Testy icon indicating copy to clipboard operation
Testy copied to clipboard
verified publisher icon RWS

Bump spring-boot-autoconfigure from 2.7.5 to 2.7.12

Open dependabot[bot] opened this issue 2 years ago • 0 comments

Bumps spring-boot-autoconfigure from 2.7.5 to 2.7.12.

Release notes

Sourced from spring-boot-autoconfigure's releases.

v2.7.12

:lady_beetle: Bug Fixes

  • Welcome page may return a 404 when an acceptable response cannot be produced #35552
  • Invalid reference format error when tagging images using Podman #35358
  • FactoryBean.getObject for non-singleton executed when resetting mocks #35324
  • Can't use PEM encoded PKCS#8 EC keys with server.ssl.certificate-private-key #35322
  • Webflux server gracefulshutdown throws NullPointerException #35264
  • Health actuator mail details shows the port as -1 when using the default port #35247
  • SessionRepositoryFilterConfiguration can cause early initialization of SessionRepository beans including Redis #35240
  • Devtools main method search algorithm can find incorrect main method #35214
  • When a WebFlux app is deployed to Cloud Foundry some metrics are lost and numerous beans are ineligible for post-processing #35163
  • Liveness and readiness probes return down when lazy initialization is enabled #35161
  • Treating a null Flyway-specific password as an empty string prevents the use of PGPASS for authentication #35110
  • WebClient auto-configuration tries to use HttpComponentsClientHttpConnector when all required classes are not present #34964
  • MinIdle and MaxValidationTime properties missing for R2DBC pools #34724

:notebook_with_decorative_cover: Documentation

  • Polish formatting of permitAll() endpoint security Kotlin example #35454
  • Wrong anchors in Maven plugin documentation #35371
  • Correct list of annotations that are equivalent to @SpringBootApplication #35180
  • Harmonize references to application.yaml files in reference docs #34628

:hammer: Dependency Upgrades

  • Upgrade to Elasticsearch 7.17.10 #35339
  • Upgrade to Hazelcast 5.1.6 #35440
  • Upgrade to Johnzon 1.2.20 #35340
  • Upgrade to Json-smart 2.4.11 #35549
  • Upgrade to Micrometer 1.9.11 #35290
  • Upgrade to Netty 4.1.92.Final #35441
  • Upgrade to Reactor Bom 2020.0.32 #35291
  • Upgrade to Spring Data Bom 2021.2.12 #35292
  • Upgrade to Spring Integration 5.5.18 #35294
  • Upgrade to Tomcat 9.0.75 #35442

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​JunJaBoy, @​aasaru, @​davin111, and @​ivandimitrov8080

v2.7.11

:lady_beetle: Bug Fixes

  • CloudFoundry integration does not use endpoint path mappings #35085
  • Gradle Spring Boot plugin with Kotlin DSL does not support includeProjectDependencies in bootJar > layered > dependencies configuration #35033
  • Banner placeholders use default values too soon #34764
  • Cassandra default configuration substitutions don't resolve against configuration derived from spring.data.cassandra properties #34643

... (truncated)

Commits
  • 64157f2 Release v2.7.12
  • 418dd1b Return 406 status code if welcome page is not accepted
  • cc2bb7c Upgrade to Json-smart 2.4.11
  • c0797ee Upgrade CI to Docker 24.0.0
  • 1cd3a32 Merge branch '2.6.x' into 2.7.x
  • 7f9fd04 Upgrade to Undertow 2.2.24.Final
  • 47f1fc5 Upgrade to Tomcat 9.0.75
  • 2e8ec62 Upgrade to Thymeleaf Extras SpringSecurity 3.0.5.RELEASE
  • ba7485b Upgrade to Spring WS 3.1.6
  • 1e5797f Upgrade to Spring Security 5.6.10
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] avatar May 26 '23 22:05 dependabot[bot]