Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump spring-boot-starter-web from 2.3.1.RELEASE to 2.5.0 #161

Conversation

dependabot-preview[bot]
Copy link
Contributor

Bumps spring-boot-starter-web from 2.3.1.RELEASE to 2.5.0.

Release notes

Sourced from spring-boot-starter-web's releases.

v2.5.0

For full upgrade instructions and new and noteworthy features please see the release notes.

🪲 Bug Fixes

  • Auto-configured resource handlers don't get applied to child contexts #26623
  • Actuator doesn't use the CORS Configuration with default security configuration and Spring Webflux #26614
  • Actuator doesn't use the CORS Configuration with default security configuration and Spring MVC #26612
  • SpringApplication additional profiles and active profiles ordering changed with Spring Boot 2.4 #26610
  • An active request delays Jetty's shutdown by 30 seconds #26608
  • SmartInitializingSingleton beans are not working with lazy initialization #26606
  • MVC and WebFlux metrics filters adversely affect the response when metrics recording fails #26596
  • ConfigDataResolvers cannot signal that they should be skipped #26585
  • Remote devtools endpoint cannot be accessed if actuator and spring security are on the classpath #26584
  • The error message when a wildcard directory location does not match any files is misleading #26583
  • Mandatory locations with pattern fail with exception #26582
  • Non-optional locations with wildcards fail if no files are contributed #26581
  • Profiles programmatically set on the Envionment are no longer merged with active profile properties #26580
  • Use of spring.profiles.include in a profile-specific document is not detected when it's configured as a YAML list #26575
  • ConfigurationProperties is retrieved via classpath scanning but does not indicate it should be indexed #26463
  • BufferingApplicationStartup fails with NoSuchElementException #26458
  • Building an image fails when using a custom buildpack image with long file names #26445
  • Additional profiles are processed too late when legacy processing is used #26434
  • Config data location does not exist error can be thrown if a profile-specific properties file is directly imported #26402
  • StandardConfigDataLoader can import profile specific files in incorrect order #26401
  • Resolvability and consumability of productionRuntimeClasspath are not aligned with runtimeClasspath #26365
  • ObjectMapper provided by JacksonAutoConfiguration via JacksonClusterEnvironmentBuilderCustomizer breaks Couchbase driver #26363
  • Empty value in spring.config.import causes NullPointerException #26346
  • @DataRedisTest does not consider RedisReactiveAutoConfiguration #26328
  • When a single bean causes a dependency cycle the failure analysis does not clearly illustrate the cycle #26323
  • SpringBootConfiguration is retrieved via classpath scanning but does not indicate it should be indexed #26318
  • Maven spring-boot:build-image ignores ZIP layout #26313
  • bootBuildImage does not pick up targetCompatibility when it's configured after task is customised #26301
  • Configuration item metadata ordering is not consistent #26277
  • @EnableAutoConfiguration and @ImportAutoConfiguration use different class loaders to find candidate configurations #26237
  • 'spring.web.resources.cache.use-last-modified=false' doesn't work with Spring MVC #26233
  • Restore support for binding configuration properties from RandomValuePropertySource #26201
  • @Scheduled method not triggered when spring.main.lazy-initialization=true #26156
  • When classes in spring-core and spring-boot are loaded by different ClassLoaders, spring-boot cannot find its own config data location resolvers #26155
  • ConfigFileApplicationListener#loadPostProcessors can not load EnvironmentPostProcessor in child classLoader #26126

📔 Documentation

  • Info endpoint in reference doc has outdated defaults #26591
  • Update documentation following the release of Spock Framework 2.0 #26586
  • Update Gradle docs to use module replacement rather than dependency substitution #26526
  • Improve documentation of TestRestTemplate's fault tolerance #26522
  • Document that the heap dump endpoint requires a HotSpot JVM #26474
  • Suggest enabling the default servlet when using Jersey as a filter #26452
  • Document support for Gradle 6.9 #26409

... (truncated)

Commits
  • d340078 Release v2.5.0
  • 0548f90 Set LATEST_GA flag to true
  • 3da3f27 Merge branch '2.4.x' into main
  • b25497c Set LATEST_GA flag to false
  • 15042e2 Merge branch '2.4.x'
  • 6bf069d Merge branch '2.3.x' into 2.4.x
  • 004363c Use WebMvcConfigurer to add resource handlers
  • c380f06 Merge branch '2.4.x'
  • 8b24a80 Merge branch '2.3.x' into 2.4.x
  • 0fa1fa5 Next development version (v2.4.7-SNAPSHOT)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Bumps [spring-boot-starter-web](https://github.com/spring-projects/spring-boot) from 2.3.1.RELEASE to 2.5.0.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.3.1.RELEASE...v2.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Jun 11, 2021
@dependabot-preview
Copy link
Contributor Author

Superseded by #167.

@dependabot-preview dependabot-preview bot deleted the dependabot/gradle/org.springframework.boot-spring-boot-starter-web-2.5.0 branch June 25, 2021 06:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants