Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump spring-boot-dependencies from 2.3.3.RELEASE to 2.3.4.RELEASE #536

Conversation

dependabot-preview[bot]
Copy link
Contributor

Bumps spring-boot-dependencies from 2.3.3.RELEASE to 2.3.4.RELEASE.

Release notes

Sourced from spring-boot-dependencies's releases.

v2.3.4.RELEASE

🪲 Bug Fixes

  • @ManagementContextConfiguration is meta-annotated with @Configuration(proxyBeanMethods=false) which does not disable proxying #23305
  • Signed jar dependency performance problem when repackaged in a single jar #23264
  • ValidationHandler no longer works with certain map keys #23260
  • MVC error model unnecessarily requires timestamp entry to be a java.util.Date #23258
  • Missing sanitization in lists of URIs properties on actuator endpoints #23252
  • Cassandra's pool duration mapping uses a wrong duration unit #23249
  • When using HSQLDB, Hikari logs a warning message about the driver class name when the first connection is retrieved from the pool #23203
  • ErrorPageFilter is no longer ordered at HIGHEST_PRECEDENCE + 1 #23200
  • spring-boot-dependencies should not define a spring-boot.version property #23174
  • PropertiesLauncher fails to load PBKDF-OpenSSL of bcprov-jdk15on-1.64.jar #23165
  • Configurable SSL Logback extensions can't be supported due to URL checks #23135
  • Image building support does not zero-pad digest hashes to 64 characters #23132
  • Image builder fails silently when there's an error loading the ephemeral image #23130
  • Large files can throw YAMLException due to node limits #23096
  • RSocketPortInfoApplicationContextInitializer can throw NPE #23087
  • UndertowWebServerFactoryCustomizer requires commons lang via an unintended import on ClassUtils #23063
  • JarFile can cause memory issues when running on Java 11+ #22998
  • Dependency convergence error for nimbus-jose-jwt when depending on spring-boot-starter-oauth2-client #22996
  • LayoutFactory can be presented with empty source file #22995
  • Metrics auto-configurations are not ordered correctly #22989
  • The @TypeExcludeFilters annotation is not @Inherited #22966
  • Exception inclusion cannot be disabled when sub-classing DefaultErrorAttributes and using its deprecated constructor #22750
  • Too much logging when building an OCI image with Maven #22674

📔 Documentation

  • Document that @ConfigurationProperties beans are not scanned in sliced tests #23243
  • Fix documentation on Elasticsearch client configuration #23074
  • Provide examples of Actuator custom endpoints in the reference documentation #23060
  • Mention correct JUnit 5 annotations in Kotlin testing section #23004
  • Document that extracting layers with layertools doesn't work with executable JAR files #22993
  • Javadoc inaccuracy in SpringApplicationBuilder.properties(Properties) #22964
  • Fix typo Assert4J -> AssertJ #22960
  • Document that graceful shutdown may not work from IDEs #22959
  • Fix typos in docs #22945
  • Fix Gradle Plugin custom image name example and documentation #22918
  • Document how to use spring.factories to add auto-configuration to a test slice #22531
  • Update Maven Plugin's documentation to note the importance of configuring start and stop goals with the same JMX port #22401
  • Document how to perform tasks after application startup #22100
  • Document setting buildpack Java version from compiler plugin version #21796
  • Document that buildpacks use non-root users for building container images and running containers #21122

🔨 Dependency Upgrades

  • Upgrade to Micrometer 1.5.5 #23393
  • Upgrade to Spring REST Docs 2.0.5.RELEASE #23376
  • Upgrade to Spring AMQP 2.2.11 #23373
Commits
  • c99c82a Release v2.3.4.RELEASE
  • 07dc202 Upgrade to Micrometer 1.5.5
  • 6e369c9 Merge branch '2.2.x' into 2.3.x
  • bd8300c Next development version (v2.2.11.BUILD-SNAPSHOT)
  • 16ff702 Merge branch '2.2.x' into 2.3.x
  • c23e420 Merge branch '2.1.x' into 2.2.x
  • dbd2783 Polish logging in BintrayService
  • 0fd61c1 Merge branch '2.2.x' into 2.3.x
  • 71e3844 Merge branch '2.1.x' into 2.2.x
  • cb4eb92 Next development version (v2.1.18.BUILD-SNAPSHOT)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Bumps [spring-boot-dependencies](https://github.com/spring-projects/spring-boot) from 2.3.3.RELEASE to 2.3.4.RELEASE.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.3.3.RELEASE...v2.3.4.RELEASE)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Sep 18, 2020
@CarstenHollmann CarstenHollmann merged commit fcf006b into develop Sep 21, 2020
@dependabot-preview dependabot-preview bot deleted the dependabot/maven/org.springframework.boot-spring-boot-dependencies-2.3.4.RELEASE branch September 21, 2020 13:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant