the purpose of the metrics endpoint <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li> <li>Escape the asterisk in spring-application.adoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li> <li>Add reference to Styra (OPA) Spring Boot SDK <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li> <li>Update CDS documentation to cover AOTCache <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li> <li>WebFlux security documentation incorrectly links to servlet classes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li> <li>Replace mentions of deprecated MockBean annotation <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li> <li>TaskExecution documentation should describe what happens when multiple Executor beans are present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li> <li>Documentation lists coordinates for some dependencies that are not actually managed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li> <li>Polish javadoc of SpringProfileAction <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to AspectJ 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li> <li>Upgrade to Couchbase Client 3.7.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li> <li>Upgrade to Hibernate 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li> <li>Upgrade to HttpClient5 5.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li> <li>Upgrade to HttpCore5 5.3.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li> <li>Upgrade to Jaybird 5.0.7.java11 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li> <li>Upgrade to Jetty 12.0.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li> <li>Upgrade to jOOQ 3.19.22 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li> <li>Upgrade to Lombok 1.18.38 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a> Release v3.4.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a> Next development version (v3.3.12-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a> Revert "Upgrade to Netty 4.1.120.Final"</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a> Fix potential null problem in actuator</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-actuator` from 3.4.4 to 3.4.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-actuator's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="ht... _Description has been truncated_ Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b7eed4300e |
Bump docker/build-push-action from 6.15.0 to 6.16.0 (#3442)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.15.0 to 6.16.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.16.0</h2> <ul> <li>Handle no default attestations env var by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1343">docker/build-push-action#1343</a></li> <li>Only print secret keys in build summary output by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1353">docker/build-push-action#1353</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.56.0 to 0.59.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1352">docker/build-push-action#1352</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0">https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/14487ce63c7a62a4a324b0bfb37086795e31c6c1"><code>14487ce</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1343">#1343</a> from crazy-max/fix-no-default-attest</li> <li><a href="https://github.com/docker/build-push-action/commit/0ec91264d895acf7dfe05d54d8a3cc28f95b6346"><code>0ec9126</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1366">#1366</a> from crazy-max/pr-assign-author</li> <li><a href="https://github.com/docker/build-push-action/commit/b749522b90af1b517f52d8c1e67b2a965cea5eae"><code>b749522</code></a> pr-assign-author workflow</li> <li><a href="https://github.com/docker/build-push-action/commit/c566248492c912e39910ac79e2f05a82260233a8"><code>c566248</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1363">#1363</a> from crazy-max/fix-codecov</li> <li><a href="https://github.com/docker/build-push-action/commit/13275dd76e44afdffdd61da8b8ae8e26ee11671f"><code>13275dd</code></a> ci: fix missing source for codecov</li> <li><a href="https://github.com/docker/build-push-action/commit/67dc78bbaf388b3265f7e1c880e681f4b90d5f48"><code>67dc78b</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1361">#1361</a> from mschoettle/patch-1</li> <li><a href="https://github.com/docker/build-push-action/commit/0760504437ba8d0d98e7d5b625560bdede11b3b5"><code>0760504</code></a> docs: add validating build configuration example</li> <li><a href="https://github.com/docker/build-push-action/commit/1c198f4467ce458288d816cabd773cd574f16977"><code>1c198f4</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/288d9e2e4a70c24711ba959b94c2209b9205347e"><code>288d9e2</code></a> handle no default attestations env var</li> <li><a href="https://github.com/docker/build-push-action/commit/88844b95d8cbbb41035fa9c94e5967a33b92db78"><code>88844b9</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1353">#1353</a> from crazy-max/summary-secret-keys</li> <li>Additional commits viewable in <a href="https://github.com/docker/build-push-action/compare/471d1dc4e07e5cdedd4c2171150001c434f0b7a4...14487ce63c7a62a4a324b0bfb37086795e31c6c1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
4673dbb4e7 |
Bump org.springframework.boot from 3.4.4 to 3.4.5 (#3441)
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.4.4 to 3.4.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's releases</a>.</em></p> <blockquote> <h2>v3.4.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Spring Boot with native image container image build fails on podman due to directory permissions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45256">#45256</a></li> <li>Neo4jReactiveDataAutoConfiguration assumes that certain beans are available <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45235">#45235</a></li> <li>Wrong jOOQ exception translator with empty db name <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45219">#45219</a></li> <li>MessageSourceMessageInterpolator does not replace a parameter when the message matches its code <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45213">#45213</a></li> <li>IntegrationMbeanExporter is not eligible for getting processed by all BeanPostProcessors warnings are shown when using JMX <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45194">#45194</a></li> <li>OAuth2AuthorizationServerJwtAutoConfiguration uses <code>@ConditionalOnClass</code> incorrectly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45178">#45178</a></li> <li>MongoDB's dependency management is missing Kotlin coroutine driver modules <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45159">#45159</a></li> <li>ImagePlatform can cause "OS must not be empty" IllegalArgumentException <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45153">#45153</a></li> <li>TypeUtils does not handle generics with identical names in different positions <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45039">#45039</a></li> <li>HttpClient5 5.4.3 breaks local Docker transport <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45028">#45028</a></li> <li>spring.datasource.hikari.data-source-class-name cannot be used as a driver class name is always required and Hikari does not accept both <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45002">#45002</a></li> <li>Post-processing to apply custom JdbcConnectionDetails triggers an NPE in Hikari if the JDBC URL is for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44998">#44998</a></li> <li>DataSourceBuilder triggers an NPE in Hikari when trying to build a DataSource with a JDBC URL for an unknown driver <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44995">#44995</a></li> <li>SSL config does not watch for symlink file changes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44887">#44887</a></li> <li>EmbeddedLdapAutoConfiguration should not rely on PreDestroy <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44874">#44874</a></li> <li>DataSourceTransactionManagerAutoConfiguration should run after DataSourceAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44819">#44819</a></li> <li>JsonValueWriter can throw StackOverflowError on deeply nested items <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44627">#44627</a></li> <li>In a reactive web app, SslBundle can no longer open store file locations without using a 'file:' prefix <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44535">#44535</a></li> <li>Logging a Path object using structured logging throws StackOverflowError <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44507">#44507</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Make <code>@Component</code> a javadoc link <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45258">#45258</a></li> <li>Fix documentation links to buildpacks.io <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45241">#45241</a></li> <li>Clarify the use of multiple profile expressions with "spring.config.activate.on-profile" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45224">#45224</a></li> <li>Show the use of token properties in authorization server clients configuration example <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45176">#45176</a></li> <li>Add details of the purpose of the metrics endpoint <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45047">#45047</a></li> <li>Escape the asterisk in spring-application.adoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45033">#45033</a></li> <li>Add reference to Styra (OPA) Spring Boot SDK <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44976">#44976</a></li> <li>Update CDS documentation to cover AOTCache <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44970">#44970</a></li> <li>WebFlux security documentation incorrectly links to servlet classes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44966">#44966</a></li> <li>Replace mentions of deprecated MockBean annotation <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44947">#44947</a></li> <li>TaskExecution documentation should describe what happens when multiple Executor beans are present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44908">#44908</a></li> <li>Documentation lists coordinates for some dependencies that are not actually managed <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44879">#44879</a></li> <li>Polish javadoc of SpringProfileAction <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44826">#44826</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to AspectJ 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45184">#45184</a></li> <li>Upgrade to Couchbase Client 3.7.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45072">#45072</a></li> <li>Upgrade to Hibernate 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45073">#45073</a></li> <li>Upgrade to HttpClient5 5.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45074">#45074</a></li> <li>Upgrade to HttpCore5 5.3.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45075">#45075</a></li> <li>Upgrade to Jaybird 5.0.7.java11 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45076">#45076</a></li> <li>Upgrade to Jetty 12.0.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45077">#45077</a></li> <li>Upgrade to jOOQ 3.19.22 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45078">#45078</a></li> <li>Upgrade to Lombok 1.18.38 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/45079">#45079</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/b882c29bdf607d5d4db910f7fd0161143a1329c7"><code>b882c29</code></a> Release v3.4.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/918066f39ae72de5a6e1bae78c841396e049e5b6"><code>918066f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/ab0c332d9995963d22c202706564be58ff724622"><code>ab0c332</code></a> Next development version (v3.3.12-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/71acf939ace320fbfa35ce48577ba534469dfc90"><code>71acf93</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d2eaac6b60d117c3d10939866c70fce6b945eefd"><code>d2eaac6</code></a> Revert "Upgrade to Netty 4.1.120.Final"</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/d24a38f0f890ef70a07be8236bb9717527f50ba5"><code>d24a38f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/933572ad5e7da2e47d8efc168a86c8cf6105b062"><code>933572a</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/016b3de968b9b9a6319f7bc58abfb1df007bbc4b"><code>016b3de</code></a> Upgrade to Netty 4.1.120.Final</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/46a709a8503c096e2514c8cd17b1a7e7e715e7b2"><code>46a709a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/55f67c9a522647039fd3294dee5cb83f4888160a"><code>55f67c9</code></a> Fix potential null problem in actuator</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.4...v3.4.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
5b34c00237 |
Bump actions/download-artifact from 4.2.1 to 4.3.0 (#3443)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.2.1 to 4.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>feat: implement new <code>artifact-ids</code> input by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li> <li>Fix workflow example for downloading by artifact ID by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/402">actions/download-artifact#402</a></li> <li>Prep for v4.3.0 release by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/404">actions/download-artifact#404</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0">https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/d3f86a106a0bac45b974a628896c90dbdf5c8093"><code>d3f86a1</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/404">#404</a> from actions/robherley/v4.3.0</li> <li><a href="https://github.com/actions/download-artifact/commit/fc02353415da80201a0da48ab47022efd7725d11"><code>fc02353</code></a> prep for v4.3.0 release</li> <li><a href="https://github.com/actions/download-artifact/commit/77454371a433f370a16d329ef7db197f700a7a8f"><code>7745437</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/402">#402</a> from actions/joshmgross/download-by-id-example</li> <li><a href="https://github.com/actions/download-artifact/commit/84fc7a0a358aabc7f97f7f590cbfc25f57e26c6a"><code>84fc7a0</code></a> Remove path filters from Check dist workflow</li> <li><a href="https://github.com/actions/download-artifact/commit/67f2bc382f6ba5ba75812a05909e8c25a366b5fb"><code>67f2bc3</code></a> Fix workflow example for downloading by artifact ID</li> <li><a href="https://github.com/actions/download-artifact/commit/8ea3c2c174f79a56792e9fdd9baad75d27c5d369"><code>8ea3c2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/401">#401</a> from actions/download-by-id</li> <li><a href="https://github.com/actions/download-artifact/commit/d219c630f65d8bd14366a9e2f731cbf854f62258"><code>d219c63</code></a> add supporting unit tests for artifact downloads with ids</li> <li><a href="https://github.com/actions/download-artifact/commit/54124fbd881f8ce794405a06896c93c49c17463e"><code>54124fb</code></a> revert <code>getArtifact()</code> changes - for now we have to list and filter by artifa...</li> <li><a href="https://github.com/actions/download-artifact/commit/b83057b90d3e218abf5c7b1906579eb6c598ae85"><code>b83057b</code></a> bundle</li> <li><a href="https://github.com/actions/download-artifact/commit/171183c7dce98c3cf8a1fc842429d0a38ed21d33"><code>171183c</code></a> use the same <code>artifactClient.getArtifact</code> structure as seen above in `isSingl...</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
1611a82a98 |
Bump github/codeql-action from 3.28.15 to 3.28.16 (#3413)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.15 to 3.28.16. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.16</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.16/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/28deaeda66b76a05916b6923827895f2b14ab387"><code>28deaed</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2865">#2865</a> from github/update-v3.28.16-2a8cbadc0</li> <li><a href="https://github.com/github/codeql-action/commit/03c5d71c11f6cb2c5ba7eef371219a862be30193"><code>03c5d71</code></a> Update changelog for v3.28.16</li> <li><a href="https://github.com/github/codeql-action/commit/2a8cbadc02bb64a7fd15d37c977acbad02496c80"><code>2a8cbad</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2863">#2863</a> from github/update-bundle/codeql-bundle-v2.21.1</li> <li><a href="https://github.com/github/codeql-action/commit/f76eaf51a636a5c1d927998267d92d6475363ace"><code>f76eaf5</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/e63b3f5166c15fda4eb17886f01abe9445dd13f5"><code>e63b3f5</code></a> Update default bundle to codeql-bundle-v2.21.1</li> <li><a href="https://github.com/github/codeql-action/commit/4c3e5362829f0b0bb62ff5f6c938d7f95574c306"><code>4c3e536</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2853">#2853</a> from github/dependabot/npm_and_yarn/npm-7d84c66b66</li> <li><a href="https://github.com/github/codeql-action/commit/56dd02f26d99811d607284494ff84b7d862fe837"><code>56dd02f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2852">#2852</a> from github/dependabot/github_actions/actions-457587...</li> <li><a href="https://github.com/github/codeql-action/commit/192406dd845fb2228fcea74898b98df2a6cdcef6"><code>192406d</code></a> Merge branch 'main' into dependabot/github_actions/actions-4575878e06</li> <li><a href="https://github.com/github/codeql-action/commit/c7dbb2084ed1bb623fbbb3976cd6dbae6daaf1fe"><code>c7dbb20</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2857">#2857</a> from github/nickfyson/address-vulns</li> <li><a href="https://github.com/github/codeql-action/commit/9a45cd8c5025281c30bbb652197ace083c291e49"><code>9a45cd8</code></a> move use of input variables into env vars</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/45775bd8235c68ba998cffa5171334d58593da47...28deaeda66b76a05916b6923827895f2b14ab387">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f5aaa4612a |
Bump org.springframework.session:spring-session-core from 3.4.2 to 3.4.3 (#3412)
Bumps [org.springframework.session:spring-session-core](https://github.com/spring-projects/spring-session) from 3.4.2 to 3.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-session/releases">org.springframework.session:spring-session-core's releases</a>.</em></p> <blockquote> <h2>3.4.3</h2> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump ch-qos-logback from 1.5.16 to 1.5.17 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3345">#3345</a></li> <li>Bump ch-qos-logback from 1.5.17 to 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3354">#3354</a></li> <li>Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3348">#3348</a></li> <li>Bump io.projectreactor:reactor-core from 3.6.14 to 3.6.15 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3349">#3349</a></li> <li>Bump org-slf4j from 2.0.16 to 2.0.17 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3344">#3344</a></li> <li>Bump org-springframework-boot from 3.3.8 to 3.3.9 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3343">#3343</a></li> <li>Bump org-springframework-boot from 3.3.9 to 3.3.10 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3356">#3356</a></li> <li>Bump org.aspectj:aspectjweaver from 1.9.22.1 to 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3350">#3350</a></li> <li>Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.23 to 4.33.24 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3346">#3346</a></li> <li>Bump org.mariadb.jdbc:mariadb-java-client from 3.3.3 to 3.3.4 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3365">#3365</a></li> <li>Bump org.springframework.data:spring-data-bom from 2024.1.3 to 2024.1.4 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3352">#3352</a></li> <li>Bump org.springframework.security:spring-security-bom from 6.4.2 to 6.4.3 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3342">#3342</a></li> <li>Bump org.springframework.security:spring-security-bom from 6.4.3 to 6.4.4 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3353">#3353</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3351">#3351</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3355">#3355</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-session/commit/38b494e8707900997c72dc37120130d61877f78f"><code>38b494e</code></a> Release 3.4.3</li> <li><a href="https://github.com/spring-projects/spring-session/commit/f3536d97d6b2568c0e727173f1abfc23749760e8"><code>f3536d9</code></a> Bump io.projectreactor:reactor-core from 3.6.14 to 3.6.15</li> <li><a href="https://github.com/spring-projects/spring-session/commit/d2528b46ba051f6c37ab820e8ded7de715b0c69b"><code>d2528b4</code></a> Bump org.mariadb.jdbc:mariadb-java-client from 3.3.3 to 3.3.4</li> <li><a href="https://github.com/spring-projects/spring-session/commit/2353d8b3cec4f0ed104c45f10d01acf278fe1dad"><code>2353d8b</code></a> Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19</li> <li><a href="https://github.com/spring-projects/spring-session/commit/1ce75dea70c9b2b7e2d7de76ba6c648d94ef14ac"><code>1ce75de</code></a> Bump org-springframework-boot from 3.3.9 to 3.3.10</li> <li><a href="https://github.com/spring-projects/spring-session/commit/e0efae790d89339ac064888101323bbc69146ca6"><code>e0efae7</code></a> Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-session/commit/98e03e63642ee71baf2f439c28c4f59e1d1740fb"><code>98e03e6</code></a> Bump ch-qos-logback from 1.5.17 to 1.5.18</li> <li><a href="https://github.com/spring-projects/spring-session/commit/e642b66a87593adf794c87e045cb9a14ef4da106"><code>e642b66</code></a> Bump org.springframework.security:spring-security-bom</li> <li><a href="https://github.com/spring-projects/spring-session/commit/64b7df57658c5f808e6d3c30ddc38d76bd6bcce2"><code>64b7df5</code></a> Bump org.springframework.data:spring-data-bom from 2024.1.3 to 2024.1.4</li> <li><a href="https://github.com/spring-projects/spring-session/commit/ae92843e9d6a8d0b4b04814828f9189dc27af001"><code>ae92843</code></a> Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-session/compare/3.4.2...3.4.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
da70980be4 |
Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#3411)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.1 to 3.8.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.8.2</h2> <h2>What's Changed</h2> <ul> <li>install cosign v2 from main in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/186">sigstore/cosign-installer#186</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.2">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/3454372f43399081ed03b604cb2d021dabca52bb"><code>3454372</code></a> install cosign v2 from main (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/186">#186</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/b6ee8f83b9a8b8ef7f46b5a8ff326f488b386693"><code>b6ee8f8</code></a> Bump actions/setup-go from 5.3.0 to 5.4.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/185">#185</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a...3454372f43399081ed03b604cb2d021dabca52bb">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f8dbc05006 |
Bump actions/setup-python from 5.5.0 to 5.6.0 (#3410)
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.5.0 to 5.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p> <blockquote> <h2>v5.6.0</h2> <h2>What's Changed</h2> <ul> <li>Workflow updates related to Ubuntu 20.04 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1065">actions/setup-python#1065</a></li> <li>Fix for Candidate Not Iterable Error by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1082">actions/setup-python#1082</a></li> <li>Upgrade semver and <code>@types/semver</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1091">actions/setup-python#1091</a></li> <li>Upgrade prettier from 2.8.8 to 3.5.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1046">actions/setup-python#1046</a></li> <li>Upgrade ts-jest from 29.1.2 to 29.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1081">actions/setup-python#1081</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v5...v5.6.0">https://github.com/actions/setup-python/compare/v5...v5.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-python/commit/a26af69be951a213d495a4c3e4e4022e16d87065"><code>a26af69</code></a> Bump ts-jest from 29.1.2 to 29.3.2 (<a href="https://redirect.github.com/actions/setup-python/issues/1081">#1081</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/30eafe95483bd95135b7eda0c66a0369af9afdf1"><code>30eafe9</code></a> Bump prettier from 2.8.8 to 3.5.3 (<a href="https://redirect.github.com/actions/setup-python/issues/1046">#1046</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/5d95bc16d4bc83bb56202da9630d84c6f8a2d8f5"><code>5d95bc1</code></a> Bump semver and <code>@types/semver</code> (<a href="https://redirect.github.com/actions/setup-python/issues/1091">#1091</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/6ed2c67c8abe7646815dbd50364eea862d396fd9"><code>6ed2c67</code></a> Fix for Candidate Not Iterable Error (<a href="https://redirect.github.com/actions/setup-python/issues/1082">#1082</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/e348410e00f449ece8581cb8e88be8f0e7712da6"><code>e348410</code></a> Remove Ubuntu 20.04 from workflows due to deprecation from 2025-04-15 (<a href="https://redirect.github.com/actions/setup-python/issues/1065">#1065</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-python/compare/8d9ed9ac5c53483de85588cdf95a591a75ab9f55...a26af69be951a213d495a4c3e4e4022e16d87065">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
119dd23d9a |
Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.4 to 6.4.5 (#3393)
Bumps [org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security) from 6.4.4 to 6.4.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's releases</a>.</em></p> <blockquote> <h2>6.4.5</h2> <h2>⭐ New Features</h2> <ul> <li>Add link to docs zip file to the reference <a href="https://redirect.github.com/spring-projects/spring-security/issues/16799">#16799</a></li> <li>Fix attribute name in <code>http.adoc</code> <a href="https://redirect.github.com/spring-projects/spring-security/issues/16784">#16784</a></li> <li>Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc <a href="https://redirect.github.com/spring-projects/spring-security/issues/16783">#16783</a></li> </ul> <h2>🪲 Bug Fixes</h2> <ul> <li>[Docs] Broken link on Spring MVC Test Integration page <a href="https://redirect.github.com/spring-projects/spring-security/issues/16785">#16785</a></li> <li><code>ServerBearerTokenAuthenticationConverter</code> validates parameters when not enabled <a href="https://redirect.github.com/spring-projects/spring-security/issues/16901">#16901</a></li> <li>Clarify WebInvocationPrivilegeEvaluator JavaDoc <a href="https://redirect.github.com/spring-projects/spring-security/issues/16782">#16782</a></li> <li>CookieServerCsrfTokenRepository.withHttpOnlyFalse() ineffective if setCookieCustomizer() is used <a href="https://redirect.github.com/spring-projects/spring-security/issues/16862">#16862</a></li> <li>Correct closing tag in default PassKey HTML form <a href="https://redirect.github.com/spring-projects/spring-security/pull/16601">#16601</a></li> <li>Fix WebAuthn saves Anonymous PublicKeyCredentialUserEntity <a href="https://redirect.github.com/spring-projects/spring-security/pull/16606">#16606</a></li> <li>OpenSaml support should preserve encrypted elements for further analysis <a href="https://redirect.github.com/spring-projects/spring-security/issues/16367">#16367</a></li> <li>Sorting in AuthorizationAdvisorProxyFactory should be thread-safe <a href="https://redirect.github.com/spring-projects/spring-security/issues/16837">#16837</a></li> <li>WebFlux reference links to Servlet docs <a href="https://redirect.github.com/spring-projects/spring-security/issues/16786">#16786</a></li> <li>XML config does not apply <code>request-handler-ref</code> to <code>CsrfAuthenticationStrategy</code> <a href="https://redirect.github.com/spring-projects/spring-security/issues/16844">#16844</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump ch.qos.logback:logback-classic from 1.5.17 to 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16767">#16767</a></li> <li>Bump io.micrometer:micrometer-observation from 1.14.5 to 1.14.6 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16938">#16938</a></li> <li>Bump io.projectreactor:reactor-bom from 2023.0.16 to 2023.0.17 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16944">#16944</a></li> <li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to 1.0.4 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16919">#16919</a></li> <li>Bump org-aspectj from 1.9.22.1 to 1.9.24 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16928">#16928</a></li> <li>Bump org-eclipse-jetty from 11.0.24 to 11.0.25 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16758">#16758</a></li> <li>Bump org.hibernate.orm:hibernate-core from 6.6.12.Final to 6.6.13.Final <a href="https://redirect.github.com/spring-projects/spring-security/pull/16895">#16895</a></li> <li>Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to 3.2.12 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16960">#16960</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16959">#16959</a></li> </ul> <h2>🔩 Build Updates</h2> <ul> <li>Bump spring-io/spring-doc-actions from 0.0.19 to 0.0.20 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16894">#16894</a></li> <li>Release 6.4.5 <a href="https://redirect.github.com/spring-projects/spring-security/issues/16972">#16972</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/AB-xdev"><code>@AB-xdev</code></a>, <a href="https://github.com/Borghii"><code>@Borghii</code></a>, and <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-security/commit/e8aef09b4fe24337b42dd6556b79523bd550024b"><code>e8aef09</code></a> Release 6.4.5</li> <li><a href="https://github.com/spring-projects/spring-security/commit/f8d417dc03175f3de9cbe372732d80594c891954"><code>f8d417d</code></a> Preserve Encrypted Elements</li> <li><a href="https://github.com/spring-projects/spring-security/commit/79bacf8204f1e01c0c7ecae285b33fbb571460b9"><code>79bacf8</code></a> Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6</li> <li><a href="https://github.com/spring-projects/spring-security/commit/9bcfeab1d68606113d256e1a3defc985866da309"><code>9bcfeab</code></a> Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to 3.2.12</li> <li><a href="https://github.com/spring-projects/spring-security/commit/254c9c9b2d427fe071f5ef4f5af5f1112c6703c2"><code>254c9c9</code></a> Merge branch '6.3.x' into 6.4.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/a5d963387b8fd7d66000f566f6cae77f8cee0f5b"><code>a5d9633</code></a> Bump org.springframework:spring-framework-bom from 6.1.18 to 6.1.19</li> <li><a href="https://github.com/spring-projects/spring-security/commit/e5d9659b8f3a42eff30e1921509fb6ea9bafce26"><code>e5d9659</code></a> Merge branch '6.3.x' into 6.4.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/99c4f58c342cf93e4fe8165dd817aa3be1ba84d0"><code>99c4f58</code></a> Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to 3.2.12</li> <li><a href="https://github.com/spring-projects/spring-security/commit/cb60d8b3ed1de5fe1c0fe13cf6f86299c55b037e"><code>cb60d8b</code></a> Merge branch '6.3.x' into 6.4.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/c1aa99fdd2113a232986e9c3a44673ae752de840"><code>c1aa99f</code></a> Enforce BCrypt password length for new passwords only</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-security/compare/6.4.4...6.4.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
62ec512dda |
Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.1 to 2.12.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.0</h2> <h2>What's Changed</h2> <ol> <li> <p>A new option, <code>disable-sudo-and-containers</code>, is now available to replace the <code>disable-sudo policy</code>, addressing Docker-based privilege escalation (<a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>). More details can be found in this <a href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog post</a>.</p> </li> <li> <p>New detections have been added based on insights from the tj-actions and reviewdog actions incidents.</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0"><code>0634a26</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a> from step-security/rc-20</li> <li><a href="https://github.com/step-security/harden-runner/commit/2e3c5113419044c10e6826351ff7cf7d56cbebe4"><code>2e3c511</code></a> Update action.yml</li> <li><a href="https://github.com/step-security/harden-runner/commit/40873e6a41e9ae4f46268f8ee038b3561bb88504"><code>40873e6</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/484c2799ec63f20b4acc41bcf649dd4003718616"><code>484c279</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/4c8582f45544ce2dafb2cfae82cfbebf0f41bde2"><code>4c8582f</code></a> Update agent versions</li> <li><a href="https://github.com/step-security/harden-runner/commit/e8d595cd66544d43aca8ac7e42a212a5a83b41f8"><code>e8d595c</code></a> fix disable_sudo_and_containers bug</li> <li><a href="https://github.com/step-security/harden-runner/commit/5d277fc8734baba8746d0c18cb0a2594d4692c66"><code>5d277fc</code></a> fix journalctl related bug</li> <li><a href="https://github.com/step-security/harden-runner/commit/ff2ab228bdb9f0c9129169d47dbb2bdf4b8f9b0e"><code>ff2ab22</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a> from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li> <li><a href="https://github.com/step-security/harden-runner/commit/b81d650d0e627a80d0d73d192b33d729507e0ef5"><code>b81d650</code></a> fix: run sudo command only when both disable-sudo and disable-sudo-and-docker...</li> <li><a href="https://github.com/step-security/harden-runner/commit/769df4ef5d6336b33b11e5b0d43934309cf439f6"><code>769df4e</code></a> Update agent</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
a52c81b340 |
Bump org.springframework:spring-jdbc from 6.2.5 to 6.2.6 (#3384)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework) from 6.2.5 to 6.2.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-jdbc's releases</a>.</em></p> <blockquote> <h2>v6.2.6</h2> <h2>⭐ New Features</h2> <ul> <li>An option for SimpleAsyncTaskExecutor to throw an exception when limit is reached <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34727">#34727</a></li> <li>Provide first-class support for Bean Overrides with <code>@ContextHierarchy</code> <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34723">#34723</a></li> <li>Micro performance optimizations <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34717">#34717</a></li> <li>Suppress "Unable to rollback against JDBC Connection" in case of timeout (connection closed) <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34714">#34714</a></li> <li>Avoid early FactoryBean instantiation for type-based retrieval with includeNonSingletons=false and allowEagerInit=true <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34710">#34710</a></li> <li>ReactiveCachingHandler still not using error handler on sync cache. <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34708">#34708</a></li> <li>Add an <code>exchangeForRequiredValue</code> variant to <code>RestClient</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34692">#34692</a></li> <li>Recursively boxing Kotlin nested value classes in <code>CoroutinesUtils</code> <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34682">#34682</a></li> <li>ServletServerHttpRequest does not use charset parameter of application/x-www-form-urlencoded <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34675">#34675</a></li> <li>LifecycleGroup concurrent start and start timeout <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34634">#34634</a></li> <li>HibernateJpaDialect exception translation misses concrete exceptions wrapped in Hibernate's ExecutionException <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34633">#34633</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Inconsistency in <code>SseEmitter.onCompletion()</code> behavior between Spring 6.2.3 and 6.2.5 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34762">#34762</a></li> <li>Deadlock while creating Spring beans with parallel bootstrap threads on IBM Liberty <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34729">#34729</a></li> <li><code>PropertyBatchUpdateException</code>: causes of nested <code>PropertyAccessException</code>s not shown in output <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34691">#34691</a></li> <li>IllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34684">#34684</a></li> <li>Change in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34678">#34678</a></li> <li>Startup performance regression due to CGLIB class load attempts in Spring 6.1.x <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34677">#34677</a></li> <li>An infinite wait on a parallel context.getBean() <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34672">#34672</a></li> <li>InvalidObservationException: Invalid start: Observation 'http.client.requests' has already been started <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34671">#34671</a></li> <li><code>@Configuration</code> classes can no longer be <code>abstract</code> without <code>@Bean</code> methods <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34663">#34663</a></li> <li>Generated-code for LinkedHashMap is missing static keyword <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34659">#34659</a></li> <li>Detect late-set primary markers for autowiring shortcut algorithm <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34658">#34658</a></li> <li><code>@MockitoBean</code> with custom <code>@Qualifier</code> is not injected into <code>@Configuration</code> class <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34646">#34646</a></li> <li>Qualifier Resolution Issue in Parent-Child Context Hierarchies <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34644">#34644</a></li> <li>Enforced container-level acknowledge call for custom acknowledgement mode <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34635">#34635</a></li> <li>UriComponentsBuilder does not treat a URN as opaque if it contains a slash <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34588">#34588</a></li> <li>Migrating from Spring 6.1.x to 6.2.x leads to exceptions in a Pekko setup <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34303">#34303</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Update Javadoc for <code>ignoreDependencyInterface()</code> in <code>AbstractAutowireCapableBeanFactory</code> <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34747">#34747</a></li> <li>Update Javadoc to stop mentioning 5.3.x as the status quo <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34740">#34740</a></li> <li>Fix broken link for Server-Sent Events <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34705">#34705</a></li> <li>Fix typo in Bean Validation section of reference manual <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34686">#34686</a></li> <li>Remove unnecessary closing curly brackets in Javadoc <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34679">#34679</a></li> <li>Add javadoc notes on potential exception suppression in <code>ListableBeanFactory#getBeansOfType</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34629">#34629</a></li> <li>Remove remaining references to Forwarded headers in MvcUriComponentsBuilder <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34625">#34625</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/acktsap"><code>@acktsap</code></a>, <a href="https://github.com/dmitrysulman"><code>@dmitrysulman</code></a>, <a href="https://github.com/iggzq"><code>@iggzq</code></a>, <a href="https://github.com/izeye"><code>@izeye</code></a>, <a href="https://github.com/ngocnhan-tran1996"><code>@ngocnhan-tran1996</code></a>, <a href="https://github.com/obourgain"><code>@obourgain</code></a>, and <a href="https://github.com/tobias-haenel"><code>@tobias-haenel</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-framework/commit/90f9c0929b8cfee22f715834d53903d492309f42"><code>90f9c09</code></a> Release v6.2.6</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/f40d98668da2cb91df22a508dc0b22c3ec91aba2"><code>f40d986</code></a> Revise configuration for javadoc Gradle tasks</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/9c13c6b695ac70cd4288016815105d0a694b62fb"><code>9c13c6b</code></a> Revert "Use optimistic locking where possible in <code>ResponseBodyEmitter</code>"</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/b49924ba37d588afc0c5232290f5a6726115c10b"><code>b49924b</code></a> Revert "Fix handling of timeout in SseEmitter"</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/7b8c1040773ab6537acc5c74964f9d8b6563c5f8"><code>7b8c104</code></a> Upgrade to github-changelog-generator 0.0.12</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/8f62a8f579c31aaa9fd7a2b16e6ba414d3e9163c"><code>8f62a8f</code></a> Suppress recently introduced warning</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/d0966dfb58056d2e955b555d38993bf65dac41e7"><code>d0966df</code></a> Revise contribution</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/bb45a3ae69c8068b72ce939e16df46c7dc8bb1cd"><code>bb45a3a</code></a> Update AbstractAutowireCapableBeanFactory.ignoreDependencyInterface() Javadoc</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/7095f4cb664f7fcf033dde84325eda83d67ece70"><code>7095f4c</code></a> Use proper casing for parameter and variable names</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/a22d204681c575c3f61c325d205a96fb92ea8e7a"><code>a22d204</code></a> Remove duplicate words in Java source code</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-framework/compare/v6.2.5...v6.2.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
c959b35639 |
Bump org.springframework:spring-webmvc from 6.2.5 to 6.2.6 (#3385)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.2.5 to 6.2.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-webmvc's releases</a>.</em></p> <blockquote> <h2>v6.2.6</h2> <h2>⭐ New Features</h2> <ul> <li>An option for SimpleAsyncTaskExecutor to throw an exception when limit is reached <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34727">#34727</a></li> <li>Provide first-class support for Bean Overrides with <code>@ContextHierarchy</code> <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34723">#34723</a></li> <li>Micro performance optimizations <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34717">#34717</a></li> <li>Suppress "Unable to rollback against JDBC Connection" in case of timeout (connection closed) <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34714">#34714</a></li> <li>Avoid early FactoryBean instantiation for type-based retrieval with includeNonSingletons=false and allowEagerInit=true <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34710">#34710</a></li> <li>ReactiveCachingHandler still not using error handler on sync cache. <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34708">#34708</a></li> <li>Add an <code>exchangeForRequiredValue</code> variant to <code>RestClient</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34692">#34692</a></li> <li>Recursively boxing Kotlin nested value classes in <code>CoroutinesUtils</code> <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34682">#34682</a></li> <li>ServletServerHttpRequest does not use charset parameter of application/x-www-form-urlencoded <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34675">#34675</a></li> <li>LifecycleGroup concurrent start and start timeout <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34634">#34634</a></li> <li>HibernateJpaDialect exception translation misses concrete exceptions wrapped in Hibernate's ExecutionException <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34633">#34633</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Inconsistency in <code>SseEmitter.onCompletion()</code> behavior between Spring 6.2.3 and 6.2.5 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34762">#34762</a></li> <li>Deadlock while creating Spring beans with parallel bootstrap threads on IBM Liberty <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34729">#34729</a></li> <li><code>PropertyBatchUpdateException</code>: causes of nested <code>PropertyAccessException</code>s not shown in output <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34691">#34691</a></li> <li>IllegalAccessError for package-private member of AzureStorageConfiguration on WebSphere <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34684">#34684</a></li> <li>Change in Jar usecache behavior with Spring 6.1.x causing java.lang.IllegalStateException: zip file closed <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34678">#34678</a></li> <li>Startup performance regression due to CGLIB class load attempts in Spring 6.1.x <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34677">#34677</a></li> <li>An infinite wait on a parallel context.getBean() <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34672">#34672</a></li> <li>InvalidObservationException: Invalid start: Observation 'http.client.requests' has already been started <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34671">#34671</a></li> <li><code>@Configuration</code> classes can no longer be <code>abstract</code> without <code>@Bean</code> methods <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34663">#34663</a></li> <li>Generated-code for LinkedHashMap is missing static keyword <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34659">#34659</a></li> <li>Detect late-set primary markers for autowiring shortcut algorithm <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34658">#34658</a></li> <li><code>@MockitoBean</code> with custom <code>@Qualifier</code> is not injected into <code>@Configuration</code> class <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34646">#34646</a></li> <li>Qualifier Resolution Issue in Parent-Child Context Hierarchies <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34644">#34644</a></li> <li>Enforced container-level acknowledge call for custom acknowledgement mode <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34635">#34635</a></li> <li>UriComponentsBuilder does not treat a URN as opaque if it contains a slash <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34588">#34588</a></li> <li>Migrating from Spring 6.1.x to 6.2.x leads to exceptions in a Pekko setup <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34303">#34303</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Update Javadoc for <code>ignoreDependencyInterface()</code> in <code>AbstractAutowireCapableBeanFactory</code> <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34747">#34747</a></li> <li>Update Javadoc to stop mentioning 5.3.x as the status quo <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34740">#34740</a></li> <li>Fix broken link for Server-Sent Events <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34705">#34705</a></li> <li>Fix typo in Bean Validation section of reference manual <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34686">#34686</a></li> <li>Remove unnecessary closing curly brackets in Javadoc <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34679">#34679</a></li> <li>Add javadoc notes on potential exception suppression in <code>ListableBeanFactory#getBeansOfType</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34629">#34629</a></li> <li>Remove remaining references to Forwarded headers in MvcUriComponentsBuilder <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34625">#34625</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/acktsap"><code>@acktsap</code></a>, <a href="https://github.com/dmitrysulman"><code>@dmitrysulman</code></a>, <a href="https://github.com/iggzq"><code>@iggzq</code></a>, <a href="https://github.com/izeye"><code>@izeye</code></a>, <a href="https://github.com/ngocnhan-tran1996"><code>@ngocnhan-tran1996</code></a>, <a href="https://github.com/obourgain"><code>@obourgain</code></a>, and <a href="https://github.com/tobias-haenel"><code>@tobias-haenel</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-framework/commit/90f9c0929b8cfee22f715834d53903d492309f42"><code>90f9c09</code></a> Release v6.2.6</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/f40d98668da2cb91df22a508dc0b22c3ec91aba2"><code>f40d986</code></a> Revise configuration for javadoc Gradle tasks</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/9c13c6b695ac70cd4288016815105d0a694b62fb"><code>9c13c6b</code></a> Revert "Use optimistic locking where possible in <code>ResponseBodyEmitter</code>"</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/b49924ba37d588afc0c5232290f5a6726115c10b"><code>b49924b</code></a> Revert "Fix handling of timeout in SseEmitter"</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/7b8c1040773ab6537acc5c74964f9d8b6563c5f8"><code>7b8c104</code></a> Upgrade to github-changelog-generator 0.0.12</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/8f62a8f579c31aaa9fd7a2b16e6ba414d3e9163c"><code>8f62a8f</code></a> Suppress recently introduced warning</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/d0966dfb58056d2e955b555d38993bf65dac41e7"><code>d0966df</code></a> Revise contribution</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/bb45a3ae69c8068b72ce939e16df46c7dc8bb1cd"><code>bb45a3a</code></a> Update AbstractAutowireCapableBeanFactory.ignoreDependencyInterface() Javadoc</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/7095f4cb664f7fcf033dde84325eda83d67ece70"><code>7095f4c</code></a> Use proper casing for parameter and variable names</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/a22d204681c575c3f61c325d205a96fb92ea8e7a"><code>a22d204</code></a> Remove duplicate words in Java source code</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-framework/compare/v6.2.5...v6.2.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
66b234f1df |
Bump com.fathzer:javaluator from 3.0.5 to 3.0.6 (#3386)
Bumps [com.fathzer:javaluator](https://github.com/fathzer/javaluator) from 3.0.5 to 3.0.6. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/fathzer/javaluator/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
1c27944329 |
Bump io.micrometer:micrometer-core from 1.14.5 to 1.14.6 (#3353)
Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.14.5 to 1.14.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's releases</a>.</em></p> <blockquote> <h2>1.14.6</h2> <h2>🐞 Bug Fixes</h2> <ul> <li>Gauge double registration warning for Kafka metrics <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5757">#5757</a></li> <li>Log warning about "function" meter re-registration <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/6070">#6070</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/izeye"><code>@izeye</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/c3f3a809266bcf640537ecb1d68128ddc90d5640"><code>c3f3a80</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/fa523b1549ef38f44966c27ac921592196f09d3f"><code>fa523b1</code></a> Bump io.micrometer:context-propagation from 1.1.2 to 1.1.3 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6115">#6115</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/d5f3d348ef7e147f3cf59866ba217f1dc0d4901d"><code>d5f3d34</code></a> Bump org.junit:junit-bom from 5.12.1 to 5.12.2 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6111">#6111</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/9ebcde19324db5cbe2b347145bc250ea02c669ab"><code>9ebcde1</code></a> Bump com.netflix.spectator:spectator-reg-atlas from 1.8.9 to 1.8.10 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6112">#6112</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/0ae9b47ecc16dfc3a0dd3d6b309b5e907ae197d0"><code>0ae9b47</code></a> Bump org.junit:junit-bom from 5.12.1 to 5.12.2 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6107">#6107</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/d0e70fc69df111679b9ca0f83f3866da49b87a31"><code>d0e70fc</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/3b2270c885c27c3453b67631ccc2ac5be878ad6a"><code>3b2270c</code></a> Bump uk.org.webcompere:system-stubs-jupiter from 2.1.7 to 2.1.8 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6096">#6096</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/f62f2eeea6aaf71a87703b759ad1e1afc80f0ceb"><code>f62f2ee</code></a> Bump uk.org.webcompere:system-stubs-jupiter from 2.1.7 to 2.1.8 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6094">#6094</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/53b9a3511a3e999b53a2408cf10f81fccca16bab"><code>53b9a35</code></a> Replace deprecated Project.task() (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6092">#6092</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/0ebdd7d5bbc1c0cb943e5cbd997a3147e3da125b"><code>0ebdd7d</code></a> Bump com.netflix.spectator:spectator-reg-atlas from 1.8.8 to 1.8.9 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/6091">#6091</a>)</li> <li>Additional commits viewable in <a href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.5...v1.14.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
7e726f8ac9 |
Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#3341)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps commons-io:commons-io from 2.18.0 to 2.19.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d47dbef41e |
Bump com.diffplug.spotless from 7.0.2 to 7.0.3 (#3340)
Bumps com.diffplug.spotless from 7.0.2 to 7.0.3. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
fd34782bcc |
Bump actions/setup-java from 4.7.0 to 4.7.1 (#3339)
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.7.0 to 4.7.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v4.7.1</h2> <h2>What's Changed</h2> <h3>Documentation changes</h3> <ul> <li>Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Align with GFTC License Terms by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li> <li>Remove duplicated GraalVM section in documentation by <a href="https://github.com/Marcono1234"><code>@Marcono1234</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li> </ul> <h3>Dependency updates:</h3> <ul> <li>Upgrade <code>@action/cache</code> from 4.0.0 to 4.0.2 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li> <li>Upgrade <code>@actions/glob</code> from 0.4.0 to 0.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li> <li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li> <li>Upgrade <code>@action/cache</code> to 4.0.3 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/c5195efecf7bdfc987ee8bae7a71cb8b11521c00"><code>c5195ef</code></a> actions/cache upgrade to 4.0.3 (<a href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/dd38875f930accc291b5816356a21f72056c0b70"><code>dd38875</code></a> Bump ts-jest from 29.1.2 to 29.2.5 (<a href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/148017a9b0c6af80330bcc5db11d1c670d2e7074"><code>148017a</code></a> Bump <code>@actions/glob</code> from 0.4.0 to 0.5.0 (<a href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/3b6c050358614dd082e53cdbc55580431fc4e437"><code>3b6c050</code></a> Remove duplicated GraalVM section in documentation (<a href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/b8ebb8ba1d9655f7f159c0a8b8135606ae11b5c9"><code>b8ebb8b</code></a> upgrade <code>@action/cache</code> from 4.0.0 to 4.0.2 (<a href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/799ee7c97e9721ef38d1a7e8486c39753b9d6102"><code>799ee7c</code></a> Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Ali...</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12...c5195efecf7bdfc987ee8bae7a71cb8b11521c00">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
606451a589 |
Bump github/codeql-action from 3.28.13 to 3.28.15 (#3303)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.13 to 3.28.15. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.15</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.15/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.14</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.14/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/45775bd8235c68ba998cffa5171334d58593da47"><code>45775bd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2854">#2854</a> from github/update-v3.28.15-a35ae8c38</li> <li><a href="https://github.com/github/codeql-action/commit/dd78aab4078b17a672a66d6a80a990beb672ede1"><code>dd78aab</code></a> Update CHANGELOG.md with bug fix details</li> <li><a href="https://github.com/github/codeql-action/commit/e40af591743761de70080085b4e6ce37f7f6e657"><code>e40af59</code></a> Update changelog for v3.28.15</li> <li><a href="https://github.com/github/codeql-action/commit/a35ae8c380fa35365cd546f9a397a46f60dd82cf"><code>a35ae8c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2843">#2843</a> from github/cklin/diff-informed-compat</li> <li><a href="https://github.com/github/codeql-action/commit/bb59df6c174a91d88eec1c48f2ab0ef7b5f96e99"><code>bb59df6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2842">#2842</a> from github/henrymercer/zip64</li> <li><a href="https://github.com/github/codeql-action/commit/4b508f59648bef88ef72c74f1ffff531fda55ea8"><code>4b508f5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2845">#2845</a> from github/mergeback/v3.28.14-to-main-fc7e4a0f</li> <li><a href="https://github.com/github/codeql-action/commit/ca00afb5f1457cf1c85da6cda07d73e720ff061a"><code>ca00afb</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/2969c78ce0262bf75658058604498d2b4bdb0b9b"><code>2969c78</code></a> Update changelog and version after v3.28.14</li> <li><a href="https://github.com/github/codeql-action/commit/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2"><code>fc7e4a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2844">#2844</a> from github/update-v3.28.14-362ef4ce2</li> <li><a href="https://github.com/github/codeql-action/commit/be0175c800fe14dd962aaa2c97f55371f6f95b35"><code>be0175c</code></a> Update changelog for v3.28.14</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/1b549b9259bda1cb5ddde3b41741a82a2d15a841...45775bd8235c68ba998cffa5171334d58593da47">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
076a2d5e6a |
Bump actions/create-github-app-token from 1.12.0 to 2.0.2 (#3304)
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.12.0 to 2.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v2.0.2</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v2.0.1...v2.0.2">2.0.2</a> (2025-04-03)</h2> <h3>Bug Fixes</h3> <ul> <li>improve log messages for token creation (<a href="https://redirect.github.com/actions/create-github-app-token/issues/226">#226</a>) (<a href="https://github.com/actions/create-github-app-token/commit/eaef29498fbc63724aabd0a6e832efd41baf2cc7">eaef294</a>)</li> </ul> <h2>v2.0.1</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v2.0.0...v2.0.1">2.0.1</a> (2025-04-03)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> bump the production-dependencies group across 1 directory with 2 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/228">#228</a>) (<a href="https://github.com/actions/create-github-app-token/commit/2411bfc7923448badb7a1faf23017f382e0fb895">2411bfc</a>)</li> </ul> <h2>v2.0.0</h2> <h1><a href="https://github.com/actions/create-github-app-token/compare/v1.12.0...v2.0.0">2.0.0</a> (2025-04-03)</h1> <ul> <li>feat!: remove deprecated inputs (<a href="https://redirect.github.com/actions/create-github-app-token/issues/213">#213</a>) (<a href="https://github.com/actions/create-github-app-token/commit/5cc811bc40176329bb642bff9e5d9e356099ad2a">5cc811b</a>)</li> </ul> <h3>BREAKING CHANGES</h3> <ul> <li>Removed deprecated inputs (<code>app_id</code>, <code>private_key</code>, <code>skip_token_revoke</code>) and made <code>app-id</code> and <code>private-key</code> required in the action configuration.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5"><code>3ff1caa</code></a> build(release): 2.0.2 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/eaef29498fbc63724aabd0a6e832efd41baf2cc7"><code>eaef294</code></a> fix: improve log messages for token creation (<a href="https://redirect.github.com/actions/create-github-app-token/issues/226">#226</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/86e24964d68ec4c8b52e8e73e2592920edeef469"><code>86e2496</code></a> build(release): 2.0.1 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/2411bfc7923448badb7a1faf23017f382e0fb895"><code>2411bfc</code></a> fix(deps): bump the production-dependencies group across 1 directory with 2 u...</li> <li><a href="https://github.com/actions/create-github-app-token/commit/f17d09a7b5793a4b0dc1a459bbf5edf546efc2a6"><code>f17d09a</code></a> build(deps-dev): bump the development-dependencies group with 3 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/225">#225</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/e250d17c7aa1d7a66d86612292ee003805805f23"><code>e250d17</code></a> ci(update-permission-inputs): add permissions (<a href="https://redirect.github.com/actions/create-github-app-token/issues/230">#230</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/ed258b491a44c74d929fca53dd9bdda60715a176"><code>ed258b4</code></a> Rename workflow</li> <li><a href="https://github.com/actions/create-github-app-token/commit/5c652ca715a5ee7310cdd4924fdad2fa34e49f85"><code>5c652ca</code></a> Update update-inputs.yml</li> <li><a href="https://github.com/actions/create-github-app-token/commit/60ee75db786fa4aab3e3f79d4f9a89671e5c05cc"><code>60ee75d</code></a> ci(update-inputs): create initial version (<a href="https://redirect.github.com/actions/create-github-app-token/issues/229">#229</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/064492a9a1762067169d50c792a7dc02bc3d1254"><code>064492a</code></a> build(release): 2.0.0 [skip ci]</li> <li>Additional commits viewable in <a href="https://github.com/actions/create-github-app-token/compare/d72941d797fd3113feb6b93fd0dec494b13a2547...3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
85b0f61f92 |
Bump actions/dependency-review-action from 4.5.0 to 4.6.0 (#3286)
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.5.0 to 4.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's releases</a>.</em></p> <blockquote> <h2>v4.6.0</h2> <h2>What's Changed</h2> <ul> <li>Updating multiple dependency versions by <a href="https://github.com/Ahmed3lmallah"><code>@Ahmed3lmallah</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/870">actions/dependency-review-action#870</a></li> <li>Grouping minor and patch dependabot updates to lessen the number of PRs by <a href="https://github.com/Ahmed3lmallah"><code>@Ahmed3lmallah</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/876">actions/dependency-review-action#876</a></li> <li>Bump actions/stale from 9.0.0 to 9.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/878">actions/dependency-review-action#878</a></li> <li>Bump undici from 5.28.4 to 5.28.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/877">actions/dependency-review-action#877</a></li> <li>DR Action should link to the proxima stamp when appropriate in error messages by <a href="https://github.com/AshelyTC"><code>@AshelyTC</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/891">actions/dependency-review-action#891</a></li> <li>Allow deny package removal by <a href="https://github.com/ellenfieldn"><code>@ellenfieldn</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/888">actions/dependency-review-action#888</a></li> <li>Fix typos by <a href="https://github.com/omahs"><code>@omahs</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/893">actions/dependency-review-action#893</a></li> <li>Bump esbuild from 0.19.5 to 0.25.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/900">actions/dependency-review-action#900</a></li> <li>Bump octokit and related dependencies by <a href="https://github.com/RomanIakovlev"><code>@RomanIakovlev</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/904">actions/dependency-review-action#904</a></li> <li>Bump <code>@babel/helpers</code> from 7.23.2 to 7.26.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/905">actions/dependency-review-action#905</a></li> <li>Bump <code>@octokit/plugin-paginate-rest</code> from 9.1.5 to 9.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/899">actions/dependency-review-action#899</a></li> <li>Update transitive dependency spdx-license-ids by <a href="https://github.com/ailox"><code>@ailox</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/855">actions/dependency-review-action#855</a></li> <li>To not print OpenSSF Scorecard section if no dependencies scanned by <a href="https://github.com/fabasoad"><code>@fabasoad</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/884">actions/dependency-review-action#884</a></li> <li>Improve usage of this action in dependency-review.yml by <a href="https://github.com/fabasoad"><code>@fabasoad</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/883">actions/dependency-review-action#883</a></li> <li>Clarify comment-summary-in-pr behaviour by <a href="https://github.com/Pantelis-Santorinios"><code>@Pantelis-Santorinios</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/902">actions/dependency-review-action#902</a></li> <li>Prepare 4.6.0 Release candidate by <a href="https://github.com/brrygrdn"><code>@brrygrdn</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/910">actions/dependency-review-action#910</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/AshelyTC"><code>@AshelyTC</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/891">actions/dependency-review-action#891</a></li> <li><a href="https://github.com/ellenfieldn"><code>@ellenfieldn</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/888">actions/dependency-review-action#888</a></li> <li><a href="https://github.com/omahs"><code>@omahs</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/893">actions/dependency-review-action#893</a></li> <li><a href="https://github.com/RomanIakovlev"><code>@RomanIakovlev</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/904">actions/dependency-review-action#904</a></li> <li><a href="https://github.com/ailox"><code>@ailox</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/855">actions/dependency-review-action#855</a></li> <li><a href="https://github.com/fabasoad"><code>@fabasoad</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/884">actions/dependency-review-action#884</a></li> <li><a href="https://github.com/Pantelis-Santorinios"><code>@Pantelis-Santorinios</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/902">actions/dependency-review-action#902</a></li> <li><a href="https://github.com/brrygrdn"><code>@brrygrdn</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/910">actions/dependency-review-action#910</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0">https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/dependency-review-action/commit/ce3cf9537a52e8119d91fd484ab5b8a807627bf8"><code>ce3cf95</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/910">#910</a> from actions/brrygrdn/4.6.0-release-candidate</li> <li><a href="https://github.com/actions/dependency-review-action/commit/479b69732e832663bc5bcaf0bdba115749c8a9bd"><code>479b697</code></a> Prepare 4.6.0</li> <li><a href="https://github.com/actions/dependency-review-action/commit/aee95908eac366b40b414329f8ba60a3bfc71d5d"><code>aee9590</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/902">#902</a> from Pantelis-Santorinios/patch-1</li> <li><a href="https://github.com/actions/dependency-review-action/commit/080ada628110c1782e56d699fdba17f860641e49"><code>080ada6</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/883">#883</a> from fabasoad/fix/ci</li> <li><a href="https://github.com/actions/dependency-review-action/commit/430e5f0bbfde79de0a811466e75d015791b742f4"><code>430e5f0</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/884">#884</a> from fabasoad/fix/863</li> <li><a href="https://github.com/actions/dependency-review-action/commit/51699b6461ee529b8c1e077ff5e7de2dbed5e1ac"><code>51699b6</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/855">#855</a> from ailox/ailox/fix/invalid-new-licenses</li> <li><a href="https://github.com/actions/dependency-review-action/commit/ac9b193bebc6a308717bebfeaedd0204c20b693c"><code>ac9b193</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/899">#899</a> from actions/dependabot/npm_and_yarn/octokit/plugin-p...</li> <li><a href="https://github.com/actions/dependency-review-action/commit/d630451aa0e2431936e97ac48fe650bd35af14ae"><code>d630451</code></a> Pin <code>@octokit/types</code> version for compatibility</li> <li><a href="https://github.com/actions/dependency-review-action/commit/c8dafca32b571835e7a3cf7200e7810364ce7b95"><code>c8dafca</code></a> Add dist for <code>@octokit/plugin-paginate-rest</code> version bump</li> <li><a href="https://github.com/actions/dependency-review-action/commit/bc858b56499582a4d424a0d3a9cc9917dcb9345d"><code>bc858b5</code></a> Bump <code>@octokit/plugin-paginate-rest</code> from 9.1.5 to 9.2.2</li> <li>Additional commits viewable in <a href="https://github.com/actions/dependency-review-action/compare/3b139cfc5fae8b618d3eae3675e383bb1769c019...ce3cf9537a52e8119d91fd484ab5b8a807627bf8">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
2938fcc044 |
Bump step-security/harden-runner from 2.11.0 to 2.11.1 (#3285)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.0 to 2.11.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.1</h2> <h2>What's Changed</h2> <ul> <li>cache: add support for GitHub Actions cache v2 by <a href="https://github.com/h0x0er"><code>@h0x0er</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/c6295a65d1254861815972266d5933fd6e532bdf"><code>c6295a6</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a> from step-security/rc-19</li> <li><a href="https://github.com/step-security/harden-runner/commit/3e118b145bd13a08b2e465cf3a216df0f6c7746e"><code>3e118b1</code></a> Improve error handling</li> <li><a href="https://github.com/step-security/harden-runner/commit/b38e918ba8cf8d08113e53089af0d89429dcc51a"><code>b38e918</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a> from h0x0er/jatin/cache-fix</li> <li><a href="https://github.com/step-security/harden-runner/commit/0664d30cda4109be234d326b54ac1cc6385597a2"><code>0664d30</code></a> cache: added support for cache v2</li> <li><a href="https://github.com/step-security/harden-runner/commit/b131ca5ebfca4930fe6d4a3e82d1e386b4873c94"><code>b131ca5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a> from step-security/fix/security/GHSA-968p-4wvh-cqc8</li> <li><a href="https://github.com/step-security/harden-runner/commit/2dc9579753e01c4033425fcc7b74e652b583ca50"><code>2dc9579</code></a> Address vulnerabilities</li> <li><a href="https://github.com/step-security/harden-runner/commit/f054d811b5b89fde2f954d54dc8622ec3aaab9ab"><code>f054d81</code></a> Update README (<a href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/8a09271fed8277ab7fb02dbb5917c8d0e78323b4"><code>8a09271</code></a> Update Readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/6ec6af7d622602bd852df48848f3cae95c760a48"><code>6ec6af7</code></a> Update readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/539365ba33fd040cf8c4db243b6f0ed3b32c3283"><code>539365b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a> from vorburger/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
30d7053150 |
Bump actions/create-github-app-token from 1.11.7 to 1.12.0 (#3279)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.11.7 to 1.12.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v1.12.0</h2> <h1><a href="https://github.com/actions/create-github-app-token/compare/v1.11.7...v1.12.0">1.12.0</a> (2025-03-27)</h1> <h3>Features</h3> <ul> <li>permissions (<a href="https://redirect.github.com/actions/create-github-app-token/issues/168">#168</a>) (<a href="https://github.com/actions/create-github-app-token/commit/0e0aa99a86bd82ec98421533ae985fef61554361">0e0aa99</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/d72941d797fd3113feb6b93fd0dec494b13a2547"><code>d72941d</code></a> build(release): 1.12.0 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/0e0aa99a86bd82ec98421533ae985fef61554361"><code>0e0aa99</code></a> feat: permissions (<a href="https://redirect.github.com/actions/create-github-app-token/issues/168">#168</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/f5779415062400dd18cb017a69efddabff4ac24c"><code>f577941</code></a> Remove individuals form CODEOWNERS (<a href="https://redirect.github.com/actions/create-github-app-token/issues/215">#215</a>)</li> <li>See full diff in <a href="https://github.com/actions/create-github-app-token/compare/af35edadc00be37caa72ed9f3e6d5f7801bfdf09...d72941d797fd3113feb6b93fd0dec494b13a2547">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d00a082f66 |
Bump actions/setup-python from 5.4.0 to 5.5.0 (#3278)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.4.0 to 5.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p> <blockquote> <h2>v5.5.0</h2> <h2>What's Changed</h2> <h3>Enhancements:</h3> <ul> <li>Support free threaded Python versions like '3.13t' by <a href="https://github.com/colesbury"><code>@colesbury</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/973">actions/setup-python#973</a></li> <li>Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade <code>@action/cache</code> from 4.0.0 to 4.0.3 by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1056">actions/setup-python#1056</a></li> <li>Add support for .tool-versions file in setup-python by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1043">actions/setup-python#1043</a></li> </ul> <h3>Bug fixes:</h3> <ul> <li>Fix architecture for pypy on Linux ARM64 by <a href="https://github.com/mayeut"><code>@mayeut</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1011">actions/setup-python#1011</a> This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.</li> </ul> <h3>Dependency updates:</h3> <ul> <li>Upgrade <code>@vercel/ncc</code> from 0.38.1 to 0.38.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1016">actions/setup-python#1016</a></li> <li>Upgrade <code>@actions/glob</code> from 0.4.0 to 0.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1015">actions/setup-python#1015</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/colesbury"><code>@colesbury</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/973">actions/setup-python#973</a></li> <li><a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/1043">actions/setup-python#1043</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v5...v5.5.0">https://github.com/actions/setup-python/compare/v5...v5.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-python/commit/8d9ed9ac5c53483de85588cdf95a591a75ab9f55"><code>8d9ed9a</code></a> Add e2e Testing for free threaded and Bump <code>@action/cache</code> from 4.0.0 to 4.0.3 ...</li> <li><a href="https://github.com/actions/setup-python/commit/19e4675e06535f6b54e894da5c1f044400bb4996"><code>19e4675</code></a> Add support for .tool-versions file in setup-python (<a href="https://redirect.github.com/actions/setup-python/issues/1043">#1043</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/6fd11e170a18f6ae448d1080a4a63cc987aed84c"><code>6fd11e1</code></a> Bump <code>@actions/glob</code> from 0.4.0 to 0.5.0 (<a href="https://redirect.github.com/actions/setup-python/issues/1015">#1015</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/9e62be81b28222addecf85e47571213eb7680449"><code>9e62be8</code></a> Support free threaded Python versions like '3.13t' (<a href="https://redirect.github.com/actions/setup-python/issues/973">#973</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/6ca8e8598faa206f7140a65ba31b899bebe16f58"><code>6ca8e85</code></a> Bump <code>@vercel/ncc</code> from 0.38.1 to 0.38.3 (<a href="https://redirect.github.com/actions/setup-python/issues/1016">#1016</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/8039c45ed9a312fba91f3399cd0605ba2ebfe93c"><code>8039c45</code></a> fix: install PyPy on Linux ARM64 (<a href="https://redirect.github.com/actions/setup-python/issues/1011">#1011</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-python/compare/42375524e23c412d93fb67b49958b491fce71c38...8d9ed9ac5c53483de85588cdf95a591a75ab9f55">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b1c8166716 |
Bump crazy-max/ghaction-github-labeler from 5.2.0 to 5.3.0 (#3277)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [crazy-max/ghaction-github-labeler](https://github.com/crazy-max/ghaction-github-labeler) from 5.2.0 to 5.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crazy-max/ghaction-github-labeler/releases">crazy-max/ghaction-github-labeler's releases</a>.</em></p> <blockquote> <h2>v5.3.0</h2> <ul> <li>Bump <code>@octokit/plugin-paginate-rest</code> from 9.2.1 to 9.2.2 in <a href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/229">crazy-max/ghaction-github-labeler#229</a></li> <li>Bump <code>@octokit/request</code> from 8.4.0 to 8.4.1 in <a href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/232">crazy-max/ghaction-github-labeler#232</a></li> <li>Bump <code>@octokit/request-error</code> from 5.1.0 to 5.1.1 in <a href="https://redirect.github.com/crazy-max/ghaction-github-labeler/pull/228">crazy-max/ghaction-github-labeler#228</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/crazy-max/ghaction-github-labeler/compare/v5.2.0...v5.3.0">https://github.com/crazy-max/ghaction-github-labeler/compare/v5.2.0...v5.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/24d110aa46a59976b8a7f35518cb7f14f434c916"><code>24d110a</code></a> Merge pull request <a href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/229">#229</a> from crazy-max/dependabot/npm_and_yarn/octokit/plugin...</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/38fb29f900243eb0487a528b6bcbea970fca2f96"><code>38fb29f</code></a> chore: update generated content</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/0113fc2ceb9c7de1c2ca4771bdb816a31f12b1c2"><code>0113fc2</code></a> chore(deps): bump <code>@octokit/plugin-paginate-rest</code> from 9.2.1 to 9.2.2</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/42f774ec78ba04d628e7d09102a2ff4bb200041c"><code>42f774e</code></a> Merge pull request <a href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/228">#228</a> from crazy-max/dependabot/npm_and_yarn/octokit/reques...</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/99839924fa2d67d0ae4c9f40e8d81b53327944ff"><code>9983992</code></a> chore(deps): bump <code>@octokit/request-error</code> from 5.1.0 to 5.1.1</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/32d1878445d7c4da206628cf616d981a4e098428"><code>32d1878</code></a> Merge pull request <a href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/232">#232</a> from crazy-max/dependabot/npm_and_yarn/octokit/reques...</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/3faa84509c32730067031d32c5028c779182fdde"><code>3faa845</code></a> chore: update generated content</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/16efe0430ed4435c8036492cd092bcd865e0f5d7"><code>16efe04</code></a> Merge pull request <a href="https://redirect.github.com/crazy-max/ghaction-github-labeler/issues/233">#233</a> from crazy-max/ci-fix-codecov</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/7f6122ba12c5457004662d0f5af3004313ae6b2a"><code>7f6122b</code></a> ci: fix test workflow</li> <li><a href="https://github.com/crazy-max/ghaction-github-labeler/commit/2ea799d7b8ae2d0bf3516468f26450ef655d2e2c"><code>2ea799d</code></a> chore(deps): bump <code>@octokit/request</code> from 8.4.0 to 8.4.1</li> <li>Additional commits viewable in <a href="https://github.com/crazy-max/ghaction-github-labeler/compare/31674a3852a9074f2086abcf1c53839d466a47e7...24d110aa46a59976b8a7f35518cb7f14f434c916">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
472d0b14db |
Bump gradle/actions from 4.3.0 to 4.3.1 (#3276)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.0 to 4.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <p>This release fixes a couple of minor issues, as well as keeping dependencies up to date.</p> <h2>Fixed issues</h2> <ul> <li>The develocity-allow-untrusted-server parameter should be honoured when fetching short-lived access tokens <a href="https://redirect.github.com/gradle/actions/issues/583">#583</a></li> <li>Build summary may incorrectly report build success <a href="https://redirect.github.com/gradle/actions/issues/415">#415</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Update develocity-injection init script to v1.1.1 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/545">gradle/actions#545</a></li> <li>Bump the github-actions group across 2 directories with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/547">gradle/actions#547</a></li> <li>Bump the npm-dependencies group in /sources with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/548">gradle/actions#548</a></li> <li>Update develocity-injection init script to v1.2 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/550">gradle/actions#550</a></li> <li>Bump the github-actions group across 1 directory with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/552">gradle/actions#552</a></li> <li>Bump the npm-dependencies group across 1 directory with 5 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/558">gradle/actions#558</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/560">gradle/actions#560</a></li> <li>Bump references to Develocity Gradle plugin from 3.19.1 to 3.19.2 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/561">gradle/actions#561</a></li> <li>Catch more build failures in job summary by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/571">gradle/actions#571</a></li> <li>Scope captured build failures by <a href="https://github.com/erichaagdev"><code>@erichaagdev</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li> <li>Ignore SSL certificate validation when fetching Develocity short-lived access token if <code>develocity-allow-untrusted-server</code> is enabled by <a href="https://github.com/remcomokveld"><code>@remcomokveld</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li> <li>Dependency updates by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/579">gradle/actions#579</a></li> <li>Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in /.github/workflow-samples/kotlin-dsl in the gradle group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/580">gradle/actions#580</a></li> <li>Bump the github-actions group across 2 directories with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/582">gradle/actions#582</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/erichaagdev"><code>@erichaagdev</code></a> made their first contribution in <a href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li> <li><a href="https://github.com/remcomokveld"><code>@remcomokveld</code></a> made their first contribution in <a href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.3.0...v4.3.1">https://github.com/gradle/actions/compare/v4.3.0...v4.3.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/06832c7b30a0129d7fb559bcc6e43d26f6374244"><code>06832c7</code></a> Bump the github-actions group across 2 directories with 2 updates</li> <li><a href="https://github.com/gradle/actions/commit/b7b029e5c461bcd4187e3922253a207372ea1d04"><code>b7b029e</code></a> Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in /.github/workflo...</li> <li><a href="https://github.com/gradle/actions/commit/a0bd2ca5cbf6404f68a1a02c2e2741218f894b90"><code>a0bd2ca</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/7974541d55b5d4265df89850a40d5063d2d3036e"><code>7974541</code></a> Dependency updates (<a href="https://redirect.github.com/gradle/actions/issues/579">#579</a>)</li> <li><a href="https://github.com/gradle/actions/commit/a58163930329ccce0ace4389791c82734e52204b"><code>a581639</code></a> Update DSL samples to use test suites</li> <li><a href="https://github.com/gradle/actions/commit/acd2925667ac1dae317b3b2de03ce2d3b5da2205"><code>acd2925</code></a> Update java-toolchain sample to use Kotlin DSL</li> <li><a href="https://github.com/gradle/actions/commit/aa88309fbde788037cd53df497543c8c40e5e2ae"><code>aa88309</code></a> Update gradle-plugin sample to use Kotlin DSL</li> <li><a href="https://github.com/gradle/actions/commit/086c9e4b25c544ef148c374d34a7a844517c740b"><code>086c9e4</code></a> Revert update to eslint-plugin-github</li> <li><a href="https://github.com/gradle/actions/commit/d31b81842d0028028432bad95773235ec859b85c"><code>d31b818</code></a> Update patch file for actions/[email protected]</li> <li><a href="https://github.com/gradle/actions/commit/2778b4a120e9ad2ed71a81933fa2e09c33c15a72"><code>2778b4a</code></a> Bump the npm-dependencies group across 1 directory with 8 updates</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/94baf225fe0a508e581a564467443d0e2379123b...06832c7b30a0129d7fb559bcc6e43d26f6374244">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
e449c05340 |
Bump org.projectlombok:lombok from 1.18.36 to 1.18.38 (#3275)
Bumps [org.projectlombok:lombok](https://github.com/projectlombok/lombok) from 1.18.36 to 1.18.38. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown">org.projectlombok:lombok's changelog</a>.</em></p> <blockquote> <h3>v1.18.38 (March 31st, 2025)</h3> <ul> <li>PLATFORM: JDK24 support added.</li> <li>FEATURE: Lombok's nullity annotation now supports <a href="https://jspecify.dev">JSpecify</a> out of the box, using <a href="https://projectlombok.org/features/configuration">config key</a> <code>jspecify</code>.</li> <li>BUGFIX: Recent eclipse releases would get you 'negative length' error. The bug had always been in lombok but didn't matter until recent releases. [Issue <a href="https://redirect.github.com/projectlombok/lombok/issues/3823">#3823</a>](<a href="https://redirect.github.com/projectlombok/lombok/issues/3823">projectlombok/lombok#3823</a>).</li> <li>BUGFIX: The 'extract local variable' refactor script of VSCode wouldn't replace all occurrences if run on a method call to a lombok generated method. [Issue <a href="https://redirect.github.com/projectlombok/lombok/issues/3783">#3783</a>](<a href="https://redirect.github.com/projectlombok/lombok/issues/3783">projectlombok/lombok#3783</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/projectlombok/lombok/commit/37b7e192c9e46ccafc26d6cab424c93cbcaf95d5"><code>37b7e19</code></a> [release] pre-release version bump for v1.18.38</li> <li><a href="https://github.com/projectlombok/lombok/commit/ec886ae07b077196eceef9bf7176ea3453ddf1ee"><code>ec886ae</code></a> [changelog] Mention fixing of <a href="https://redirect.github.com/projectlombok/lombok/issues/3783">#3783</a> in changelog.</li> <li><a href="https://github.com/projectlombok/lombok/commit/ed0965b5f938240ba13d8c58f4f3443477123fbe"><code>ed0965b</code></a> [docs] Cleaned up use of <code>\<p></code> in maven and edge html.</li> <li><a href="https://github.com/projectlombok/lombok/commit/b7896c5a74de2fa2c4467c21aea5469d6673f197"><code>b7896c5</code></a> <a href="https://redirect.github.com/projectlombok/lombok/issues/3824">#3824</a> Our own 'Comment' ad hoc impl now also needs to provide an impl for `...</li> <li><a href="https://github.com/projectlombok/lombok/commit/8ed8234ac08ddbec9e587d58baf4ddb18c1a46e8"><code>8ed8234</code></a> [unused-code] We kept a ref to the <code>storeEnd</code> in PrettyPrinter but we never u...</li> <li><a href="https://github.com/projectlombok/lombok/commit/975f96f37a2a5344648942aab72daf73db4dcb8c"><code>975f96f</code></a> Merge pull request <a href="https://redirect.github.com/projectlombok/lombok/issues/3856">#3856</a> from mmoayyed/github-workflow-config</li> <li><a href="https://github.com/projectlombok/lombok/commit/77837601a13aab5cb68005bea1ed13e0ad61e8ee"><code>7783760</code></a> Fix github workflow YAML configuration</li> <li><a href="https://github.com/projectlombok/lombok/commit/3aa9779ef41bd9097cf47183df741bec065f2315"><code>3aa9779</code></a> [changelog] Mention fix for eclipse negative length (<a href="https://redirect.github.com/projectlombok/lombok/issues/3823">#3823</a>) in changelog.</li> <li><a href="https://github.com/projectlombok/lombok/commit/f4e5bbb31203e6cf432b76133a2c91a4c4756ba7"><code>f4e5bbb</code></a> [fix <a href="https://redirect.github.com/projectlombok/lombok/issues/3839">#3839</a>] Fixing a mistake in my merge of 3939.</li> <li><a href="https://github.com/projectlombok/lombok/commit/41dfb0d752c5b1b4bc38793a498a2241403497f1"><code>41dfb0d</code></a> [fix <a href="https://redirect.github.com/projectlombok/lombok/issues/3825">#3825</a>] Stub compilation requires all non-core-java classes to be stubbed.</li> <li>Additional commits viewable in <a href="https://github.com/projectlombok/lombok/compare/v1.18.36...v1.18.38">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
c7dda21ae3 |
Bump org.sonarqube from 6.0.1.5171 to 6.1.0.5360 (#3274)
Bumps org.sonarqube from 6.0.1.5171 to 6.1.0.5360. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
948fa5ff6c |
Bump github/codeql-action from 3.28.12 to 3.28.13 (#3239)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.12 to 3.28.13. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.13</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.13/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/1b549b9259bda1cb5ddde3b41741a82a2d15a841"><code>1b549b9</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2819">#2819</a> from github/update-v3.28.13-e0ea14102</li> <li><a href="https://github.com/github/codeql-action/commit/82630c85f38b5b7c2c9cc279f06af77a080fba19"><code>82630c8</code></a> Update changelog for v3.28.13</li> <li><a href="https://github.com/github/codeql-action/commit/e0ea141027937784e3c10ed1679e503fcc2245bc"><code>e0ea141</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2818">#2818</a> from github/cklin/empty-pr-diff-range</li> <li><a href="https://github.com/github/codeql-action/commit/b361a915088c90790a0c458a63a4b63108a9ab0a"><code>b361a91</code></a> Diff-informed analysis: fix empty PR handling</li> <li><a href="https://github.com/github/codeql-action/commit/bd1d9ab4eda903e1b5caa241368836575c6c476b"><code>bd1d9ab</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2816">#2816</a> from github/cklin/overlay-file-list</li> <li><a href="https://github.com/github/codeql-action/commit/b98ae6ca52694a727f4a03c9bf7a52df66492f23"><code>b98ae6c</code></a> Add overlay-database-utils tests</li> <li><a href="https://github.com/github/codeql-action/commit/9825184a0aec625d59c8e5bcc122734a77e38e7b"><code>9825184</code></a> Add getFileOidsUnderPath() tests</li> <li><a href="https://github.com/github/codeql-action/commit/ac67cffe5c20e84b598930c8453336a7404b2786"><code>ac67cff</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2817">#2817</a> from github/cklin/default-setup-diff-informed</li> <li><a href="https://github.com/github/codeql-action/commit/9c674ba4f548f8b6a6f1a7990756e80453894f56"><code>9c674ba</code></a> build: refresh js files</li> <li><a href="https://github.com/github/codeql-action/commit/d109dd5d333ab79c34032e0443e15643c347e966"><code>d109dd5</code></a> Detect PR branches for Default Setup</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/5f8171a638ada777af81d42b55959a643bb29017...1b549b9259bda1cb5ddde3b41741a82a2d15a841">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
2e231feb6a |
Bump ch.qos.logback:logback-core from 1.5.17 to 1.5.18 (#3230)
Bumps [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) from 1.5.17 to 1.5.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-core's releases</a>.</em></p> <blockquote> <h2>Logback 1.5.18</h2> <p><strong>2025-03-18 Release of logback version 1.5.18</strong></p> <p>• Added<a href="https://logback.qos.ch/manual/appenders.html#fileCompression"> support for XZ compression</a> for archived log files. Note that XZ compression requires Tukaani project's <a href="https://tukaani.org/xz/java.html">XZ library</a> for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.</p> <p>• Removed references to <code>java.security.AccessController</code> class. This class has been deprecated for some time and is slated for removal in future JDK versions.</p> <p>• A bit-wise identical binary of this version can be reproduced by building from source code at commit b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag v_1.5.18. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/qos-ch/logback/commit/b2a02f065379a9b1ba5ff837fc08913b744774bc"><code>b2a02f0</code></a> prepare release 1.5.18</li> <li><a href="https://github.com/qos-ch/logback/commit/991de5828b2afc2ddb8fbc7b233bd660096d793f"><code>991de58</code></a> remove references to AccessController marked for deletion in the JDK</li> <li><a href="https://github.com/qos-ch/logback/commit/f54ab16c8436475f16579e887c1305506212ac5a"><code>f54ab16</code></a> If compression mode is XZ but the XZ library is missing, then fallback to GZ ...</li> <li><a href="https://github.com/qos-ch/logback/commit/fb45971e5457296abfcf706322a06563fb3df62a"><code>fb45971</code></a> add support for XZ compression</li> <li><a href="https://github.com/qos-ch/logback/commit/31c1f55a1bf177922cf6a3c609a9d379f12d0693"><code>31c1f55</code></a> add xz compression support with tests</li> <li><a href="https://github.com/qos-ch/logback/commit/8968d0fd43d065f2f0e63b6679e59c89e0c2a8b8"><code>8968d0f</code></a> introduce strategy based compression</li> <li><a href="https://github.com/qos-ch/logback/commit/834059cb64ea8a6ca6e51c78fa0ac2b2797df0ed"><code>834059c</code></a> start work on 1.5.18-SNAPSHOT</li> <li>See full diff in <a href="https://github.com/qos-ch/logback/compare/v_1.5.17...v_1.5.18">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
7a3000b926 |
Bump org.springframework.boot from 3.4.3 to 3.4.4 (#3229)
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.4.3 to 3.4.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade to Groovy 4.0.26 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li> <li>Upgrade to Hibernate 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li> <li>Upgrade to Infinispan 15.0.14.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li> <li>Upgrade to Jackson Bom 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li> <li>Upgrade to Jetty 12.0.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li> <li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li> <li>Upgrade to jOOQ 3.19.21 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li> <li>Upgrade to Logback 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li> <li>Upgrade to Maven Deploy Plugin 3.1.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a> Increase Nexus timeouts</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a> Release v3.4.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a> Next development version (v3.3.11-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a> Upgrade to Spring Framework 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a> Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a> Upgrade to Spring Batch 5.2.2</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a> Improve debuggability of DockerComposeTestExtension</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
1f8b5ce41e |
Bump actions/create-github-app-token from 1.11.6 to 1.11.7 (#3227)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.11.6 to 1.11.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v1.11.7</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v1.11.6...v1.11.7">1.11.7</a> (2025-03-20)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> bump undici from 5.28.4 to 7.5.0 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/214">#214</a>) (<a href="https://github.com/actions/create-github-app-token/commit/a24b46a4626bf0f67abb297b82d863218920d5e2">a24b46a</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/af35edadc00be37caa72ed9f3e6d5f7801bfdf09"><code>af35eda</code></a> build(release): 1.11.7 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/a24b46a4626bf0f67abb297b82d863218920d5e2"><code>a24b46a</code></a> fix(deps): bump undici from 5.28.4 to 7.5.0 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/214">#214</a>)</li> <li>See full diff in <a href="https://github.com/actions/create-github-app-token/compare/21cfef2b496dd8ef5b904c159339626a10ad380e...af35edadc00be37caa72ed9f3e6d5f7801bfdf09">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
fa2a439121 |
Bump github/codeql-action from 3.28.11 to 3.28.12 (#3226)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.11 to 3.28.12. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.12</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.12/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/5f8171a638ada777af81d42b55959a643bb29017"><code>5f8171a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2814">#2814</a> from github/update-v3.28.12-6349095d1</li> <li><a href="https://github.com/github/codeql-action/commit/bb59f7707d836b040802dbdf2ad1a16482d319da"><code>bb59f77</code></a> Update changelog for v3.28.12</li> <li><a href="https://github.com/github/codeql-action/commit/6349095d19ec30397ffb02a63b7aa4f867deb563"><code>6349095</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2810">#2810</a> from github/update-bundle/codeql-bundle-v2.20.7</li> <li><a href="https://github.com/github/codeql-action/commit/d7d03fda1241f6b0b3fae460c9f19c6e887158ad"><code>d7d03fd</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/4e3a5342c5e8e627915b9a29b363f49da8c4a32e"><code>4e3a534</code></a> Update default bundle to codeql-bundle-v2.20.7</li> <li><a href="https://github.com/github/codeql-action/commit/55f023701cfc1e7d11ef2ae0c5ec3193dae4fce4"><code>55f0237</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2802">#2802</a> from github/mbg/dependency-caching/java-buildless</li> <li><a href="https://github.com/github/codeql-action/commit/6a151cd77488e58567da1dcf953e7aeeaca4950c"><code>6a151cd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2811">#2811</a> from github/dependabot/github_actions/actions-c2c311...</li> <li><a href="https://github.com/github/codeql-action/commit/7866bcdb1b15b5d5cba0021b87f36d9f6d977156"><code>7866bcd</code></a> Manually bump workflow to match autogenerated file</li> <li><a href="https://github.com/github/codeql-action/commit/611289e0b0ce1f6fc14820f1b72edaed2de4ba2c"><code>611289e</code></a> build(deps): bump ruby/setup-ruby in the actions group</li> <li><a href="https://github.com/github/codeql-action/commit/4c409a5b664afa7d5b12cd8487e310f286487472"><code>4c409a5</code></a> Remove temporary dependency directory in <code>analyze</code> post action</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/6bb031afdd8eb862ea3fc1848194185e076637e5...5f8171a638ada777af81d42b55959a643bb29017">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f159c62a36 |
Bump actions/download-artifact from 4.1.9 to 4.2.1 (#3225)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.9 to 4.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Add unit tests by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/392">actions/download-artifact#392</a></li> <li>Fix bug introduced in 4.2.0 by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/391">actions/download-artifact#391</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1">https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1</a></p> <h2>v4.2.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/lkfortuna"><code>@lkfortuna</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li> <li>Bump artifact version, do digest check by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lkfortuna"><code>@lkfortuna</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li> <li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0">https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/95815c38cf2ff2164869cbab79da8d1f422bc89e"><code>95815c3</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/391">#391</a> from GhadimiR/main</li> <li><a href="https://github.com/actions/download-artifact/commit/278fca438a0f334c0505181835b4796f2785949b"><code>278fca4</code></a> Move log statements</li> <li><a href="https://github.com/actions/download-artifact/commit/68909842a1073010f1cf920ed7f153e2948f9c16"><code>6890984</code></a> Merge branch 'main' into main</li> <li><a href="https://github.com/actions/download-artifact/commit/f9415c0ec30f02c18e075f091cafcfe4159168d0"><code>f9415c0</code></a> Run unit tests in CI</li> <li><a href="https://github.com/actions/download-artifact/commit/76a6eb5cbca98dccb5e14c0116e53f5df13b220d"><code>76a6eb5</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/392">#392</a> from GhadimiR/add_unit_tests</li> <li><a href="https://github.com/actions/download-artifact/commit/a2426d7c4522072f4d5824c9508d7ea97107cb8e"><code>a2426d7</code></a> Merge branch 'main' into add_unit_tests</li> <li><a href="https://github.com/actions/download-artifact/commit/3ffa694f6f7e3d53f63807f78267796f57911dd4"><code>3ffa694</code></a> lint</li> <li><a href="https://github.com/actions/download-artifact/commit/53f6aa5f93b626e252398abac720a28f6eb048ed"><code>53f6aa5</code></a> Add extra assertion to download single artifact test</li> <li><a href="https://github.com/actions/download-artifact/commit/b456700053c87aa7d6b31d212292755e1e6eb923"><code>b456700</code></a> lint</li> <li><a href="https://github.com/actions/download-artifact/commit/9eab798a9885c1be58a1c4381da1109644016e98"><code>9eab798</code></a> Configure tsconfig</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/cc203385981b70ca67e1cc392babf9cc229d5806...95815c38cf2ff2164869cbab79da8d1f422bc89e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
c6c195e903 |
Bump springBootVersion from 3.4.3 to 3.4.4 (#3224)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps `springBootVersion` from 3.4.3 to 3.4.4. Updates `org.springframework.boot:spring-boot-starter-web` from 3.4.3 to 3.4.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-web's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade to Groovy 4.0.26 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li> <li>Upgrade to Hibernate 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li> <li>Upgrade to Infinispan 15.0.14.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li> <li>Upgrade to Jackson Bom 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li> <li>Upgrade to Jetty 12.0.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li> <li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li> <li>Upgrade to jOOQ 3.19.21 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li> <li>Upgrade to Logback 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li> <li>Upgrade to Maven Deploy Plugin 3.1.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a> Increase Nexus timeouts</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a> Release v3.4.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a> Next development version (v3.3.11-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a> Upgrade to Spring Framework 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a> Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a> Upgrade to Spring Batch 5.2.2</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a> Improve debuggability of DockerComposeTestExtension</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.4.3 to 3.4.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-jetty's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade to Groovy 4.0.26 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li> <li>Upgrade to Hibernate 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li> <li>Upgrade to Infinispan 15.0.14.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li> <li>Upgrade to Jackson Bom 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li> <li>Upgrade to Jetty 12.0.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li> <li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li> <li>Upgrade to jOOQ 3.19.21 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li> <li>Upgrade to Logback 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li> <li>Upgrade to Maven Deploy Plugin 3.1.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a> Increase Nexus timeouts</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a> Release v3.4.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a> Next development version (v3.3.11-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a> Upgrade to Spring Framework 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a> Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a> Upgrade to Spring Batch 5.2.2</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a> Improve debuggability of DockerComposeTestExtension</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.4.3 to 3.4.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-thymeleaf's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade to Groovy 4.0.26 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li> <li>Upgrade to Hibernate 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li> <li>Upgrade to Infinispan 15.0.14.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li> <li>Upgrade to Jackson Bom 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li> <li>Upgrade to Jetty 12.0.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li> <li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li> <li>Upgrade to jOOQ 3.19.21 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li> <li>Upgrade to Logback 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li> <li>Upgrade to Maven Deploy Plugin 3.1.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a> Increase Nexus timeouts</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a> Release v3.4.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a> Next development version (v3.3.11-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a> Upgrade to Spring Framework 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a> Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a> Upgrade to Spring Batch 5.2.2</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a> Improve debuggability of DockerComposeTestExtension</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-security` from 3.4.3 to 3.4.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-security's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade to Groovy 4.0.26 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li> <li>Upgrade to Hibernate 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li> <li>Upgrade to Infinispan 15.0.14.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li> <li>Upgrade to Jackson Bom 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li> <li>Upgrade to Jetty 12.0.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li> <li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li> <li>Upgrade to jOOQ 3.19.21 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li> <li>Upgrade to Logback 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li> <li>Upgrade to Maven Deploy Plugin 3.1.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a> Increase Nexus timeouts</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a> Release v3.4.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a> Next development version (v3.3.11-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a> Upgrade to Spring Framework 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a> Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a> Upgrade to Spring Batch 5.2.2</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a> Improve debuggability of DockerComposeTestExtension</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.4.3 to 3.4.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-data-jpa's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade to Groovy 4.0.26 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li> <li>Upgrade to Hibernate 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li> <li>Upgrade to Infinispan 15.0.14.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li> <li>Upgrade to Jackson Bom 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li> <li>Upgrade to Jetty 12.0.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li> <li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li> <li>Upgrade to jOOQ 3.19.21 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li> <li>Upgrade to Logback 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li> <li>Upgrade to Maven Deploy Plugin 3.1.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a> Increase Nexus timeouts</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a> Release v3.4.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a> Next development version (v3.3.11-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a> Upgrade to Spring Framework 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a> Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a> Upgrade to Spring Batch 5.2.2</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a> Improve debuggability of DockerComposeTestExtension</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-oauth2-client` from 3.4.3 to 3.4.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-oauth2-client's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade to Groovy 4.0.26 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li> <li>Upgrade to Hibernate 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li> <li>Upgrade to Infinispan 15.0.14.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li> <li>Upgrade to Jackson Bom 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li> <li>Upgrade to Jetty 12.0.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li> <li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li> <li>Upgrade to jOOQ 3.19.21 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li> <li>Upgrade to Logback 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li> <li>Upgrade to Maven Deploy Plugin 3.1.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a> Increase Nexus timeouts</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a> Release v3.4.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a> Next development version (v3.3.11-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a> Upgrade to Spring Framework 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a> Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a> Upgrade to Spring Batch 5.2.2</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a> Improve debuggability of DockerComposeTestExtension</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-test` from 3.4.3 to 3.4.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-test's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade to Groovy 4.0.26 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44546">#44546</a></li> <li>Upgrade to Hibernate 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44739">#44739</a></li> <li>Upgrade to Infinispan 15.0.14.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44548">#44548</a></li> <li>Upgrade to Jackson Bom 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44549">#44549</a></li> <li>Upgrade to Jetty 12.0.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44774">#44774</a></li> <li>Upgrade to Jetty Reactive HTTPClient 4.0.9 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44773">#44773</a></li> <li>Upgrade to jOOQ 3.19.21 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44665">#44665</a></li> <li>Upgrade to Logback 1.5.18 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44775">#44775</a></li> <li>Upgrade to Maven Deploy Plugin 3.1.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44552">#44552</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/d4eb5561217be6bd490634fe5254fc4824d8dd87"><code>d4eb556</code></a> Increase Nexus timeouts</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/0226b6a70a3c192a7acb8a4a46dd08b068d8230d"><code>0226b6a</code></a> Release v3.4.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6ba94aebee4595b73a96ea5fc4ae3824ff03173f"><code>6ba94ae</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/36a5936494af6d78556c810da3f18fcfcf193a63"><code>36a5936</code></a> Next development version (v3.3.11-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/375aba6985955a93d5efe3beda8125e58e7ded8e"><code>375aba6</code></a> Upgrade to Spring Framework 6.2.5</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/37e4a3c56652f1e7e29c3073ac1007b5e0b6fd71"><code>37e4a3c</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/99fa21cfbb1c01c27fa09d64c94d514a9e227d64"><code>99fa21c</code></a> Upgrade to asciidoctor-extensions 1.0.0-alpha.17</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f86a6fb16483bf2daf26a40100932a673fdf9ade"><code>f86a6fb</code></a> Upgrade to Spring Batch 5.2.2</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/6567609cbc55dc9a98f9c031e5645e7e36137a7b"><code>6567609</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/80b6c596696ab84b8539ae54ae5d409f43dcd844"><code>80b6c59</code></a> Improve debuggability of DockerComposeTestExtension</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.3...v3.4.4">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-actuator` from 3.4.3 to 3.4.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-actuator's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2>❗ Noteworthy Changes</h2> <p>Tomcat APR support is now disabled by default if you are using Java 24 or higher. This change has been made to prevent JDK from issuing warnings.</p> <p>Please see <a href="https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.4-Release-Notes#tomcat-apr">the updated release notes</a> for details.</p> <h2>🐞 Bug Fixes</h2> <ul> <li>Actuator throws an exception when using prototype scoped DataSource bean <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44706">#44706</a></li> <li>Docker API error message is missing in some cases <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44630">#44630</a></li> <li>DefaultJmsListenerContainerFactoryConfigurer#setObservationRegistry should not be public <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44585">#44585</a></li> <li>When an application contains multiple DataSource beans, EntityManagerFactoryBuilder will default ddl-auto to a value that may only be appropriate for the primary DataSource <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44516">#44516</a></li> <li>When the main class is not proxied, native testing that uses the application's main method does not work <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44481">#44481</a></li> <li>When loading configuration from a Resource, Log4J2LoggingSystem may not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44473">#44473</a></li> <li>When loading from a resource, PemContent does not close the InputStream <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44454">#44454</a></li> <li>ResourceBanner does not close the InputStream used to read the banner <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44452">#44452</a></li> <li>ConfigDataLocationResolvers and PropertySourceLoaders are loaded using a potentially different class loader <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44450">#44450</a></li> <li>Kafka message sending fails with 'class SslBundleSslEngineFactory could not be found' <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44437">#44437</a></li> <li>Kafka in native-image fails when using SSL bundles <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44436">#44436</a></li> <li>Nested test classes don't inherit properties from <code>@DataJpaTest</code> on enclosing class <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44407">#44407</a></li> <li>Failure diagnostics are poor when trying to use an image platform that is not supported by the builder <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44059">#44059</a></li> <li>Checking if APR is available logs a warning on Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44033">#44033</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Multiline properties in documentation are missing backslashes <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44790">#44790</a></li> <li>Polish javadoc of SqlR2dbcScriptDatabaseInitializer <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44764">#44764</a></li> <li>Document support for Java 24 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44754">#44754</a></li> <li>Remove OpenShift link that 404s <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44748">#44748</a></li> <li>Fix link to javadoc for JavaExec.setArgsString <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44536">#44536</a></li> <li>Fix typo in documentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44523">#44523</a></li> <li>Update descriptions of properties that no longer require Flyway Teams <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44483">#44483</a></li> <li>Fix typo in javadoc of CommonStructuredLogFormat#ELASTIC_COMMON_SCHEMA <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44469">#44469</a></li> <li>Samples for metadata annotation processers have invalid fold attribute <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44420">#44420</a></li> <li>Clarify which Mongo properties are ignored when URI property is set <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44404">#44404</a></li> <li>Adapt Javadoc reference of JooqExceptionTranslator to use ExceptionTranslatorExecuteListener <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44402">#44402</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to ActiveMQ 6.1.6 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44663">#44663</a></li> <li>Upgrade to AspectJ 1.9.23 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44720">#44720</a></li> <li>Upgrade t... _Description has been truncated_ Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b2ca702301 |
Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#3223)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.1 to 4.6.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.2</h2> <h2>What's Changed</h2> <ul> <li>Update to use artifact 2.3.2 package & prepare for new upload-artifact release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/ea165f8d65b6e75b540449e92b4886f43607fa02"><code>ea165f8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/685">#685</a> from salmanmkc/salmanmkc/3-new-upload-artifacts-release</li> <li><a href="https://github.com/actions/upload-artifact/commit/08396203c179e13c71b9754ce3472ed71842eec0"><code>0839620</code></a> Prepare for new release of actions/upload-artifact with new toolkit cache ver...</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
902341565d |
Bump ch.qos.logback:logback-classic from 1.5.17 to 1.5.18 (#3222)
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.17 to 1.5.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-classic's releases</a>.</em></p> <blockquote> <h2>Logback 1.5.18</h2> <p><strong>2025-03-18 Release of logback version 1.5.18</strong></p> <p>• Added<a href="https://logback.qos.ch/manual/appenders.html#fileCompression"> support for XZ compression</a> for archived log files. Note that XZ compression requires Tukaani project's <a href="https://tukaani.org/xz/java.html">XZ library</a> for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.</p> <p>• Removed references to <code>java.security.AccessController</code> class. This class has been deprecated for some time and is slated for removal in future JDK versions.</p> <p>• A bit-wise identical binary of this version can be reproduced by building from source code at commit b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag v_1.5.18. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/qos-ch/logback/commit/b2a02f065379a9b1ba5ff837fc08913b744774bc"><code>b2a02f0</code></a> prepare release 1.5.18</li> <li><a href="https://github.com/qos-ch/logback/commit/991de5828b2afc2ddb8fbc7b233bd660096d793f"><code>991de58</code></a> remove references to AccessController marked for deletion in the JDK</li> <li><a href="https://github.com/qos-ch/logback/commit/f54ab16c8436475f16579e887c1305506212ac5a"><code>f54ab16</code></a> If compression mode is XZ but the XZ library is missing, then fallback to GZ ...</li> <li><a href="https://github.com/qos-ch/logback/commit/fb45971e5457296abfcf706322a06563fb3df62a"><code>fb45971</code></a> add support for XZ compression</li> <li><a href="https://github.com/qos-ch/logback/commit/31c1f55a1bf177922cf6a3c609a9d379f12d0693"><code>31c1f55</code></a> add xz compression support with tests</li> <li><a href="https://github.com/qos-ch/logback/commit/8968d0fd43d065f2f0e63b6679e59c89e0c2a8b8"><code>8968d0f</code></a> introduce strategy based compression</li> <li><a href="https://github.com/qos-ch/logback/commit/834059cb64ea8a6ca6e51c78fa0ac2b2797df0ed"><code>834059c</code></a> start work on 1.5.18-SNAPSHOT</li> <li>See full diff in <a href="https://github.com/qos-ch/logback/compare/v_1.5.17...v_1.5.18">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
40fa725578 |
Bump org.springframework:spring-jdbc from 6.2.3 to 6.2.4 (#3189)
Bumps [org.springframework:spring-jdbc](https://github.com/spring-projects/spring-framework) from 6.2.3 to 6.2.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-jdbc's releases</a>.</em></p> <blockquote> <h2>v6.2.4</h2> <h2>⭐ New Features</h2> <ul> <li>JettyCoreHttpHandlerAdapter compatibility with Jetty 12.0.17 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34561">#34561</a></li> <li>HandlerMethodValidationException.Visitor should support RequestBody with method parameter constraints <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34549">#34549</a></li> <li>Allow <code>ContentResultMatchersDsl</code> matchers for supertypes of the checked type <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34542">#34542</a></li> <li>Avoid <code>JarURLConnection</code> resource leak in <code>AbstractFileResolvingResource.exists()</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34528">#34528</a></li> <li>Deprecate <code>rowsExpected</code> property of <code>SqlQuery</code> for removal <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34526">#34526</a></li> <li>Supply <code>RuntimeHints</code> to an <code>AotContextLoader</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34513">#34513</a></li> <li>Deprecate and remove use of UrlPathHelper in ServletWebSocketHandlerRegistry <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34508">#34508</a></li> <li>Avoid unnecessary CGLIB processing on configuration classes <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34486">#34486</a></li> <li>Inconsistent default class loaders in hint classes <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34470">#34470</a></li> <li>Add missing converters to <code>DefaultRestClientBuilder</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34439">#34439</a></li> <li>Improve <code>BeanFactory</code>/<code>ObjectProvider</code> to select the only one default candidate among non-default candidates <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34432">#34432</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li><code>MockCookie.parse()</code> fails to parse custom attribute with a value <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34575">#34575</a></li> <li><code>BeanNotOfRequiredTypeException</code> if <code>@Bean</code> factory method returns <code>null</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34543">#34543</a></li> <li>Regression in 6.2.3: No unique bean available for injection point with unresolvable generics <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34541">#34541</a></li> <li>GenericConversionService cannot find a converter when converting to a Kotlin list of maps <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34535">#34535</a></li> <li>isClientDisconnectedException needs to protect against null input <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34533">#34533</a></li> <li>spring boot 3.4.3 + TimedAspect causes thread to hang <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34522">#34522</a></li> <li>Missing Partitioned cookie support in reactive HTTP clients <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34521">#34521</a></li> <li>DefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34514">#34514</a></li> <li>FileSystemResource location does not end with slash for RouterFunction check <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34509">#34509</a></li> <li>AbstractJackson2HttpMessageConverter not resolving generic type for request body since 6.2.3 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34504">#34504</a></li> <li>Request param handling in HttpRequestValues overrides existing URI variables with same name <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34499">#34499</a></li> <li>MockHttpServletResponse - handle multiple values for Content-Language header <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34488">#34488</a></li> <li>Endless loop with DataSourceUtils in spring-jdbc <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34484">#34484</a></li> <li>MockHttpServletResponse#setHeader does not remove header for null values <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34464">#34464</a></li> <li>ContentCachingResponseWrapper.setHeader does not handle null value properly. <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34460">#34460</a></li> <li>Component scan fails to find bean candidates in the embedded jar file in META-INF/context.xml for embedded Tomcat application <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34446">#34446</a></li> <li>6.2.0 broke with "Could not register object [<code>@someHash</code>] under bean name 'blabla': there is already object [<code>@sameHash</code>] bound" <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34427">#34427</a></li> <li>503 status code after completing SseEmitter in onTimeout <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34426">#34426</a></li> <li><code>NullPointerException</code> thrown when <code>ConfigurationClassEnhancer</code> creates CGLIB proxy <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34423">#34423</a></li> <li>Add onRequest() hook for propagating request from downstream <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34388">#34388</a></li> <li>Content-Type response header duplicated for failed StreamingResponseBody return value <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34366">#34366</a></li> <li>Task scheduler configured by XML is not eligible for getting processed by all BeanPostProcessors <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34015">#34015</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Fix typo in Spring MVC error responses documentation <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34552">#34552</a></li> <li>Document that Spring Framework 6.x does not yet support JSpecify annotations <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34551">#34551</a></li> <li>Fix web and webflux reference links <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34517">#34517</a></li> <li>Document default KeyGenerator in spring-cache XSD <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34468">#34468</a></li> <li>Fix broken antora task <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34454">#34454</a></li> <li>Add <code>@since</code> tag for formField() and formFields in MockHttpServletRequestDsl <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34448">#34448</a></li> <li>Improve Javadoc of ObjectProvider to clarify what is unique <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34447">#34447</a></li> <li>rest-http-interface example code can't run <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34443">#34443</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-framework/commit/eb3f034cd9d9982abfbd20c3f78da80c6a204bd0"><code>eb3f034</code></a> Release v6.2.4</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/387677eae8ebc2b641e24d274c87980743c6d1cc"><code>387677e</code></a> Upgrade to JUnit 5.12</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/4a314867d733fa39c3f749b4664812f44fb3b91f"><code>4a31486</code></a> Upgrade to Reactor 2024.0.4 and Micrometer 1.14.5</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/020f556841a60071add53144365358f4f1fd5d7b"><code>020f556</code></a> Support custom attribute with a value in MockCookie.parse()</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/6ea3b5a0e887a0f1ad7cf593ee1ded2c87de3d81"><code>6ea3b5a</code></a> Fix Javadoc failure</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/d764087dbf2b40031d271bf14184eecab307878c"><code>d764087</code></a> Correct since tag</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/9ab43b138aafca1dfbdfe4b300cf25f5b5a9e1db"><code>9ab43b1</code></a> Enhancement in HandlerMethodValidationException</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/09ae080b99c454a2020100eecd0c1bff241cdf3a"><code>09ae080</code></a> isDisconnectedClientException protected for null</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/70a1b2fae3d1fe3c7ec7754947d5f532997cc3dc"><code>70a1b2f</code></a> Upgrade to Checkstyle 10.21.4</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/90ddb40d7a26798c340cdfdd74f379a57e931ed1"><code>90ddb40</code></a> Upgrade to Jetty 12.0.17 and Jetty Reactive HttpClient 4.0.9</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-framework/compare/v6.2.3...v6.2.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f41dc25987 |
Bump org.springframework:spring-webmvc from 6.2.3 to 6.2.4 (#3190)
Bumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.2.3 to 6.2.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">org.springframework:spring-webmvc's releases</a>.</em></p> <blockquote> <h2>v6.2.4</h2> <h2>⭐ New Features</h2> <ul> <li>JettyCoreHttpHandlerAdapter compatibility with Jetty 12.0.17 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34561">#34561</a></li> <li>HandlerMethodValidationException.Visitor should support RequestBody with method parameter constraints <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34549">#34549</a></li> <li>Allow <code>ContentResultMatchersDsl</code> matchers for supertypes of the checked type <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34542">#34542</a></li> <li>Avoid <code>JarURLConnection</code> resource leak in <code>AbstractFileResolvingResource.exists()</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34528">#34528</a></li> <li>Deprecate <code>rowsExpected</code> property of <code>SqlQuery</code> for removal <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34526">#34526</a></li> <li>Supply <code>RuntimeHints</code> to an <code>AotContextLoader</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34513">#34513</a></li> <li>Deprecate and remove use of UrlPathHelper in ServletWebSocketHandlerRegistry <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34508">#34508</a></li> <li>Avoid unnecessary CGLIB processing on configuration classes <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34486">#34486</a></li> <li>Inconsistent default class loaders in hint classes <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34470">#34470</a></li> <li>Add missing converters to <code>DefaultRestClientBuilder</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34439">#34439</a></li> <li>Improve <code>BeanFactory</code>/<code>ObjectProvider</code> to select the only one default candidate among non-default candidates <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34432">#34432</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li><code>MockCookie.parse()</code> fails to parse custom attribute with a value <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34575">#34575</a></li> <li><code>BeanNotOfRequiredTypeException</code> if <code>@Bean</code> factory method returns <code>null</code> <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34543">#34543</a></li> <li>Regression in 6.2.3: No unique bean available for injection point with unresolvable generics <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34541">#34541</a></li> <li>GenericConversionService cannot find a converter when converting to a Kotlin list of maps <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34535">#34535</a></li> <li>isClientDisconnectedException needs to protect against null input <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34533">#34533</a></li> <li>spring boot 3.4.3 + TimedAspect causes thread to hang <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34522">#34522</a></li> <li>Missing Partitioned cookie support in reactive HTTP clients <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34521">#34521</a></li> <li>DefaultManagedTaskExecutor throws java.lang.UnsupportedOperationException: isShutdown when rejecting tasks <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34514">#34514</a></li> <li>FileSystemResource location does not end with slash for RouterFunction check <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34509">#34509</a></li> <li>AbstractJackson2HttpMessageConverter not resolving generic type for request body since 6.2.3 <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34504">#34504</a></li> <li>Request param handling in HttpRequestValues overrides existing URI variables with same name <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34499">#34499</a></li> <li>MockHttpServletResponse - handle multiple values for Content-Language header <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34488">#34488</a></li> <li>Endless loop with DataSourceUtils in spring-jdbc <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34484">#34484</a></li> <li>MockHttpServletResponse#setHeader does not remove header for null values <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34464">#34464</a></li> <li>ContentCachingResponseWrapper.setHeader does not handle null value properly. <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34460">#34460</a></li> <li>Component scan fails to find bean candidates in the embedded jar file in META-INF/context.xml for embedded Tomcat application <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34446">#34446</a></li> <li>6.2.0 broke with "Could not register object [<code>@someHash</code>] under bean name 'blabla': there is already object [<code>@sameHash</code>] bound" <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34427">#34427</a></li> <li>503 status code after completing SseEmitter in onTimeout <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34426">#34426</a></li> <li><code>NullPointerException</code> thrown when <code>ConfigurationClassEnhancer</code> creates CGLIB proxy <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34423">#34423</a></li> <li>Add onRequest() hook for propagating request from downstream <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34388">#34388</a></li> <li>Content-Type response header duplicated for failed StreamingResponseBody return value <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34366">#34366</a></li> <li>Task scheduler configured by XML is not eligible for getting processed by all BeanPostProcessors <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34015">#34015</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Fix typo in Spring MVC error responses documentation <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34552">#34552</a></li> <li>Document that Spring Framework 6.x does not yet support JSpecify annotations <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34551">#34551</a></li> <li>Fix web and webflux reference links <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34517">#34517</a></li> <li>Document default KeyGenerator in spring-cache XSD <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34468">#34468</a></li> <li>Fix broken antora task <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34454">#34454</a></li> <li>Add <code>@since</code> tag for formField() and formFields in MockHttpServletRequestDsl <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34448">#34448</a></li> <li>Improve Javadoc of ObjectProvider to clarify what is unique <a href="https://redirect.github.com/spring-projects/spring-framework/pull/34447">#34447</a></li> <li>rest-http-interface example code can't run <a href="https://redirect.github.com/spring-projects/spring-framework/issues/34443">#34443</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-framework/commit/eb3f034cd9d9982abfbd20c3f78da80c6a204bd0"><code>eb3f034</code></a> Release v6.2.4</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/387677eae8ebc2b641e24d274c87980743c6d1cc"><code>387677e</code></a> Upgrade to JUnit 5.12</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/4a314867d733fa39c3f749b4664812f44fb3b91f"><code>4a31486</code></a> Upgrade to Reactor 2024.0.4 and Micrometer 1.14.5</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/020f556841a60071add53144365358f4f1fd5d7b"><code>020f556</code></a> Support custom attribute with a value in MockCookie.parse()</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/6ea3b5a0e887a0f1ad7cf593ee1ded2c87de3d81"><code>6ea3b5a</code></a> Fix Javadoc failure</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/d764087dbf2b40031d271bf14184eecab307878c"><code>d764087</code></a> Correct since tag</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/9ab43b138aafca1dfbdfe4b300cf25f5b5a9e1db"><code>9ab43b1</code></a> Enhancement in HandlerMethodValidationException</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/09ae080b99c454a2020100eecd0c1bff241cdf3a"><code>09ae080</code></a> isDisconnectedClientException protected for null</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/70a1b2fae3d1fe3c7ec7754947d5f532997cc3dc"><code>70a1b2f</code></a> Upgrade to Checkstyle 10.21.4</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/90ddb40d7a26798c340cdfdd74f379a57e931ed1"><code>90ddb40</code></a> Upgrade to Jetty 12.0.17 and Jetty Reactive HttpClient 4.0.9</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-framework/compare/v6.2.3...v6.2.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
976342e10a |
Bump docker/login-action from 3.3.0 to 3.4.0 (#3188)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.3.0 to 3.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.4.0</h2> <ul> <li>Bump <code>@actions/core</code> from 1.10.1 to 1.11.1 in <a href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.766.0 in <a href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a> <a href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.758.0 in <a href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a> <a href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in <a href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a> <a href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a> <a href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li> <li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li> <li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li> <li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/74a5d142397b4f367a81961eba4e8cd7edddf772"><code>74a5d14</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/856">#856</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/2f4f00e4c6fe8a50cdd1fd618421be2e92b2f201"><code>2f4f00e</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/67c184546cf989af16f02a1b5359e4bde3cdc524"><code>67c1845</code></a> build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...</li> <li><a href="https://github.com/docker/login-action/commit/3d4cc89e85e0cac73870ab81d3b72c0b700870d1"><code>3d4cc89</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/844">#844</a> from graysonpike/master</li> <li><a href="https://github.com/docker/login-action/commit/6cc823a6c4738f797f031790fa7f982b7a8dcfdc"><code>6cc823a</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/823">#823</a> from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li> <li><a href="https://github.com/docker/login-action/commit/d94e792124647378e94c07359922f0f821a9fab2"><code>d94e792</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/033db0da3047b4d01e249d66f56ae16a2ed6af87"><code>033db0d</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/812">#812</a> from docker/dependabot/github_actions/codecov/codecov...</li> <li><a href="https://github.com/docker/login-action/commit/09c2ae9716c0bacef3c03e120a61c28adfb8595b"><code>09c2ae9</code></a> build(deps): bump https-proxy-agent</li> <li><a href="https://github.com/docker/login-action/commit/ba56f006fc7190f752d4e6e1312f85697984a229"><code>ba56f00</code></a> ci: update deprecated input for codecov-action</li> <li><a href="https://github.com/docker/login-action/commit/75bf9a79af089e9aa009972a6ecb22190a520679"><code>75bf9a7</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/858">#858</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/9780b0c442fbb1117ed29e0efdff1e18412f7567...74a5d142397b4f367a81961eba4e8cd7edddf772">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f0fd6526b6 |
Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.3 to 6.4.4 (#3197)
Bumps [org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security) from 6.4.3 to 6.4.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's releases</a>.</em></p> <blockquote> <h2>6.4.4</h2> <h2>🪲 Bug Fixes</h2> <ul> <li>Add testRuntimeOnly junit-platform-launcher <a href="https://redirect.github.com/spring-projects/spring-security/issues/16756">#16756</a></li> <li>Align Method Traversal Algorithm with Spring Framework <a href="https://redirect.github.com/spring-projects/spring-security/issues/16751">#16751</a></li> <li>Disable Flaky WebAuthnWebDriverTests <a href="https://redirect.github.com/spring-projects/spring-security/issues/16753">#16753</a></li> <li>Fix <code>@PostResult</code> example in method-security doc <a href="https://redirect.github.com/spring-projects/spring-security/pull/16628">#16628</a></li> <li>Grammar Fixes in OAuth 2.0 JavaDoc <a href="https://redirect.github.com/spring-projects/spring-security/pull/16619">#16619</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16649">#16649</a></li> <li>Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16692">#16692</a></li> <li>Bump com.webauthn4j:webauthn4j-core from 0.28.5.RELEASE to 0.28.6.RELEASE <a href="https://redirect.github.com/spring-projects/spring-security/pull/16691">#16691</a></li> <li>Bump io.micrometer:micrometer-observation from 1.14.4 to 1.14.5 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16715">#16715</a></li> <li>Bump io.mockk:mockk from 1.13.16 to 1.13.17 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16675">#16675</a></li> <li>Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16725">#16725</a></li> <li>Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to 6.6.11.Final <a href="https://redirect.github.com/spring-projects/spring-security/pull/16748">#16748</a></li> <li>Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.23 to 4.33.24 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16669">#16669</a></li> <li>Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16650">#16650</a></li> <li>Bump org.springframework.data:spring-data-bom from 2024.1.3 to 2024.1.4 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16749">#16749</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16733">#16733</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/Kuba15"><code>@Kuba15</code></a>, <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot], and <a href="https://github.com/pat-mccusker"><code>@pat-mccusker</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-security/commit/3d9cd31122161aed337655e68da5c395f8b6c3f6"><code>3d9cd31</code></a> Release 6.4.4</li> <li><a href="https://github.com/spring-projects/spring-security/commit/04f530bc1bf75fe3251c2adbf3f58ce6579d496b"><code>04f530b</code></a> opensamlFiveTest.extendsFrom testRuntimeOnly</li> <li><a href="https://github.com/spring-projects/spring-security/commit/bf619fc3dc43acf7d943149348f5538394ec1358"><code>bf619fc</code></a> Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4</li> <li><a href="https://github.com/spring-projects/spring-security/commit/488de5af701ee7a0a3ac3634a451aa19fb0d0303"><code>488de5a</code></a> Merge branch '6.3.x' into 6.4.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/709d9bc039ea45642a2748e18764f51fe886a48b"><code>709d9bc</code></a> Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18</li> <li><a href="https://github.com/spring-projects/spring-security/commit/067ed2bab42fb5a86f4f6e7328982b2c1f4f1785"><code>067ed2b</code></a> Bump org.springframework.data:spring-data-bom from 2024.1.3 to 2024.1.4</li> <li><a href="https://github.com/spring-projects/spring-security/commit/1db6718f69d0899745e1c620b46729dc6fe3beba"><code>1db6718</code></a> Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to 6.6.11.Final</li> <li><a href="https://github.com/spring-projects/spring-security/commit/41fc38397416ff1cb880ed62ca8ec00f7acb77db"><code>41fc383</code></a> Merge branch '6.3.x' into 6.4.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/d9bb16e913ddb0086f06f49236e16f5509a0c6da"><code>d9bb16e</code></a> Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16</li> <li><a href="https://github.com/spring-projects/spring-security/commit/11114919ec545492621fde37b0cd420df05a7b38"><code>1111491</code></a> Bump org.springframework.data:spring-data-bom from 2024.0.9 to 2024.0.10</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-security/compare/6.4.3...6.4.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
0747ea68f5 |
Bump io.micrometer:micrometer-core from 1.14.4 to 1.14.5 (#3159)
Bumps [io.micrometer:micrometer-core](https://github.com/micrometer-metrics/micrometer) from 1.14.4 to 1.14.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/micrometer-metrics/micrometer/releases">io.micrometer:micrometer-core's releases</a>.</em></p> <blockquote> <h2>1.14.5</h2> <h2>🐞 Bug Fixes</h2> <ul> <li><code>Distribution value with |count| of 0 has a non-zero |mean| value of XXX</code> errors in logs - similar to <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/4868">#4868</a> <a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5927">#5927</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.18.3 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5989">#5989</a></li> <li>Bump com.netflix.spectator:spectator-reg-atlas from 1.8.4 to 1.8.6 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5941">#5941</a></li> <li>Bump io.prometheus:prometheus-metrics-bom from 1.3.5 to 1.3.6 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5938">#5938</a></li> <li>Bump me.champeau.gradle:japicmp-gradle-plugin from 0.4.5 to 0.4.6 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5940">#5940</a></li> <li>Bump spring6 from 6.1.16 to 6.1.17 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5926">#5926</a></li> <li>Bump testcontainers from 1.20.4 to 1.20.5 <a href="https://redirect.github.com/micrometer-metrics/micrometer/pull/5949">#5949</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/AlexElin"><code>@AlexElin</code></a>, and <a href="https://github.com/izeye"><code>@izeye</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/4ff1bbf5b1326419d3a044ef9e2fac23377a51f9"><code>4ff1bbf</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/c92ff3dae61458523e1ca623db3b18476dd8e7ab"><code>c92ff3d</code></a> Added release train gh action workflow</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/7cdce348561c9021e6ce42375f9e9fb26dc43ce2"><code>7cdce34</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/3a55d71bc2c711fbe1a099ad4f087a4afd28d53a"><code>3a55d71</code></a> Clarify JavaDoc for JMS <code>DESTINATION_NAME</code> (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5988">#5988</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/0d6bcec434656a34a4aeebe209ac1eb61513c8dd"><code>0d6bcec</code></a> Merge branch '1.13.x' into 1.14.x</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/6e70957c4c8438889b1a9d6ee20a973516511683"><code>6e70957</code></a> Fix flakiness in JmsInstrumentationTests.shouldInstrumentMessageListener() (#...</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/a5fe903b82fcd778cc0536a0928ea7ceaa9667c2"><code>a5fe903</code></a> Try to reduce flakiness in JvmGcMetricsTest.gcTimingIsCorrectForPauseCycleCol...</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/41069635c0db2c7cb550f0008903054d1f071ee4"><code>4106963</code></a> Bump testcontainers from 1.20.5 to 1.20.6 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5998">#5998</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/c3d8dcf4591eb7f3d663f2bde375f738fba99a16"><code>c3d8dcf</code></a> Bump com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.18.3 (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5989">#5989</a>)</li> <li><a href="https://github.com/micrometer-metrics/micrometer/commit/d73e34108b63e328b8f31536dec5908f00b5c8d2"><code>d73e341</code></a> Bump io.netty:netty-bom from 4.1.118.Final to 4.1.119.Final (<a href="https://redirect.github.com/micrometer-metrics/micrometer/issues/5980">#5980</a>)</li> <li>Additional commits viewable in <a href="https://github.com/micrometer-metrics/micrometer/compare/v1.14.4...v1.14.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
885b3f049e |
Bump gradle from 8.12-jdk21 to 8.13-jdk21 (#3158)
Bumps gradle from 8.12-jdk21 to 8.13-jdk21. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b99ad89db0 |
Bump github/codeql-action from 3.28.10 to 3.28.11 (#3144)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.10 to 3.28.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.11</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.11/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> <li>Uploading debug artifacts for CodeQL analysis is temporarily disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li> </ul> <h2>3.28.2 - 21 Jan 2025</h2> <p>No user facing changes.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/6bb031afdd8eb862ea3fc1848194185e076637e5"><code>6bb031a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2798">#2798</a> from github/update-v3.28.11-56b25d5d5</li> <li><a href="https://github.com/github/codeql-action/commit/6bca7dd940f38115b5e3696bd79bbb020563bb1f"><code>6bca7dd</code></a> Update changelog for v3.28.11</li> <li><a href="https://github.com/github/codeql-action/commit/56b25d5d5251df651f82070735778784aa383094"><code>56b25d5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2793">#2793</a> from github/update-bundle/codeql-bundle-v2.20.6</li> <li><a href="https://github.com/github/codeql-action/commit/256aa1658211f7bf42a0ee5b18a106fe81baa524"><code>256aa16</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.20.6</li> <li><a href="https://github.com/github/codeql-action/commit/911d845ab60270de25813c5a148ec9501e857340"><code>911d845</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2796">#2796</a> from github/nickfyson/adjust-rate-error-string</li> <li><a href="https://github.com/github/codeql-action/commit/7b7ed635033f63c6f84ab377f726dc0b933bd593"><code>7b7ed63</code></a> adjust string for handling rate limit error</li> <li><a href="https://github.com/github/codeql-action/commit/608ccd6cd915d2c43d3059c3da518f36f07a56b0"><code>608ccd6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2794">#2794</a> from github/update-supported-enterprise-server-versions</li> <li><a href="https://github.com/github/codeql-action/commit/35d04d3627f40144b1b19daa99f2449297367ec9"><code>35d04d3</code></a> Update supported GitHub Enterprise Server versions</li> <li><a href="https://github.com/github/codeql-action/commit/ec3b22164b6b09c9b3d63ff4e9d41084895602b0"><code>ec3b221</code></a> Update supported GitHub Enterprise Server versions</li> <li><a href="https://github.com/github/codeql-action/commit/8dc01f6342a3f934d1a339917531a4d8beda41bc"><code>8dc01f6</code></a> Add changelog note</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d...6bb031afdd8eb862ea3fc1848194185e076637e5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d65974a7e1 |
Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (#3145)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.7 to 7.0.8. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v7.0.8</h2> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump ts-jest from 29.2.5 to 29.2.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3751">peter-evans/create-pull-request#3751</a></li> <li>build(deps-dev): bump eslint-import-resolver-typescript from 3.8.1 to 3.8.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3752">peter-evans/create-pull-request#3752</a></li> <li>build(deps): bump <code>@octokit/plugin-paginate-rest</code> from 11.4.2 to 11.4.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3753">peter-evans/create-pull-request#3753</a></li> <li>build(deps-dev): bump prettier from 3.5.1 to 3.5.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3754">peter-evans/create-pull-request#3754</a></li> <li>fix: suppress output for some git operations by <a href="https://github.com/peter-evans"><code>@peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3776">peter-evans/create-pull-request#3776</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v7.0.7...v7.0.8">https://github.com/peter-evans/create-pull-request/compare/v7.0.7...v7.0.8</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/peter-evans/create-pull-request/commit/271a8d0340265f705b14b6d32b9829c1cb33d45e"><code>271a8d0</code></a> fix: suppress output for some git operations (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3776">#3776</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/6f7efd1c24d02e0d947dd3f6f9618019afb36781"><code>6f7efd1</code></a> test: update cpr-example-command</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/13c47c574799c8eb0a033eba252619135e70f392"><code>13c47c5</code></a> build(deps-dev): bump prettier from 3.5.1 to 3.5.2 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3754">#3754</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/63e58290d72e889603c931363c5169ba1bbe3fed"><code>63e5829</code></a> build(deps): bump <code>@octokit/plugin-paginate-rest</code> from 11.4.2 to 11.4.3 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3753">#3753</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/a92c90fcab983421cc9bc736a06daea58c68d0db"><code>a92c90f</code></a> build(deps-dev): bump eslint-import-resolver-typescript (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3752">#3752</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/b23b62d48799ec46790610dd74b29cb9ba2eef30"><code>b23b62d</code></a> build(deps-dev): bump ts-jest from 29.2.5 to 29.2.6 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3751">#3751</a>)</li> <li>See full diff in <a href="https://github.com/peter-evans/create-pull-request/compare/dd2324fc52d5d43c699a5636bcf19fceaa70c284...271a8d0340265f705b14b6d32b9829c1cb33d45e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
58edc777c0 |
Bump actions/create-github-app-token from 1.11.5 to 1.11.6 (#3109)
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.11.5 to 1.11.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v1.11.6</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v1.11.5...v1.11.6">1.11.6</a> (2025-03-03)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> bump the production-dependencies group with 2 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/210">#210</a>) (<a href="https://github.com/actions/create-github-app-token/commit/1ff1dea6a9d1de5b4795e5314291e04acc63c38b">1ff1dea</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/21cfef2b496dd8ef5b904c159339626a10ad380e"><code>21cfef2</code></a> build(release): 1.11.6 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/1ff1dea6a9d1de5b4795e5314291e04acc63c38b"><code>1ff1dea</code></a> fix(deps): bump the production-dependencies group with 2 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/210">#210</a>)</li> <li>See full diff in <a href="https://github.com/actions/create-github-app-token/compare/0d564482f06ca65fa9e77e2510873638c82206f2...21cfef2b496dd8ef5b904c159339626a10ad380e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
ba7c949d1a |
Bump actions/download-artifact from 4.1.8 to 4.1.9 (#3090)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.8 to 4.1.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.1.9</h2> <h2>What's Changed</h2> <ul> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li> <li>docs: small migration fix by <a href="https://github.com/froblesmartin"><code>@froblesmartin</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li> <li>Update MIGRATION.md by <a href="https://github.com/andyfeller"><code>@andyfeller</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li> <li>Update artifact package to 2.2.2 by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li> <li><a href="https://github.com/froblesmartin"><code>@froblesmartin</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li> <li><a href="https://github.com/andyfeller"><code>@andyfeller</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li> <li><a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4...v4.1.9">https://github.com/actions/download-artifact/compare/v4...v4.1.9</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/cc203385981b70ca67e1cc392babf9cc229d5806"><code>cc20338</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/380">#380</a> from actions/yacaovsnc/release_4_1_9</li> <li><a href="https://github.com/actions/download-artifact/commit/1fc0fee191f40422f502da571c0f01ff460afe53"><code>1fc0fee</code></a> Update artifact package to 2.2.2</li> <li><a href="https://github.com/actions/download-artifact/commit/7fba95161a0924506ed1ae69cdbae8371ee00b3f"><code>7fba951</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/372">#372</a> from andyfeller/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/f9ceb7763ba1fdfd81b2e2f93aa1f6015ff6b35d"><code>f9ceb77</code></a> Update MIGRATION.md</li> <li><a href="https://github.com/actions/download-artifact/commit/533298bc57c27f112a2c04a74a04a4d43e2866fd"><code>533298b</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/370">#370</a> from froblesmartin/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/d06289e120b300840a833b25db66cb8c19f5d274"><code>d06289e</code></a> docs: small migration fix</li> <li><a href="https://github.com/actions/download-artifact/commit/d0ce8fd1167ed839810201de977912a090ab10a7"><code>d0ce8fd</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/354">#354</a> from actions/Jcambass-patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/1ce0d91ace59dfbf6763107ee5aa8466ebbadf48"><code>1ce0d91</code></a> Add workflow file for publishing releases to immutable action package</li> <li>See full diff in <a href="https://github.com/actions/download-artifact/compare/fa0a91b85d4f404e444e00e005971372dc801d16...cc203385981b70ca67e1cc392babf9cc229d5806">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
04cfa9b0f3 |
Bump docker/build-push-action from 6.14.0 to 6.15.0 (#3091)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.14.0 to 6.15.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.15.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.55.0 to 0.56.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1330">docker/build-push-action#1330</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0">https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/471d1dc4e07e5cdedd4c2171150001c434f0b7a4"><code>471d1dc</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1330">#1330</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/b89ff0a6f27deae3d7f5803e80f1de9415b673c8"><code>b89ff0a</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/1e3ae3a4d3bba144fbd440e91219e1cd3bc38d69"><code>1e3ae3a</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.55.0 to 0.56.0</li> <li><a href="https://github.com/docker/build-push-action/commit/b16f42f92abaeb7610fd7fc99ab230d13e79e275"><code>b16f42f</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1325">#1325</a> from crazy-max/buildx-edge</li> <li><a href="https://github.com/docker/build-push-action/commit/dc0fea5e62c3379ed8d79ee70c09796499a5f799"><code>dc0fea5</code></a> ci: update buildx to edge and buildkit to latest</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/0adf9959216b96bec444f325f1e493d4aa344497...471d1dc4e07e5cdedd4c2171150001c434f0b7a4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
bc9148073c |
Bump docker/setup-qemu-action from 3.4.0 to 3.6.0 (#3092)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.4.0 to 3.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's releases</a>.</em></p> <blockquote> <h2>v3.6.0</h2> <ul> <li>Display binfmt version by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-qemu-action/pull/202">docker/setup-qemu-action#202</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0">https://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0</a></p> <h2>v3.5.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in <a href="https://redirect.github.com/docker/setup-qemu-action/pull/205">docker/setup-qemu-action#205</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0">https://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-qemu-action/commit/29109295f81e9208d7d86ff1c6c12d2833863392"><code>2910929</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-qemu-action/issues/202">#202</a> from crazy-max/binfmt-version</li> <li><a href="https://github.com/docker/setup-qemu-action/commit/7ffe24aa9a8440b164354dd7e2e6793b43bc73fa"><code>7ffe24a</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-qemu-action/commit/17bc18bb05034c78f2ede32a8bbefcb428ed3f54"><code>17bc18b</code></a> display binfmt version</li> <li><a href="https://github.com/docker/setup-qemu-action/commit/5964de0df58d5ad28b04d8fe2e6b80ad47105b91"><code>5964de0</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-qemu-action/issues/205">#205</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-qemu-action/commit/862b6633f805f5f6aa43ff50a2177924d5a38852"><code>862b663</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-qemu-action/commit/138de3b6464b863fed6a98c1fae46faa58f98dee"><code>138de3b</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0</li> <li>See full diff in <a href="https://github.com/docker/setup-qemu-action/compare/4574d27a4764455b42196d70a065bc6853246a25...29109295f81e9208d7d86ff1c6c12d2833863392">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
5c4f463cc8 |
Bump docker/setup-buildx-action from 3.9.0 to 3.10.0 (#3093)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.9.0 to 3.10.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.10.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2"><code>b5ca514</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/408">#408</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/1418a4ef330cff3d80e8707b47780be815fb20db"><code>1418a4e</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/93acf831ce48bc806b62b1e892b89fca8bf213e0"><code>93acf83</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0</li> <li>See full diff in <a href="https://github.com/docker/setup-buildx-action/compare/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca...b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
127256c3da |
Bump docker/metadata-action from 5.6.1 to 5.7.0 (#3094)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.6.1 to 5.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/metadata-action/releases">docker/metadata-action's releases</a>.</em></p> <blockquote> <h2>v5.7.0</h2> <ul> <li>Global expressions support for labels and annotations by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/489">docker/metadata-action#489</a></li> <li>Support disabling outputs as environment variables by <a href="https://github.com/omus"><code>@omus</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/497">docker/metadata-action#497</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.44.0 to 0.56.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/507">docker/metadata-action#507</a> <a href="https://redirect.github.com/docker/metadata-action/pull/509">docker/metadata-action#509</a></li> <li>Bump csv-parse from 5.5.6 to 5.6.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/482">docker/metadata-action#482</a></li> <li>Bump moment-timezone from 0.5.46 to 0.5.47 in <a href="https://redirect.github.com/docker/metadata-action/pull/501">docker/metadata-action#501</a></li> <li>Bump semver from 7.6.3 to 7.7.1 in <a href="https://redirect.github.com/docker/metadata-action/pull/504">docker/metadata-action#504</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0">https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/metadata-action/commit/902fa8ec7d6ecbf8d84d538b9b233a880e428804"><code>902fa8e</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/504">#504</a> from docker/dependabot/npm_and_yarn/semver-7.7.1</li> <li><a href="https://github.com/docker/metadata-action/commit/c30b9c27e61e950956355394454702216b74bd42"><code>c30b9c2</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/metadata-action/commit/0698804aabf8041ea6b78301daf0baeb8dad2496"><code>0698804</code></a> chore(deps): Bump semver from 7.6.3 to 7.7.1</li> <li><a href="https://github.com/docker/metadata-action/commit/bb3eecaaf832752e6a3e352de3b1ff2d11194b49"><code>bb3eeca</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/501">#501</a> from docker/dependabot/npm_and_yarn/moment-timezone-0...</li> <li><a href="https://github.com/docker/metadata-action/commit/94a839cf6aa9c58e06cf1ea8c8490eae3ef9794b"><code>94a839c</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/metadata-action/commit/ecd51a0f6a5f2594db412c7e8304064c1be02f6a"><code>ecd51a0</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/509">#509</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/metadata-action/commit/a85b1dbfe6a9f73e361ba3404493fe57f9d783e7"><code>a85b1db</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.55.0 to 0.56.0</li> <li><a href="https://github.com/docker/metadata-action/commit/5a76a0efcf13a52fea4449d4e07d44d6f1e61046"><code>5a76a0e</code></a> chore(deps): Bump moment-timezone from 0.5.46 to 0.5.47</li> <li><a href="https://github.com/docker/metadata-action/commit/1cc4a9856a30691d5bd4376b110fab84260af4b5"><code>1cc4a98</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/482">#482</a> from docker/dependabot/npm_and_yarn/csv-parse-5.6.0</li> <li><a href="https://github.com/docker/metadata-action/commit/d84de1e022f1b49a635274988425c331f19d0f7a"><code>d84de1e</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/metadata-action/compare/369eb591f429131d6889c46b94e711f089e6ca96...902fa8ec7d6ecbf8d84d538b9b233a880e428804">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
8f7153b30a |
Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17 (#3069)
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.16 to 1.5.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-classic's releases</a>.</em></p> <blockquote> <h2>Logback 1.5.17</h2> <p><strong>2025-02-25 Release of logback version 1.5.17</strong></p> <p>• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe console when the default terminal application is set to "Windows Console Host". This problem was reported in issues/753 by Michael Lyubkin.</p> <p>• Fixed race condition occurring in case MDC class is initialized while org.slf4j.LoggerFactory is initializing logback-classic's LoggerContext. When this race conditions occurs, the MDCAdapter instance used by MDC does not match the instance used by logback-classic. This issue was reported in SLF4J issues/450. While logback-classic version 1.5.17 remains compatible with SLF4J versions in the 2.0.x series, fixing this particular MDC issue requires SLF4J version 2.0.17.</p> <p>• A bit-wise identical binary of this version can be reproduced by building from source code at commit 10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag v_1.5.17. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/qos-ch/logback/commit/10358724ed723b3745c010aa40cb02a2dfed4593"><code>1035872</code></a> prepare release 1.5.17</li> <li><a href="https://github.com/qos-ch/logback/commit/2e6984d1e16c78c703a62bf2789a9c157d7bc050"><code>2e6984d</code></a> bump to slf4j version 2.0.17</li> <li><a href="https://github.com/qos-ch/logback/commit/100995244bf75ded9cb51bade91f84e63f349474"><code>1009952</code></a> use a new LoggerContert instance when running LogbackListenerTest. This shoul...</li> <li><a href="https://github.com/qos-ch/logback/commit/a3bb4b096aa32874eec304cb0456e526711402f4"><code>a3bb4b0</code></a> Merge branch 'master' of github.com:qos-ch/logback</li> <li><a href="https://github.com/qos-ch/logback/commit/b507297eaa2868479b2d41a666f0aef750fe0079"><code>b507297</code></a> Fixed race condition occurring in case MDC class is initialized while org.slf...</li> <li><a href="https://github.com/qos-ch/logback/commit/f5b3bc56cd1c1bcf4e8419383c1049912bc51c6f"><code>f5b3bc5</code></a> add warning about the deprecation of SerializedModelConfigurator if activated</li> <li><a href="https://github.com/qos-ch/logback/commit/5bc0998ce1899195bd6c57b9708493197a68db95"><code>5bc0998</code></a> Update README.md</li> <li><a href="https://github.com/qos-ch/logback/commit/5610c96b4d705a4fe6ded9c42d4f47cb92bbbd95"><code>5610c96</code></a> correct relocation address</li> <li><a href="https://github.com/qos-ch/logback/commit/f3d100b89d1546b10da553b1d8f741ad404504bd"><code>f3d100b</code></a> update logback-access evaluator examples</li> <li><a href="https://github.com/qos-ch/logback/commit/51e390303eb27a70b16b0b8902e0240bb79f7d51"><code>51e3903</code></a> fix issues/753 for the second time</li> <li>Additional commits viewable in <a href="https://github.com/qos-ch/logback/compare/v_1.5.16...v_1.5.17">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
366bec602d |
Bump ch.qos.logback:logback-core from 1.5.16 to 1.5.17 (#3068)
Bumps [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) from 1.5.16 to 1.5.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-core's releases</a>.</em></p> <blockquote> <h2>Logback 1.5.17</h2> <p><strong>2025-02-25 Release of logback version 1.5.17</strong></p> <p>• Fixed Jansi 2.4.0 color-coded output not working on Windows CMD.exe console when the default terminal application is set to "Windows Console Host". This problem was reported in issues/753 by Michael Lyubkin.</p> <p>• Fixed race condition occurring in case MDC class is initialized while org.slf4j.LoggerFactory is initializing logback-classic's LoggerContext. When this race conditions occurs, the MDCAdapter instance used by MDC does not match the instance used by logback-classic. This issue was reported in SLF4J issues/450. While logback-classic version 1.5.17 remains compatible with SLF4J versions in the 2.0.x series, fixing this particular MDC issue requires SLF4J version 2.0.17.</p> <p>• A bit-wise identical binary of this version can be reproduced by building from source code at commit 10358724ed723b3745c010aa40cb02a2dfed4593 associated with the tag v_1.5.17. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/qos-ch/logback/commit/10358724ed723b3745c010aa40cb02a2dfed4593"><code>1035872</code></a> prepare release 1.5.17</li> <li><a href="https://github.com/qos-ch/logback/commit/2e6984d1e16c78c703a62bf2789a9c157d7bc050"><code>2e6984d</code></a> bump to slf4j version 2.0.17</li> <li><a href="https://github.com/qos-ch/logback/commit/100995244bf75ded9cb51bade91f84e63f349474"><code>1009952</code></a> use a new LoggerContert instance when running LogbackListenerTest. This shoul...</li> <li><a href="https://github.com/qos-ch/logback/commit/a3bb4b096aa32874eec304cb0456e526711402f4"><code>a3bb4b0</code></a> Merge branch 'master' of github.com:qos-ch/logback</li> <li><a href="https://github.com/qos-ch/logback/commit/b507297eaa2868479b2d41a666f0aef750fe0079"><code>b507297</code></a> Fixed race condition occurring in case MDC class is initialized while org.slf...</li> <li><a href="https://github.com/qos-ch/logback/commit/f5b3bc56cd1c1bcf4e8419383c1049912bc51c6f"><code>f5b3bc5</code></a> add warning about the deprecation of SerializedModelConfigurator if activated</li> <li><a href="https://github.com/qos-ch/logback/commit/5bc0998ce1899195bd6c57b9708493197a68db95"><code>5bc0998</code></a> Update README.md</li> <li><a href="https://github.com/qos-ch/logback/commit/5610c96b4d705a4fe6ded9c42d4f47cb92bbbd95"><code>5610c96</code></a> correct relocation address</li> <li><a href="https://github.com/qos-ch/logback/commit/f3d100b89d1546b10da553b1d8f741ad404504bd"><code>f3d100b</code></a> update logback-access evaluator examples</li> <li><a href="https://github.com/qos-ch/logback/commit/51e390303eb27a70b16b0b8902e0240bb79f7d51"><code>51e3903</code></a> fix issues/753 for the second time</li> <li>Additional commits viewable in <a href="https://github.com/qos-ch/logback/compare/v_1.5.16...v_1.5.17">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f64d7d42d9 |
Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (#3051)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.6 to 7.0.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v7.0.7</h2> <p>⚙️ Fixes an issue with commit signing where modifications to the same file in multiple commits squash into the first commit.</p> <h2>What's Changed</h2> <ul> <li>build(deps): bump <code>@octokit/core</code> from 6.1.2 to 6.1.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3593">peter-evans/create-pull-request#3593</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.68 to 18.19.70 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3594">peter-evans/create-pull-request#3594</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3603">peter-evans/create-pull-request#3603</a></li> <li>build(deps-dev): bump typescript from 5.7.2 to 5.7.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3610">peter-evans/create-pull-request#3610</a></li> <li>build(deps): bump octokit dependencies by <a href="https://github.com/peter-evans"><code>@peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3618">peter-evans/create-pull-request#3618</a></li> <li>docs: add workflow tip for showing message via workflow command by <a href="https://github.com/ybiquitous"><code>@ybiquitous</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3626">peter-evans/create-pull-request#3626</a></li> <li>build(deps-dev): bump eslint-plugin-prettier from 5.2.1 to 5.2.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3628">peter-evans/create-pull-request#3628</a></li> <li>build(deps): bump node-fetch-native from 1.6.4 to 1.6.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3627">peter-evans/create-pull-request#3627</a></li> <li>build(deps-dev): bump undici from 6.21.0 to 6.21.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3630">peter-evans/create-pull-request#3630</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.70 to 18.19.71 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3629">peter-evans/create-pull-request#3629</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3647">peter-evans/create-pull-request#3647</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.71 to 18.19.74 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3657">peter-evans/create-pull-request#3657</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.74 to 18.19.75 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3663">peter-evans/create-pull-request#3663</a></li> <li>build(deps): bump <code>@octokit/plugin-rest-endpoint-methods</code> from 13.3.0 to 13.3.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3670">peter-evans/create-pull-request#3670</a></li> <li>build(deps-dev): bump prettier from 3.4.2 to 3.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3671">peter-evans/create-pull-request#3671</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3680">peter-evans/create-pull-request#3680</a></li> <li>build(deps): bump <code>@octokit/request-error</code> from 6.1.6 to 6.1.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3685">peter-evans/create-pull-request#3685</a></li> <li>build(deps): bump <code>@octokit/plugin-paginate-rest</code> from 11.4.0 to 11.4.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3688">peter-evans/create-pull-request#3688</a></li> <li>build(deps): bump <code>@octokit/endpoint</code> from 10.1.2 to 10.1.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3700">peter-evans/create-pull-request#3700</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3691">peter-evans/create-pull-request#3691</a></li> <li>build(deps-dev): bump prettier from 3.5.0 to 3.5.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3709">peter-evans/create-pull-request#3709</a></li> <li>build(deps-dev): bump eslint-import-resolver-typescript from 3.7.0 to 3.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3710">peter-evans/create-pull-request#3710</a></li> <li>build(deps): bump <code>@octokit/plugin-paginate-rest</code> from 11.4.1 to 11.4.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3713">peter-evans/create-pull-request#3713</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.75 to 18.19.76 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3712">peter-evans/create-pull-request#3712</a></li> <li>build(deps): bump <code>@octokit/core</code> from 6.1.3 to 6.1.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3711">peter-evans/create-pull-request#3711</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3736">peter-evans/create-pull-request#3736</a></li> <li>Use showFileAtRefBase64 to read per-commit file contents by <a href="https://github.com/grahamc"><code>@grahamc</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3744">peter-evans/create-pull-request#3744</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ybiquitous"><code>@ybiquitous</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3626">peter-evans/create-pull-request#3626</a></li> <li><a href="https://github.com/grahamc"><code>@grahamc</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3744">peter-evans/create-pull-request#3744</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v7.0.6...v7.0.7">https://github.com/peter-evans/create-pull-request/compare/v7.0.6...v7.0.7</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/peter-evans/create-pull-request/commit/dd2324fc52d5d43c699a5636bcf19fceaa70c284"><code>dd2324f</code></a> fix: use showFileAtRefBase64 to read per-commit file contents (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3744">#3744</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/367180cbdfa0448fc1ca9136e4adb020658cf4e5"><code>367180c</code></a> ci: remove testv5 cmd</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/25575a12f382fb9c68692ffce1174138b61417d7"><code>25575a1</code></a> build: update distribution (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3736">#3736</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/a56e7a56e9186132269996d8937494f12ff51f77"><code>a56e7a5</code></a> build(deps): bump <code>@octokit/core</code> from 6.1.3 to 6.1.4 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3711">#3711</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/eac17dc6a391b3ae789deacc22d4d36f5e62ef6b"><code>eac17dc</code></a> build(deps-dev): bump <code>@types/node</code> from 18.19.75 to 18.19.76 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3712">#3712</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/a2e685f8147c673583a881447134a26d6fa3d0f7"><code>a2e685f</code></a> build(deps): bump <code>@octokit/plugin-paginate-rest</code> from 11.4.1 to 11.4.2 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3713">#3713</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/6cfd146ec94d1142c1ea0bd8b540622c50f3a34b"><code>6cfd146</code></a> build(deps-dev): bump eslint-import-resolver-typescript (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3710">#3710</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/b38e8d38a18a291242f9072a0d9843d4c0ed6792"><code>b38e8d3</code></a> build(deps-dev): bump prettier from 3.5.0 to 3.5.1 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3709">#3709</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/8a41570d993b6f7de42d9533f6b785fc151c96e6"><code>8a41570</code></a> build: update distribution (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3691">#3691</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/2e9b4cc10ed4becca3a04f63d54db8baf010d424"><code>2e9b4cc</code></a> build(deps): bump <code>@octokit/endpoint</code> from 10.1.2 to 10.1.3 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3700">#3700</a>)</li> <li>Additional commits viewable in <a href="https://github.com/peter-evans/create-pull-request/compare/67ccf781d68cd99b580ae25a5c18a1cc84ffff1f...dd2324fc52d5d43c699a5636bcf19fceaa70c284">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
9df5e2aca0 |
Bump github/codeql-action from 3.28.9 to 3.28.10 (#3035)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.9 to 3.28.10. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.10</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.10/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> <li>Uploading debug artifacts for CodeQL analysis is temporarily disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li> </ul> <h2>3.28.2 - 21 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.1 - 10 Jan 2025</h2> <ul> <li>CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see <a href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d"><code>b56ba49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2778">#2778</a> from github/update-v3.28.10-9856c48b1</li> <li><a href="https://github.com/github/codeql-action/commit/60c9c77c33f2cd66390a3778d54de88b735b2526"><code>60c9c77</code></a> Update changelog for v3.28.10</li> <li><a href="https://github.com/github/codeql-action/commit/9856c48b1a54789454314b4c32ef2354fe213208"><code>9856c48</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2773">#2773</a> from github/redsun82/rust</li> <li><a href="https://github.com/github/codeql-action/commit/9572e09da430b4c71f7488e4195b4ca6ce1c6ef0"><code>9572e09</code></a> Rust: fix log string</li> <li><a href="https://github.com/github/codeql-action/commit/1a529366ac3620317d953e2d4018eafa7459cb1c"><code>1a52936</code></a> Rust: special case default setup</li> <li><a href="https://github.com/github/codeql-action/commit/cf7e90952bcceaebd4a548c2809ea6a5d461a1bc"><code>cf7e909</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2772">#2772</a> from github/update-bundle/codeql-bundle-v2.20.5</li> <li><a href="https://github.com/github/codeql-action/commit/b7006aab6d38638d18e38a27c18f67138529c2f8"><code>b7006aa</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.20.5</li> <li><a href="https://github.com/github/codeql-action/commit/cfedae723eaced5e13052b529375e7b00d49a9cd"><code>cfedae7</code></a> Rust: throw configuration errors if requested and not correctly enabled</li> <li><a href="https://github.com/github/codeql-action/commit/3971ed2a74ede0669fa7f4f5af4292030280dbfd"><code>3971ed2</code></a> Merge branch 'main' into redsun82/rust</li> <li><a href="https://github.com/github/codeql-action/commit/d38c6e60dfb0232f85e388dd416559ed07da5f3a"><code>d38c6e6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2775">#2775</a> from github/angelapwen/bump-octokit</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
