Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump org.springframework.boot from 3.1.2 to 3.1.4 #3152

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 4, 2023

Bumps org.springframework.boot from 3.1.2 to 3.1.4.

Release notes

Sourced from org.springframework.boot's releases.

v3.1.4

⭐ New Features

  • Add TWENTY_ONE to JavaVersion enum #37364

🐞 Bug Fixes

  • When SLF4J and Logback are initialized on multiple threads in parallel, startup may fail due to SubstituteLoggerFactory being considered to be a competing LoggerFactory implementation #37484
  • Saml2RelyingPartyAutoConfiguration ignores sign-request when metadata-url is used #37482
  • Leaking file descriptor / socket within DomainSocket tooling #37460
  • Invalid Accept header produces HTTP 500 in WelcomePageHandlerMapping #37457
  • PrivateKeyParser doesn't support ed448, XDH and RSA-PSS keys #37422
  • "languageVersion is final and cannot be changed" when using Gradle 8.3 and configuring the Java toolchain's language version #37380
  • AOT processing fails when a @ConfigurationProperties-annotated record has multiple constructors #37336
  • Spring Boot dependency management not working for ehcache when using Gradle and the dependency management plugin #37270
  • SslStoreBundle implementations aren't immutable #37222
  • Parsing OCI image names that are invalid due to the use of upper case letters is very slow #37183
  • Producing and consuming different tracing propagation formats doesn't work #37178
  • Using https with elliptic curves other than secp384r1 fails #37169
  • In 3.0.x and later, Spring Security cannot be used to secure a WebSocket upgrade request when using Jetty #37158
  • Local baggage is propagated when using Brave and W3C #37156
  • ServiceConnectionContextCustomizer can trigger docker usage during AOT processing #37097
  • java.lang.OutOfMemoryError: Metaspace when repeatedly deploying and undeploying a Spring Boot web application multiple times in Tomcat #37096
  • Property 'logging.threshold.console' not working #36741

📔 Documentation

  • Document that PKCS8 PEM files should be used whenever possible #37443
  • Add reference to Oracle Spring Boot Starters #37411
  • Correct the description of spring.artemis.broker-url #37309
  • Add default value metadata for management.metrics.export.signalfx.published-histogram-type #37253
  • Polish javadoc #37143

🔨 Dependency Upgrades

  • Upgrade to Byte Buddy 1.14.8 #37419
  • Upgrade to Couchbase Client 3.4.10 #37297
  • Upgrade to Groovy 4.0.15 #37386
  • Upgrade to Hibernate 6.2.9.Final #37465
  • Upgrade to Infinispan 14.0.17.Final #37299
  • Upgrade to Jakarta XML Bind 4.0.1 #37387
  • Upgrade to Jetty 11.0.16 #37300
  • Upgrade to Lombok 1.18.30 #37488
  • Upgrade to Micrometer 1.11.4 #37261
  • Upgrade to Micrometer Tracing 1.1.5 #37262
  • Upgrade to Native Build Tools Plugin 0.9.27 #37420
  • Upgrade to Neo4j Java Driver 5.12.0 #37353
  • Upgrade to Pooled JMS 3.1.3 #37421
  • Upgrade to R2DBC MySQL 1.0.3 #37466
  • Upgrade to Reactor Bom 2022.0.11 #37263

... (truncated)

Commits
  • 3ed1f1a Release v3.1.4
  • 68830a4 Merge branch '3.0.x' into 3.1.x
  • 37adadb Next development version (v3.0.12-SNAPSHOT)
  • 7ae22d6 Merge branch '3.0.x' into 3.1.x
  • b88b8a9 Merge branch '2.7.x' into 3.0.x
  • f24c0e2 Next development version (v2.7.17-SNAPSHOT)
  • 78eb8f9 Merge branch '3.0.x' into 3.1.x
  • 78c3512 Polish
  • 9b5062e Merge branch '2.7.x' into 3.0.x
  • b83e7b4 Update copyright year of changed files
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 4, 2023
@ghost
Copy link

ghost commented Oct 4, 2023

👇 Click on the image for a new way to code review

Review these changes using an interactive CodeSee Map

Legend

CodeSee Map legend

Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.1.2 to 3.1.4.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.1.2...v3.1.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/gradle/org.springframework.boot-3.1.4 branch from fc52224 to c256b3a Compare October 4, 2023 18:19
@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 4, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@nixel2007 nixel2007 merged commit 60dcce8 into develop Oct 5, 2023
30 of 32 checks passed
@nixel2007 nixel2007 deleted the dependabot/gradle/org.springframework.boot-3.1.4 branch October 5, 2023 02:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant