Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump org.springframework.boot from 2.7.5 to 3.0.0 #2943

Merged
merged 9 commits into from
Jun 21, 2023
Merged

build(deps): bump org.springframework.boot from 2.7.5 to 3.0.0 #2943

merged 9 commits into from
Jun 21, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 25, 2022
edited
Loading

Bumps org.springframework.boot from 2.7.5 to 3.0.0.

Release notes

Sourced from org.springframework.boot's releases.

v3.0.0

⭐ New Features

  • Provide a configuration property for the observation patterns of Spring Integration components #33099

🐞 Bug Fixes

  • io.micrometer.tracing.Tracer on the classpath breaks AOT processing for tests #33298
  • Tracer library HTTP instrumentation is auto-configured unnecessarily #33287
  • Auto-configuration ignores user-provided ObservationConventions #33285
  • ScheduledBeanLazyInitializationExcludeFilter is auto-configured even when annotation-based scheduled has not been enabled #33284
  • SpringBootContextLoader prints banner twice when using a @ContextHierarchy #33263
  • Properties migrator causes an application to fail to start if it tries to map a property whose metadata data entry contains an invalid configuration property name #33250
  • Wavefront MeterRegistryCustomizer is not applying application tags from application.properties #33244
  • Actuator responses no longer format timestamps as ISO-8601 #33236
  • Configuration property is not bound in a native image when property has get, set, and is methods #33232
  • Configuration property binding does not deal with bridge methods #33212
  • Contribute missing resource hints for GraphQL schema files and GraphiQL HTML page #33208
  • Hints for ClientHttpRequestFactory should only be generated for matching methods #33203
  • Native profile should configure execution in pluginManagement #33184
  • Configuring management.server.port via a config tree results in a ConverterNotFoundException when the management context is refreshed #33169
  • JBoss logging does not route directly to SLF4J when using Logback #33155
  • Test with UseMainMethod.Always do not work with Kotlin main functions #33114
  • Maven process-aot does not specify source and target release when compiling generated sources #33112
  • Some Actuator beans are ineligible for post-processing #33110
  • AOT-generated source fails to compile when Actuator is enabled on a WebFlux project #33106
  • @ContextHierarchy should never be used with main method #33078
  • Maven process-aot fails when compiler plugin has been configured with --enable-preview #33012
  • Wavefront application tags differ from those used in a Spring Boot 2.x application #32844
  • Maven goal spring-boot:build-image runs package phase twice #26455

📔 Documentation

  • Document observation for R2DBC #33335
  • Align Tomcat multiple connectors example with recommendation to configure SSL declaratively #33333
  • Actuator document is misleading about k8s startup probe #33327
  • Update documented for @Timed to reflect narrower support #33282
  • Update reference documentation to replace mentions of tags providers and contributors with their Observation-based equivalents #33281
  • Link to Micrometer's @Timed documentation #33266
  • Clarify use of the spring.cache.type property with Hazelcast #33258
  • Example git.commit.time in the Actuator API documentation is thousands of years in the future #33256
  • Update Spring Security filter dispatcher types docs to reflect change in default value #33252
  • Documentation for nested configuration properties in a native image uses @NestedConfigurationProperty too widely #33239
  • Document that the jar task should not be disabled when building a native image #33238
  • Document nesting configuration properties using records or Kotlin data classes and how and when to use @NestedConfigurationProperty #33235
  • Links to Features describes sections that have moved elsewhere #33214
  • Fix broken links in docs #33209
  • Document the need for compilation with -parameters when targeting a native image #33182
  • Remove outdated native image documentation #33109
  • Mention @RegisterReflectionForBinding in the docs #32903

... (truncated)

Commits
  • c9c359f Release v3.0.0
  • fb2cc73 Work around Thymeleaf's dependency on spring-security-bom:6.0.0-RC2
  • 355b428 Merge branch '2.7.x'
  • 7ea5881 Update LATEST_GA to false to prepare for 3.0.0's release
  • 1de09f4 Merge branch '2.6.x' into 2.7.x
  • e922650 Upgrade to Spring Framework 6.0.2
  • 4b8a28a Next development version (v2.7.7-SNAPSHOT)
  • 14ba9b1 Start building against Spring Framework 6.0.2 snapshots
  • d4a9100 Next development version (v2.6.15-SNAPSHOT)
  • 28cb225 Merge branch '2.7.x'
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Nov 25, 2022
@nixel2007
Copy link
Member

Какой опрометчивый бот

@dependabot dependabot bot force-pushed the dependabot/gradle/org.springframework.boot-3.0.0 branch 4 times, most recently from a3fce6f to b499a80 Compare December 6, 2022 09:31
@dependabot dependabot bot force-pushed the dependabot/gradle/org.springframework.boot-3.0.0 branch from b499a80 to 0855ce1 Compare December 13, 2022 15:11
@nixel2007 nixel2007 force-pushed the dependabot/gradle/org.springframework.boot-3.0.0 branch 2 times, most recently from 09a45d4 to 5f00810 Compare December 13, 2022 15:23
@nixel2007
Copy link
Member

https://github.com/stefanbirkner/system-lambda

@nixel2007 nixel2007 force-pushed the dependabot/gradle/org.springframework.boot-3.0.0 branch from ed6fefe to 12a96eb Compare December 15, 2022 19:03
@sonarqubecloud
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell B 61 Code Smells

75.0% 75.0% Coverage
0.0% 0.0% Duplication

@dependabot @nixel2007
build(deps): bump org.springframework.boot from 2.7.5 to 3.0.0
a60f966 
Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 2.7.5 to 3.0.0.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.7.5...v3.0.0)

---
updated-dependencies:
- dependency-name: org.springframework.boot
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 23, 2022

A newer version of org.springframework.boot exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

@nixel2007
migrate to java17
c406f31 
javax -> jakarta/spotbugs


jdk17


fix compile error


import reordering


fix guava exclusion


Выключена ругань на неверную компиляцию picocli

See https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/core/LocalVariableTableParameterNameDiscoverer.html

Война с Nullable


Update build.gradle.kts
Обновление перехвата System.exit под jdk17+


Update qodana.yaml
@nixel2007 nixel2007 force-pushed the dependabot/gradle/org.springframework.boot-3.0.0 branch from 15f31a7 to c406f31 Compare January 19, 2023 12:39
@ghost
Copy link

ghost commented Jun 21, 2023
edited by ghost
Loading

👇 Click on the image for a new way to code review

Review these changes using an interactive CodeSee Map

Legend

CodeSee Map legend

@github-actions
Copy link

Qodana

14 new problems found

Name Severity Problems
Statement with empty body 🔶 Warning 5
'@serial' annotation could be used 🔶 Warning 4
Mismatched query and update of collection 🔶 Warning 2
Mismatched read and write of array 🔶 Warning 1
Nullability and data flow problems 🔶 Warning 1
Redundant character escape 🔶 Warning 1

💡 Qodana analysis was run in the pull request mode: only the changed files were checked

View the detailed Qodana report

To be able to view the detailed Qodana report, you can either:

  1. Register at Qodana Cloud and configure the action
  2. Use GitHub Code Scanning with Qodana
  3. Host Qodana report at GitHub Pages
  4. Inspect and use qodana.sarif.json (see the Qodana SARIF format for details)
Contact Qodana team

Contact us at [email protected]

2 similar comments
@github-actions
Copy link

Qodana

14 new problems found

Name Severity Problems
Statement with empty body 🔶 Warning 5
'@serial' annotation could be used 🔶 Warning 4
Mismatched query and update of collection 🔶 Warning 2
Mismatched read and write of array 🔶 Warning 1
Nullability and data flow problems 🔶 Warning 1
Redundant character escape 🔶 Warning 1

💡 Qodana analysis was run in the pull request mode: only the changed files were checked

View the detailed Qodana report

To be able to view the detailed Qodana report, you can either:

  1. Register at Qodana Cloud and configure the action
  2. Use GitHub Code Scanning with Qodana
  3. Host Qodana report at GitHub Pages
  4. Inspect and use qodana.sarif.json (see the Qodana SARIF format for details)
Contact Qodana team

Contact us at [email protected]

@github-actions
Copy link

Qodana

14 new problems found

Name Severity Problems
Statement with empty body 🔶 Warning 5
'@serial' annotation could be used 🔶 Warning 4
Mismatched query and update of collection 🔶 Warning 2
Mismatched read and write of array 🔶 Warning 1
Nullability and data flow problems 🔶 Warning 1
Redundant character escape 🔶 Warning 1

💡 Qodana analysis was run in the pull request mode: only the changed files were checked

View the detailed Qodana report

To be able to view the detailed Qodana report, you can either:

  1. Register at Qodana Cloud and configure the action
  2. Use GitHub Code Scanning with Qodana
  3. Host Qodana report at GitHub Pages
  4. Inspect and use qodana.sarif.json (see the Qodana SARIF format for details)
Contact Qodana team

Contact us at [email protected]

@github-actions
Copy link

Qodana

14 new problems found

Name Severity Problems
Statement with empty body 🔶 Warning 5
'@serial' annotation could be used 🔶 Warning 4
Mismatched query and update of collection 🔶 Warning 2
Mismatched read and write of array 🔶 Warning 1
Nullability and data flow problems 🔶 Warning 1
Redundant character escape 🔶 Warning 1

💡 Qodana analysis was run in the pull request mode: only the changed files were checked

View the detailed Qodana report

To be able to view the detailed Qodana report, you can either:

  1. Register at Qodana Cloud and configure the action
  2. Use GitHub Code Scanning with Qodana
  3. Host Qodana report at GitHub Pages
  4. Inspect and use qodana.sarif.json (see the Qodana SARIF format for details)
Contact Qodana team

Contact us at [email protected]

@sonarqubecloud
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell B 11 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

idea Catch issues before they fail your Quality Gate with our IDE extension sonarlint SonarLint

@nixel2007 nixel2007 merged commit 40c8d80 into develop Jun 21, 2023
@nixel2007 nixel2007 deleted the dependabot/gradle/org.springframework.boot-3.0.0 branch June 21, 2023 08:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@nixel2007