6aad45fcec |
Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#3034)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.0 to 4.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.1</h2> <h2>What's Changed</h2> <ul> <li>Update to use artifact 2.2.2 package by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a> from actions/yacaovsnc/artifact_2.2.2</li> <li><a href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a> license cache update for artifact</li> <li><a href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a> Update to use artifact 2.2.2 package</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
ec5018cc80 |
Bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#3033)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.0 to 2.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's releases</a>.</em></p> <blockquote> <h2>v2.4.1</h2> <h2>What's Changed</h2> <ul> <li>This update bumps the Scorecard version to the v5.1.1 release. For a complete list of changes, please refer to the <a href="https://github.com/ossf/scorecard/releases/tag/v5.1.0">v5.1.0</a> and <a href="https://github.com/ossf/scorecard/releases/tag/v5.1.1">v5.1.1</a> release notes.</li> <li>Publishing results now uses half the API quota as before. The exact savings depends on the repository in question. <ul> <li>use Scorecard library entrypoint instead of Cobra hooking by <a href="https://github.com/spencerschrock"><code>@spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1423">ossf/scorecard-action#1423</a></li> </ul> </li> <li>Some errors were made into annotations to make them more visible <ul> <li>Make default branch error more prominent by <a href="https://github.com/jsoref"><code>@jsoref</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a></li> </ul> </li> <li>There is now an optional <code>file_mode</code> input which controls how repository files are fetched from GitHub. The default is <code>archive</code>, but <code>git</code> produces the most accurate results for repositories with <code>.gitattributes</code> files at the cost of analysis speed. <ul> <li>add input for specifying <code>--file-mode</code> by <a href="https://github.com/spencerschrock"><code>@spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1509">ossf/scorecard-action#1509</a></li> </ul> </li> <li>The underlying container for the action is now <a href="https://github.com/ossf/scorecard-action/pkgs/container/scorecard-action">hosted on GitHub Container Registry</a>. There should be no functional changes. <ul> <li>🌱 publish docker images to GitHub Container Registry by <a href="https://github.com/spencerschrock"><code>@spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1453">ossf/scorecard-action#1453</a></li> </ul> </li> </ul> <h3>Docs</h3> <ul> <li>Installation docs update by <a href="https://github.com/JeremiahAHoward"><code>@JeremiahAHoward</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/JeremiahAHoward"><code>@JeremiahAHoward</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li> <li><a href="https://github.com/jsoref"><code>@jsoref</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a> <strong>Full Changelog</strong>: <a href="https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1">https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ossf/scorecard-action/commit/f49aabe0b5af0936a0987cfb85d86b75731b0186"><code>f49aabe</code></a> bump docker to ghcr v2.4.1 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1478">#1478</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/30a595ba8670f7bd5e2d33119dfeeb6ab2f64991"><code>30a595b</code></a> 🌱 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1515">#1515</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/69ae593b7addfd5241b46c43c7ed6abbd7203d55"><code>69ae593</code></a> omit vcs info from build (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1514">#1514</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/6a62a1cbf28018bd61197d0c2852b94b046fe1a4"><code>6a62a1c</code></a> add input for specifying <code>--file-mode</code> (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1509">#1509</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/2722664778d49161a69d42f8e82e15ed38fea8d1"><code>2722664</code></a> 🌱 Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1510">#1510</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/ae0ef3171a81cb48c3fdaaf34cba323d0c51fefb"><code>ae0ef31</code></a> 🌱 Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1512">#1512</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/3676bbc29082184ac34a84d1573c0419f81c4a68"><code>3676bbc</code></a> 🌱 Bump golang from 1.23.6 to 1.24.0 in the docker-images group (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1513">#1513</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/ae7548a0ff1b94dda3a89eeda8f59c031874f035"><code>ae7548a</code></a> Limit codeQL push trigger to main branch (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1507">#1507</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/9165624e75f0c73d13a9db2d4d920bcc5fc3a801"><code>9165624</code></a> upgrade scorecard to v5.1.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1508">#1508</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/620fd28d6b2ba01c1d70cf63dfb4bdf868e19d6f"><code>620fd28</code></a> 🌱 Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1505">#1505</a>)</li> <li>Additional commits viewable in <a href="https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f6654a06d9 |
Bump springBootVersion from 3.4.2 to 3.4.3 (#3007)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps `springBootVersion` from 3.4.2 to 3.4.3. Updates `org.springframework.boot:spring-boot-starter-web` from 3.4.2 to 3.4.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-web's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double instrumentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li> <li>Fix typo in Running Your Application <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li> <li>Document Kubernetes preStop handler when using a Docker image without a shell <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li> <li>Source snippet in Developing Your First Spring Boot Application section uses the root package <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li> <li>Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li> <li>Add links to Jackson Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li> <li>Warn that some Quartz database schema scripts must be modified before use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Commons Pool2 2.12.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li> <li>Upgrade to Couchbase Client 3.7.8 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li> <li>Upgrade to Groovy 4.0.25 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li> <li>Upgrade to Hibernate 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li> <li>Upgrade to HttpClient5 5.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li> <li>Upgrade to HttpCore5 5.3.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li> <li>Upgrade to Infinispan 15.0.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li> <li>Upgrade to jOOQ 3.19.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li> <li>Upgrade to Json-smart 2.5.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li> <li>Upgrade to Maven Clean Plugin 3.4.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li> <li>Upgrade to Micrometer 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li> <li>Upgrade to Micrometer Tracing 1.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li> <li>Upgrade to Native Build Tools Plugin 0.10.5 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a> Release v3.4.3</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a> Next development version (v3.3.10-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a> Merge pull request <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a> from nosan</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a> Register Log42J StatusListener</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a> Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a> Protect against NoSuchMethodException on setReadOnly</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a> Upgrade to Testcontainers Redis Module 2.2.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a> Upgrade to Testcontainers 1.20.5</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-jetty` from 3.4.2 to 3.4.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-jetty's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double instrumentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li> <li>Fix typo in Running Your Application <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li> <li>Document Kubernetes preStop handler when using a Docker image without a shell <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li> <li>Source snippet in Developing Your First Spring Boot Application section uses the root package <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li> <li>Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li> <li>Add links to Jackson Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li> <li>Warn that some Quartz database schema scripts must be modified before use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Commons Pool2 2.12.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li> <li>Upgrade to Couchbase Client 3.7.8 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li> <li>Upgrade to Groovy 4.0.25 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li> <li>Upgrade to Hibernate 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li> <li>Upgrade to HttpClient5 5.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li> <li>Upgrade to HttpCore5 5.3.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li> <li>Upgrade to Infinispan 15.0.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li> <li>Upgrade to jOOQ 3.19.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li> <li>Upgrade to Json-smart 2.5.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li> <li>Upgrade to Maven Clean Plugin 3.4.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li> <li>Upgrade to Micrometer 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li> <li>Upgrade to Micrometer Tracing 1.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li> <li>Upgrade to Native Build Tools Plugin 0.10.5 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a> Release v3.4.3</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a> Next development version (v3.3.10-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a> Merge pull request <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a> from nosan</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a> Register Log42J StatusListener</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a> Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a> Protect against NoSuchMethodException on setReadOnly</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a> Upgrade to Testcontainers Redis Module 2.2.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a> Upgrade to Testcontainers 1.20.5</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-thymeleaf` from 3.4.2 to 3.4.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-thymeleaf's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double instrumentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li> <li>Fix typo in Running Your Application <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li> <li>Document Kubernetes preStop handler when using a Docker image without a shell <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li> <li>Source snippet in Developing Your First Spring Boot Application section uses the root package <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li> <li>Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li> <li>Add links to Jackson Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li> <li>Warn that some Quartz database schema scripts must be modified before use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Commons Pool2 2.12.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li> <li>Upgrade to Couchbase Client 3.7.8 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li> <li>Upgrade to Groovy 4.0.25 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li> <li>Upgrade to Hibernate 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li> <li>Upgrade to HttpClient5 5.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li> <li>Upgrade to HttpCore5 5.3.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li> <li>Upgrade to Infinispan 15.0.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li> <li>Upgrade to jOOQ 3.19.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li> <li>Upgrade to Json-smart 2.5.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li> <li>Upgrade to Maven Clean Plugin 3.4.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li> <li>Upgrade to Micrometer 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li> <li>Upgrade to Micrometer Tracing 1.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li> <li>Upgrade to Native Build Tools Plugin 0.10.5 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a> Release v3.4.3</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a> Next development version (v3.3.10-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a> Merge pull request <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a> from nosan</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a> Register Log42J StatusListener</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a> Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a> Protect against NoSuchMethodException on setReadOnly</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a> Upgrade to Testcontainers Redis Module 2.2.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a> Upgrade to Testcontainers 1.20.5</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-security` from 3.4.2 to 3.4.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-security's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double instrumentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li> <li>Fix typo in Running Your Application <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li> <li>Document Kubernetes preStop handler when using a Docker image without a shell <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li> <li>Source snippet in Developing Your First Spring Boot Application section uses the root package <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li> <li>Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li> <li>Add links to Jackson Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li> <li>Warn that some Quartz database schema scripts must be modified before use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Commons Pool2 2.12.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li> <li>Upgrade to Couchbase Client 3.7.8 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li> <li>Upgrade to Groovy 4.0.25 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li> <li>Upgrade to Hibernate 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li> <li>Upgrade to HttpClient5 5.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li> <li>Upgrade to HttpCore5 5.3.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li> <li>Upgrade to Infinispan 15.0.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li> <li>Upgrade to jOOQ 3.19.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li> <li>Upgrade to Json-smart 2.5.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li> <li>Upgrade to Maven Clean Plugin 3.4.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li> <li>Upgrade to Micrometer 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li> <li>Upgrade to Micrometer Tracing 1.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li> <li>Upgrade to Native Build Tools Plugin 0.10.5 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a> Release v3.4.3</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a> Next development version (v3.3.10-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a> Merge pull request <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a> from nosan</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a> Register Log42J StatusListener</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a> Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a> Protect against NoSuchMethodException on setReadOnly</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a> Upgrade to Testcontainers Redis Module 2.2.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a> Upgrade to Testcontainers 1.20.5</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-data-jpa` from 3.4.2 to 3.4.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-data-jpa's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double instrumentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li> <li>Fix typo in Running Your Application <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li> <li>Document Kubernetes preStop handler when using a Docker image without a shell <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li> <li>Source snippet in Developing Your First Spring Boot Application section uses the root package <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li> <li>Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li> <li>Add links to Jackson Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li> <li>Warn that some Quartz database schema scripts must be modified before use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Commons Pool2 2.12.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li> <li>Upgrade to Couchbase Client 3.7.8 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li> <li>Upgrade to Groovy 4.0.25 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li> <li>Upgrade to Hibernate 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li> <li>Upgrade to HttpClient5 5.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li> <li>Upgrade to HttpCore5 5.3.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li> <li>Upgrade to Infinispan 15.0.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li> <li>Upgrade to jOOQ 3.19.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li> <li>Upgrade to Json-smart 2.5.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li> <li>Upgrade to Maven Clean Plugin 3.4.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li> <li>Upgrade to Micrometer 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li> <li>Upgrade to Micrometer Tracing 1.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li> <li>Upgrade to Native Build Tools Plugin 0.10.5 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a> Release v3.4.3</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a> Next development version (v3.3.10-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a> Merge pull request <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a> from nosan</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a> Register Log42J StatusListener</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a> Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a> Protect against NoSuchMethodException on setReadOnly</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a> Upgrade to Testcontainers Redis Module 2.2.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a> Upgrade to Testcontainers 1.20.5</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-oauth2-client` from 3.4.2 to 3.4.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-oauth2-client's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double instrumentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li> <li>Fix typo in Running Your Application <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li> <li>Document Kubernetes preStop handler when using a Docker image without a shell <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li> <li>Source snippet in Developing Your First Spring Boot Application section uses the root package <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li> <li>Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li> <li>Add links to Jackson Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li> <li>Warn that some Quartz database schema scripts must be modified before use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Commons Pool2 2.12.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li> <li>Upgrade to Couchbase Client 3.7.8 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li> <li>Upgrade to Groovy 4.0.25 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li> <li>Upgrade to Hibernate 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li> <li>Upgrade to HttpClient5 5.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li> <li>Upgrade to HttpCore5 5.3.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li> <li>Upgrade to Infinispan 15.0.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li> <li>Upgrade to jOOQ 3.19.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li> <li>Upgrade to Json-smart 2.5.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li> <li>Upgrade to Maven Clean Plugin 3.4.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li> <li>Upgrade to Micrometer 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li> <li>Upgrade to Micrometer Tracing 1.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li> <li>Upgrade to Native Build Tools Plugin 0.10.5 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a> Release v3.4.3</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a> Next development version (v3.3.10-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a> Merge pull request <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a> from nosan</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a> Register Log42J StatusListener</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a> Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a> Protect against NoSuchMethodException on setReadOnly</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a> Upgrade to Testcontainers Redis Module 2.2.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a> Upgrade to Testcontainers 1.20.5</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-test` from 3.4.2 to 3.4.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-test's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double instrumentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li> <li>Fix typo in Running Your Application <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li> <li>Document Kubernetes preStop handler when using a Docker image without a shell <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li> <li>Source snippet in Developing Your First Spring Boot Application section uses the root package <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li> <li>Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li> <li>Add links to Jackson Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li> <li>Warn that some Quartz database schema scripts must be modified before use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Commons Pool2 2.12.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li> <li>Upgrade to Couchbase Client 3.7.8 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li> <li>Upgrade to Groovy 4.0.25 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li> <li>Upgrade to Hibernate 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li> <li>Upgrade to HttpClient5 5.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li> <li>Upgrade to HttpCore5 5.3.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li> <li>Upgrade to Infinispan 15.0.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li> <li>Upgrade to jOOQ 3.19.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li> <li>Upgrade to Json-smart 2.5.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li> <li>Upgrade to Maven Clean Plugin 3.4.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li> <li>Upgrade to Micrometer 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li> <li>Upgrade to Micrometer Tracing 1.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li> <li>Upgrade to Native Build Tools Plugin 0.10.5 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a> Release v3.4.3</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a> Next development version (v3.3.10-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a> Merge pull request <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a> from nosan</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a> Register Log42J StatusListener</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a> Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a> Protect against NoSuchMethodException on setReadOnly</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a> Upgrade to Testcontainers Redis Module 2.2.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a> Upgrade to Testcontainers 1.20.5</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.2...v3.4.3">compare view</a></li> </ul> </details> <br /> Updates `org.springframework.boot:spring-boot-starter-actuator` from 3.4.2 to 3.4.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot:spring-boot-starter-actuator's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double inst... _Description has been truncated_ Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
219adb99ec |
Bump org.springframework.security:spring-security-saml2-service-provider from 6.4.2 to 6.4.3 (#3009)
Bumps [org.springframework.security:spring-security-saml2-service-provider](https://github.com/spring-projects/spring-security) from 6.4.2 to 6.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's releases</a>.</em></p> <blockquote> <h2>6.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add Support disableDefaultRegistrationPage to WebAuthnDsl <a href="https://redirect.github.com/spring-projects/spring-security/issues/16395">#16395</a></li> </ul> <h2>🪲 Bug Fixes</h2> <ul> <li><code>withValue</code> used incorrectly <a href="https://redirect.github.com/spring-projects/spring-security/pull/16527">#16527</a></li> <li>Fix for JdbcOneTimeTokenService cleanupExpiredTokens failing with PostgreSQL <a href="https://redirect.github.com/spring-projects/spring-security/pull/16344">#16344</a></li> <li>Fix GenerateOneTimeTokenWebFilter double publish of chain.filter(...) <a href="https://redirect.github.com/spring-projects/spring-security/pull/16459">#16459</a></li> <li>Fix Kotlin DSL webAuthn { } <a href="https://redirect.github.com/spring-projects/spring-security/issues/16338">#16338</a></li> <li>Fix loader has changed while resolving nodes in WebAuthnWebDriverTests <a href="https://redirect.github.com/spring-projects/spring-security/pull/16463">#16463</a></li> <li>Fix logoutRequestRepository not set on Saml2RelyingPartyInitiatedLogoutSuccessHandler <a href="https://redirect.github.com/spring-projects/spring-security/issues/16310">#16310</a></li> <li>Implement <code>Serializable</code> for WebAuthnAuthentication <a href="https://redirect.github.com/spring-projects/spring-security/pull/16285">#16285</a></li> <li>Make AuthorizationDecision Serializable <a href="https://redirect.github.com/spring-projects/spring-security/issues/16544">#16544</a></li> <li>Make PublicKeyCredentialRequestOptions Serializable Backport <a href="https://redirect.github.com/spring-projects/spring-security/pull/16584">#16584</a></li> <li>Make Saml2AuthenticationToken Serializable <a href="https://redirect.github.com/spring-projects/spring-security/pull/16287">#16287</a></li> <li>Make WebAuthnAuthentication Serializable <a href="https://redirect.github.com/spring-projects/spring-security/issues/16273">#16273</a></li> <li>Make WebAuthnAuthenticationRequestToken Serializable <a href="https://redirect.github.com/spring-projects/spring-security/pull/16602">#16602</a></li> <li>Make WebAuthnAuthenticationTokenRequest Serializable <a href="https://redirect.github.com/spring-projects/spring-security/issues/16481">#16481</a></li> <li>Misconfigured OAuth2LoginAuthenticationFilter when combining OAuth2 login and OAuth2 client configuration <a href="https://redirect.github.com/spring-projects/spring-security/issues/16466">#16466</a></li> <li>OTT Should Use non-static member to capture the last OneTimeToken <a href="https://redirect.github.com/spring-projects/spring-security/issues/16471">#16471</a></li> <li>webauthn js should ensure allowCredentials[].id is an ArrayBuffer <a href="https://redirect.github.com/spring-projects/spring-security/pull/16440">#16440</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16364">#16364</a></li> <li>Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16598">#16598</a></li> <li>Bump com.webauthn4j:webauthn4j-core from 0.28.4.RELEASE to 0.28.5.RELEASE <a href="https://redirect.github.com/spring-projects/spring-security/pull/16523">#16523</a></li> <li>Bump io.micrometer:micrometer-observation from 1.14.3 to 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16565">#16565</a></li> <li>Bump io.mockk:mockk from 1.13.14 to 1.13.16 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16399">#16399</a></li> <li>Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16576">#16576</a></li> <li>Bump io.rsocket:rsocket-bom from 1.1.4 to 1.1.5 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16534">#16534</a></li> <li>Bump org.hibernate.orm:hibernate-core from 6.6.7.Final to 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-security/pull/16610">#16610</a></li> <li>Bump org.junit:junit-bom from 5.11.3 to 5.11.4 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16292">#16292</a></li> <li>Bump org.springframework.data:spring-data-bom from 2024.1.2 to 2024.1.3 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16611">#16611</a></li> <li>Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16597">#16597</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 <a href="https://redirect.github.com/spring-projects/spring-security/pull/16599">#16599</a></li> <li>Update to oauth2-oidc-sdk 9.43.5 <a href="https://redirect.github.com/spring-projects/spring-security/issues/16583">#16583</a></li> </ul> <h2>🔩 Build Updates</h2> <ul> <li>Add TestBytes <a href="https://redirect.github.com/spring-projects/spring-security/issues/16461">#16461</a></li> <li>Troubleshoot missing GChat notifications <a href="https://redirect.github.com/spring-projects/spring-security/issues/16424">#16424</a></li> </ul> <h2>❤️ Contributors</h2> <p>Thank you to all the contributors who worked on this release:</p> <p><a href="https://github.com/Kehrlann"><code>@Kehrlann</code></a>, <a href="https://github.com/NeoTraveler"><code>@NeoTraveler</code></a>, <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot], <a href="https://github.com/franticticktick"><code>@franticticktick</code></a>, <a href="https://github.com/making"><code>@making</code></a>, and <a href="https://github.com/ngocnhan-tran1996"><code>@ngocnhan-tran1996</code></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-security/commit/e7431a3a72e37d18bdaf5909ddf3a459bf2fa7fd"><code>e7431a3</code></a> Release 6.4.3</li> <li><a href="https://github.com/spring-projects/spring-security/commit/d2f825bc74b7afab7004aab4be373487e5ff7fcd"><code>d2f825b</code></a> Bump org.springframework.data:spring-data-bom from 2024.1.2 to 2024.1.3</li> <li><a href="https://github.com/spring-projects/spring-security/commit/6fcbc0ea2a61a774f9b105a245f799e04edaebbe"><code>6fcbc0e</code></a> Bump org.hibernate.orm:hibernate-core from 6.6.7.Final to 6.6.8.Final</li> <li><a href="https://github.com/spring-projects/spring-security/commit/efe50dd0ebf44cd9bc401f054c1635f8ec1a8867"><code>efe50dd</code></a> Merge branch '6.3.x' into 6.4.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/06026684e518471a7e74ae8676e6cc8378d722b9"><code>0602668</code></a> Bump org.springframework.data:spring-data-bom from 2024.0.8 to 2024.0.9</li> <li><a href="https://github.com/spring-projects/spring-security/commit/946812691e5b9c6820060b2bfef95ecb69462c38"><code>9468126</code></a> Make AuthenticatorAttestation Serializable</li> <li><a href="https://github.com/spring-projects/spring-security/commit/b5a4218a0bfd91220a4cf38cdefa93ee1f4f5c26"><code>b5a4218</code></a> Make WebAuthnAuthenticationRequestToken Serializable</li> <li><a href="https://github.com/spring-projects/spring-security/commit/9e1a573531e2833c2b150924d28c15a5d22d7a09"><code>9e1a573</code></a> Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3</li> <li><a href="https://github.com/spring-projects/spring-security/commit/309daf565d4322297cdaa7ee1bc624d7c1f33408"><code>309daf5</code></a> Merge branch '6.3.x' into 6.4.x</li> <li><a href="https://github.com/spring-projects/spring-security/commit/c3d45ae529bf8eec2a6c56b78c6bc39ba2a1e0db"><code>c3d45ae</code></a> Bump org.springframework:spring-framework-bom from 6.1.16 to 6.1.17</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-security/compare/6.4.2...6.4.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
23a7b11a74 |
Bump org.springframework.session:spring-session-core from 3.4.1 to 3.4.2 (#3014)
Bumps [org.springframework.session:spring-session-core](https://github.com/spring-projects/spring-session) from 3.4.1 to 3.4.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-session/releases">org.springframework.session:spring-session-core's releases</a>.</em></p> <blockquote> <h2>3.4.2</h2> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Bump ch-qos-logback from 1.5.12 to 1.5.13 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3304">#3304</a></li> <li>Bump ch-qos-logback from 1.5.13 to 1.5.14 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3306">#3306</a></li> <li>Bump ch-qos-logback from 1.5.14 to 1.5.15 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3309">#3309</a></li> <li>Bump ch-qos-logback from 1.5.15 to 1.5.16 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3315">#3315</a></li> <li>Bump io.projectreactor:reactor-bom from 2023.0.13 to 2023.0.14 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3324">#3324</a></li> <li>Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3336">#3336</a></li> <li>Bump io.projectreactor:reactor-core from 3.6.13 to 3.6.14 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3337">#3337</a></li> <li>Bump org-springframework-boot from 3.3.6 to 3.3.7 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3307">#3307</a></li> <li>Bump org-springframework-boot from 3.3.7 to 3.3.8 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3332">#3332</a></li> <li>Bump org.postgresql:postgresql from 42.7.4 to 42.7.5 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3325">#3325</a></li> <li>Bump org.springframework.data:spring-data-bom from 2024.1.1 to 2024.1.2 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3328">#3328</a></li> <li>Bump org.springframework.data:spring-data-bom from 2024.1.2 to 2024.1.3 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3339">#3339</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3326">#3326</a></li> <li>Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 <a href="https://redirect.github.com/spring-projects/spring-session/pull/3338">#3338</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-session/commit/d600674f133157604ddee36fa6cf0b0bb214e996"><code>d600674</code></a> Release 3.4.2</li> <li><a href="https://github.com/spring-projects/spring-session/commit/39dd594d667df62031105338a72b5817624bd198"><code>39dd594</code></a> Bump org.springframework.data:spring-data-bom from 2024.1.2 to 2024.1.3</li> <li><a href="https://github.com/spring-projects/spring-session/commit/1f7439e28a16ae4692c798f413d1de4a4a6c3cb7"><code>1f7439e</code></a> Bump org.springframework.data:spring-data-bom from 2024.1.1 to 2024.1.2</li> <li><a href="https://github.com/spring-projects/spring-session/commit/5fa21f19a34f968f0a96b821d7ac11793b16deec"><code>5fa21f1</code></a> Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3</li> <li><a href="https://github.com/spring-projects/spring-session/commit/8a6a5c0d0e29eb91f01099bbbf188aade6a9c53e"><code>8a6a5c0</code></a> Bump io.projectreactor:reactor-core from 3.6.13 to 3.6.14</li> <li><a href="https://github.com/spring-projects/spring-session/commit/495dc471bd6a83c47c13cf2b42fc02f74f564faf"><code>495dc47</code></a> Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15</li> <li><a href="https://github.com/spring-projects/spring-session/commit/e902d3f11adb8b0d3030264c1662f116777bd753"><code>e902d3f</code></a> Bump org-springframework-boot from 3.3.7 to 3.3.8</li> <li><a href="https://github.com/spring-projects/spring-session/commit/6ad1989745ec0fd9e8b8be4b738d6224faaaf861"><code>6ad1989</code></a> Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2</li> <li><a href="https://github.com/spring-projects/spring-session/commit/4283df46ac6dcd15aad266eaea2c958264b63f62"><code>4283df4</code></a> Bump org.postgresql:postgresql from 42.7.4 to 42.7.5</li> <li><a href="https://github.com/spring-projects/spring-session/commit/13088c6ac75f5cf0d3b78ec8c2980d64dfaccb82"><code>13088c6</code></a> Bump io.projectreactor:reactor-bom from 2023.0.13 to 2023.0.14</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-session/compare/3.4.1...3.4.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
880ca6af7f |
Bump actions/create-github-app-token from 1.11.3 to 1.11.5 (#3008)
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.11.3 to 1.11.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v1.11.5</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v1.11.4...v1.11.5">1.11.5</a> (2025-02-15)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> bump <code>@octokit/request</code> from 9.2.0 to 9.2.2 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/209">#209</a>) (<a href="https://github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67">8cedd97</a>), closes <a href="https://redirect.github.com/actions/create-github-app-token/issues/740">#740</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/738">#738</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/740">#740</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/737">#737</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/738">#738</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/736">#736</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/735">#735</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/734">#734</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/733">#733</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/732">#732</a></li> <li><strong>deps:</strong> bump <code>@octokit/request-error</code> from 6.1.6 to 6.1.7 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/208">#208</a>) (<a href="https://github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566">415f6a5</a>), closes <a href="https://redirect.github.com/actions/create-github-app-token/issues/494">#494</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/491">#491</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/490">#490</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/488">#488</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/486">#486</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/487">#487</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/485">#485</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/484">#484</a></li> </ul> <h2>v1.11.4</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v1.11.3...v1.11.4">1.11.4</a> (2025-02-15)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> bump <code>@octokit/endpoint</code> from 10.1.1 to 10.1.3 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/207">#207</a>) (<a href="https://github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535">d30def8</a>), closes <a href="https://redirect.github.com/actions/create-github-app-token/issues/507">#507</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/514">#514</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/512">#512</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/511">#511</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/509">#509</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/508">#508</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/507">#507</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/506">#506</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/505">#505</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/504">#504</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/0d564482f06ca65fa9e77e2510873638c82206f2"><code>0d56448</code></a> build(release): 1.11.5 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67"><code>8cedd97</code></a> fix(deps): bump <code>@octokit/request</code> from 9.2.0 to 9.2.2 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/209">#209</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566"><code>415f6a5</code></a> fix(deps): bump <code>@octokit/request-error</code> from 6.1.6 to 6.1.7 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/208">#208</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/c14f92a8f9fd9aff60349b9d5bb2f2d9933926bd"><code>c14f92a</code></a> build(release): 1.11.4 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535"><code>d30def8</code></a> fix(deps): bump <code>@octokit/endpoint</code> from 10.1.1 to 10.1.3 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/207">#207</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/a5be4722a6091c4e20293de271822a5532f23326"><code>a5be472</code></a> build(deps-dev): bump esbuild from 0.24.2 to 0.25.0 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/206">#206</a>)</li> <li>See full diff in <a href="https://github.com/actions/create-github-app-token/compare/67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7...0d564482f06ca65fa9e77e2510873638c82206f2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ludy <[email protected]> |
||
|
|
3797a6827c |
Bump docker/build-push-action from 6.13.0 to 6.14.0 (#3012)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.13.0 to 6.14.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.14.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.53.0 to 0.55.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1324">docker/build-push-action#1324</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0">https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/0adf9959216b96bec444f325f1e493d4aa344497"><code>0adf995</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1324">#1324</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="https://github.com/docker/build-push-action/commit/d88cd289df60c51a4111f165d65e205c8e913937"><code>d88cd28</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/3d09a6bd705280a63155d5f61da35bb42301fe96"><code>3d09a6b</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.53.0 to 0.55.0</li> <li>See full diff in <a href="https://github.com/docker/build-push-action/compare/ca877d9245402d1537745e0e356eab47c3520991...0adf9959216b96bec444f325f1e493d4aa344497">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
0f5d95661c |
Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 (#3010)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.0 to 3.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.8.1</h2> <h2>What's Changed</h2> <ul> <li>use cosign 2.4.3 and other updates by <a href="https://github.com/cpanato"><code>@cpanato</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/182">sigstore/cosign-installer#182</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a"><code>d7d6bc7</code></a> use cosign 2.4.3 and other updates (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/182">#182</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/c56c2d3e59e4281cc41dea2217323ba5694b171e...d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d5aea7f0b6 |
Bump ch.qos.logback:logback-core from 1.5.15 to 1.5.16 (#3011)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) from 1.5.15 to 1.5.16. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-core's releases</a>.</em></p> <blockquote> <h2>Logback 1.5.16</h2> <p><strong>2025-01-05 Release of logback version 1.5.16</strong></p> <p>• In order to ease the migration of configuration files depending on JaninoEventEvaluator, logback-classic will emit a warning about the removal of JaninoEventEvaluator in version 1.5.13 and suggest an online migration tool.</p> <p>• A bit-wise identical binary of this version can be reproduced by building from source code at commit 74c9ebd0e784d9e9ffc6c627cf5016d0157956b2 associated with the tag v_1.5.16. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/qos-ch/logback/commit/74c9ebd0e784d9e9ffc6c627cf5016d0157956b2"><code>74c9ebd</code></a> prepare release 1.5.16</li> <li><a href="https://github.com/qos-ch/logback/commit/9308a58e65ad415a86377f86e3f0e338a5167e66"><code>9308a58</code></a> javadocs structure changed</li> <li><a href="https://github.com/qos-ch/logback/commit/8935470736a395429ebcd0fbf75794a83ca37cec"><code>8935470</code></a> adapt test to SLF4J version 2.0.16</li> <li><a href="https://github.com/qos-ch/logback/commit/cb603698a1910e9dce1f5d39a2e51cd757eb40e0"><code>cb60369</code></a> addded StubEventEvaluator as default class for evaluator element so as to dir...</li> <li><a href="https://github.com/qos-ch/logback/commit/1da2f171dc108a2576eb33918198db7f755b1224"><code>1da2f17</code></a> bump jxr version</li> <li><a href="https://github.com/qos-ch/logback/commit/5bde644c2659115790161256016b678ee0d957d1"><code>5bde644</code></a> bump slf4j version to 2.0.16</li> <li><a href="https://github.com/qos-ch/logback/commit/aa2ebae414530c458dca2892351135d617474286"><code>aa2ebae</code></a> remove stax related code</li> <li><a href="https://github.com/qos-ch/logback/commit/80db86b54892d5af85b6ee69b1e97a097f64f6bd"><code>80db86b</code></a> fix issues/860</li> <li><a href="https://github.com/qos-ch/logback/commit/a8a2303ba3afeb5b26a90412501a6d1057d17669"><code>a8a2303</code></a> start work on 1.5.16-SNAPSHOT</li> <li><a href="https://github.com/qos-ch/logback/commit/bf14c2c7f657f7d255a7fe9cb156b1913e99ca3c"><code>bf14c2c</code></a> minor javadoc update</li> <li>See full diff in <a href="https://github.com/qos-ch/logback/compare/v_1.5.15...v_1.5.16">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
0412263d01 |
Bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16 (#3015)
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.15 to 1.5.16. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-classic's releases</a>.</em></p> <blockquote> <h2>Logback 1.5.16</h2> <p><strong>2025-01-05 Release of logback version 1.5.16</strong></p> <p>• In order to ease the migration of configuration files depending on JaninoEventEvaluator, logback-classic will emit a warning about the removal of JaninoEventEvaluator in version 1.5.13 and suggest an online migration tool.</p> <p>• A bit-wise identical binary of this version can be reproduced by building from source code at commit 74c9ebd0e784d9e9ffc6c627cf5016d0157956b2 associated with the tag v_1.5.16. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/qos-ch/logback/commit/74c9ebd0e784d9e9ffc6c627cf5016d0157956b2"><code>74c9ebd</code></a> prepare release 1.5.16</li> <li><a href="https://github.com/qos-ch/logback/commit/9308a58e65ad415a86377f86e3f0e338a5167e66"><code>9308a58</code></a> javadocs structure changed</li> <li><a href="https://github.com/qos-ch/logback/commit/8935470736a395429ebcd0fbf75794a83ca37cec"><code>8935470</code></a> adapt test to SLF4J version 2.0.16</li> <li><a href="https://github.com/qos-ch/logback/commit/cb603698a1910e9dce1f5d39a2e51cd757eb40e0"><code>cb60369</code></a> addded StubEventEvaluator as default class for evaluator element so as to dir...</li> <li><a href="https://github.com/qos-ch/logback/commit/1da2f171dc108a2576eb33918198db7f755b1224"><code>1da2f17</code></a> bump jxr version</li> <li><a href="https://github.com/qos-ch/logback/commit/5bde644c2659115790161256016b678ee0d957d1"><code>5bde644</code></a> bump slf4j version to 2.0.16</li> <li><a href="https://github.com/qos-ch/logback/commit/aa2ebae414530c458dca2892351135d617474286"><code>aa2ebae</code></a> remove stax related code</li> <li><a href="https://github.com/qos-ch/logback/commit/80db86b54892d5af85b6ee69b1e97a097f64f6bd"><code>80db86b</code></a> fix issues/860</li> <li><a href="https://github.com/qos-ch/logback/commit/a8a2303ba3afeb5b26a90412501a6d1057d17669"><code>a8a2303</code></a> start work on 1.5.16-SNAPSHOT</li> <li><a href="https://github.com/qos-ch/logback/commit/bf14c2c7f657f7d255a7fe9cb156b1913e99ca3c"><code>bf14c2c</code></a> minor javadoc update</li> <li>See full diff in <a href="https://github.com/qos-ch/logback/compare/v_1.5.15...v_1.5.16">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
487a82eb65 |
Bump org.springframework.boot from 3.4.1 to 3.4.3 (#3022)
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.4.1 to 3.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's releases</a>.</em></p> <blockquote> <h2>v3.4.3</h2> <h2>⭐ New Features</h2> <ul> <li>Add TWENTY_FOUR to JavaVersion enum <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44209">#44209</a></li> </ul> <h2>🐞 Bug Fixes</h2> <ul> <li>Console output may be lost when using Log4j2 with something that replaces System.out <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44380">#44380</a></li> <li>Maven plugin does not consistently use ArgFile for classpath argument on Windows <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44328">#44328</a></li> <li>Reactive Jetty web server does not fail fast when configured to use a server name bundle which Jetty does not support <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44319">#44319</a></li> <li>When web server application context refresh fails, the original failure is lost if stopping or destroying the web server throws an exception <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44317">#44317</a></li> <li>View resolver for Thymeleaf should back off if spring-webmvc is not present <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44296">#44296</a></li> <li>WebServer is not destroyed when ReactiveWebServerApplicationContext refresh fails <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44294">#44294</a></li> <li>Non-default DataSource candidates are not considered in H2ConsoleAutoConfiguration <a href="https://redirect.github.com/spring-projects/spring-boot/pull/44293">#44293</a></li> <li>Banner placeholder and defaults do not work during development <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44255">#44255</a></li> <li>Mustache templates return with ISO-8859-1 charset rather than UTF-8 in Content-Type response header <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44193">#44193</a></li> <li>Servlet EndpointRequest doesn't match web server namespace correctly <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44188">#44188</a></li> <li>java.lang.ClassCastException when using default management security with WebFlux and health probes enabled <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44052">#44052</a></li> <li>Logback configuration that relies on inner-classes does not work in a native image <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44025">#44025</a></li> <li>IllegalStateException: Unable to register SSL bundle after 3.3.8 or 3.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43989">#43989</a></li> <li>Metrics and health do not include non-default candidate beans <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43481">#43481</a></li> </ul> <h2>📔 Documentation</h2> <ul> <li>Document that auto-configuration classes should be identified using their binary names <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44303">#44303</a></li> <li>Correct typo in MVC security when explaining when UserDetailsService auto-configuration will back off <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44301">#44301</a></li> <li>Link to JarLauncher's javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44170">#44170</a></li> <li>When using observability annotations, recommend that care is taken to avoid double instrumentation <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44145">#44145</a></li> <li>Fix typo in Running Your Application <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44035">#44035</a></li> <li>Document Kubernetes preStop handler when using a Docker image without a shell <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44022">#44022</a></li> <li>Source snippet in Developing Your First Spring Boot Application section uses the root package <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43983">#43983</a></li> <li>Correct the location of MyApplication.java in "Developing Your First Spring Boot Application" <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43975">#43975</a></li> <li>Add links to Jackson Javadoc <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43971">#43971</a></li> <li>Warn that some Quartz database schema scripts must be modified before use <a href="https://redirect.github.com/spring-projects/spring-boot/issues/43958">#43958</a></li> </ul> <h2>🔨 Dependency Upgrades</h2> <ul> <li>Upgrade to Commons Pool2 2.12.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44173">#44173</a></li> <li>Upgrade to Couchbase Client 3.7.8 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44269">#44269</a></li> <li>Upgrade to Groovy 4.0.25 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44174">#44174</a></li> <li>Upgrade to Hibernate 6.6.8.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44332">#44332</a></li> <li>Upgrade to HttpClient5 5.4.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44176">#44176</a></li> <li>Upgrade to HttpCore5 5.3.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44177">#44177</a></li> <li>Upgrade to Infinispan 15.0.13.Final <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44178">#44178</a></li> <li>Upgrade to jOOQ 3.19.19 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44368">#44368</a></li> <li>Upgrade to Json-smart 2.5.2 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44264">#44264</a></li> <li>Upgrade to Maven Clean Plugin 3.4.1 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44349">#44349</a></li> <li>Upgrade to Micrometer 1.14.4 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44115">#44115</a></li> <li>Upgrade to Micrometer Tracing 1.4.3 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44116">#44116</a></li> <li>Upgrade to Native Build Tools Plugin 0.10.5 <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44179">#44179</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-boot/commit/2f53c0abc022ab22bb48c1dce2bbe7479fd8d3dc"><code>2f53c0a</code></a> Release v3.4.3</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/f99171fe2eb081afa23aa7d0991f891749a62400"><code>f99171f</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/70e0744c2771b2d3e0c7cfad51a5a838a56c68f1"><code>70e0744</code></a> Next development version (v3.3.10-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/07d9db3b802af7b23c19bb65d5b6e54e9ec4508c"><code>07d9db3</code></a> Merge pull request <a href="https://redirect.github.com/spring-projects/spring-boot/issues/44380">#44380</a> from nosan</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/22958097e38a895cfc47dbd1a36df1c7ec0a2e0b"><code>2295809</code></a> Register Log42J StatusListener</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/575655ca39f097abe595b757fe23e60838c97e75"><code>575655c</code></a> Upgrade Tomcat 11 smoke tests to Tomcat 11.0.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c74397af1ae58b3431e16f2a32d72c6571bcc03c"><code>c74397a</code></a> Merge branch '3.3.x' into 3.4.x</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/c718461450c6f0486bd489ac697286dd6311457c"><code>c718461</code></a> Protect against NoSuchMethodException on setReadOnly</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7dc9bf29b8890d96ffca341e4c1ed237850887bb"><code>7dc9bf2</code></a> Upgrade to Testcontainers Redis Module 2.2.4</li> <li><a href="https://github.com/spring-projects/spring-boot/commit/7d1fc062bfec9297cbd694bc09f1ec3c55d48f74"><code>7d1fc06</code></a> Upgrade to Testcontainers 1.20.5</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-boot/compare/v3.4.1...v3.4.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
11a5b2e79f |
Bump actions/create-github-app-token from 1.11.2 to 1.11.3 (#2878)
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.11.2 to 1.11.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v1.11.3</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v1.11.2...v1.11.3">1.11.3</a> (2025-02-04)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> bump the production-dependencies group with 3 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/203">#203</a>) (<a href="https://github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442">8e85a3c</a>), closes <a href="https://redirect.github.com/actions/create-github-app-token/issues/665">#665</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/665">#665</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/663">#663</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/662">#662</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/661">#661</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/659">#659</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/660">#660</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/658">#658</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/656">#656</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/657">#657</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/655">#655</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/731">#731</a> <a href="https://redirect.github.com/nodejs/undici/issues/4016">nodejs/undici#4016</a> <a href="https://redirect.github.com/nodejs/undici/issues/4017">nodejs/undici#4017</a> <a href="https://redirect.github.com/nodejs/undici/issues/4018">nodejs/undici#4018</a> <a href="https://redirect.github.com/nodejs/undici/issues/4008">nodejs/undici#4008</a> <a href="https://redirect.github.com/nodejs/undici/issues/3991">nodejs/undici#3991</a> <a href="https://redirect.github.com/nodejs/undici/issues/4001">nodejs/undici#4001</a> <a href="https://redirect.github.com/nodejs/undici/issues/3980">nodejs/undici#3980</a> <a href="https://redirect.github.com/nodejs/undici/issues/4003">nodejs/undici#4003</a> <a href="https://redirect.github.com/nodejs/undici/issues/3965">nodejs/undici#3965</a> <a href="https://redirect.github.com/nodejs/undici/issues/4002">nodejs/undici#4002</a> <a href="https://redirect.github.com/nodejs/undici/issues/4006">nodejs/undici#4006</a> <a href="https://redirect.github.com/nodejs/undici/issues/3956">nodejs/undici#3956</a> <a href="https://redirect.github.com/nodejs/undici/issues/3964">nodejs/undici#3964</a> <a href="https://redirect.github.com/nodejs/undici/issues/3447">nodejs/undici#3447</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3966">#3966</a> <a href="https://redirect.github.com/nodejs/undici/issues/3967">nodejs/undici#3967</a> <a href="https://redirect.github.com/nodejs/undici/issues/3971">nodejs/undici#3971</a> <a href="https://redirect.github.com/nodejs/undici/issues/3954">nodejs/undici#3954</a> <a href="https://redirect.github.com/nodejs/undici/issues/3972">nodejs/undici#3972</a> <a href="https://redirect.github.com/nodejs/undici/issues/3974">nodejs/undici#3974</a> <a href="https://redirect.github.com/nodejs/undici/issues/3976">nodejs/undici#3976</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3975">#3975</a> <a href="https://redirect.github.com/nodejs/undici/issues/3977">nodejs/undici#3977</a> <a href="https://redirect.github.com/nodejs/undici/issues/3978">nodejs/undici#3978</a> <a href="https://redirect.github.com/nodejs/undici/issues/3981">nodejs/undici#3981</a> <a href="https://redirect.github.com/nodejs/undici/issues/3983">nodejs/undici#3983</a> <a href="https://redirect.github.com/nodejs/undici/issues/3986">nodejs/undici#3986</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/4021">#4021</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/4018">#4018</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/4017">#4017</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/4016">#4016</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/4008">#4008</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/4007">#4007</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/4006">#4006</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3965">#3965</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7"><code>67e27a7</code></a> build(release): 1.11.3 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442"><code>8e85a3c</code></a> fix(deps): bump the production-dependencies group with 3 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/203">#203</a>)</li> <li>See full diff in <a href="https://github.com/actions/create-github-app-token/compare/136412a57a7081aa63c935a2cc2918f76c34f514...67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Stirling <[email protected]> Co-authored-by: Ludy <[email protected]> |