Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the spring group with 2 updates #218

Merged
merged 1 commit into from
Jan 12, 2025
Merged

Bump the spring group with 2 updates #218

merged 1 commit into from
Jan 12, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 1, 2025

Bumps the spring group with 2 updates: org.springframework.boot:spring-boot-starter-parent and com.google.cloud:spring-cloud-gcp-dependencies.

Updates org.springframework.boot:spring-boot-starter-parent from 3.3.6 to 3.3.7

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.3.7

🐞 Bug Fixes

  • KafkaProperties fail to build SSL properties when the bundle name is an empty string #43561
  • With multiple ResourceHandlerRegistrationCustomizer beans in the context, only one of them is used #43494
  • Kafka dependency management does not include the kafka-server module #43450
  • Failures in -Djarmode=tools do not consistently return a non-zero exit #43435
  • SpringApplicationShutdownHandlers do not run in deterministic order #43430
  • Failure analysis for InvalidConfigurationPropertyValueException doesn't correctly handle fuzzy matching of environment variables #43380
  • Diagnostics are poor when property resolution throws a ConversionFailedException #43378
  • Unable to find a @SpringBootConfiguration results in misleading error message #43357
  • H2ConsoleAutoConfiguration causes early initialization of DataSource beans #43337
  • Accept progress on numbers >2GB #43328
  • Overriding log level with an environment variable does not work when using an environment prefix #43304
  • Methods to build producer / consumer properties from KafkaProperties are inconvienenent to use without an SSL bundle #43300
  • UnsupportedOperationException when starting a Maven shaded application on Java 21 with virtual threads enabled #43284
  • Unable to use Docker Compose support when mixing dedicated and shared services #40139

📔 Documentation

  • Fix typo in documentation #43557
  • Fix typo #43512
  • Links to logback javadoc are incorrect #43439
  • Fix JUnit javadoc links #43383
  • Document that server.ssl.cipher and server.ssl.enabled-protocols are not fallbacks used with SSL bundles #43353
  • Restore System property in Logging section of the reference documentation #43341
  • Use <annotationProcessorPaths> in Maven examples for configuring an annotation processor #43329
  • Fix link to proxyBeanMethods in @AutoConfiguration javadoc #43323
  • Fix links to Servlet and JPA javadoc #43320
  • Link to @EnableMethodSecurity instead of the deprecated @EnableGlobalMethodSecurity #43308
  • Fix Javadoc link for Hikari #43305

🔨 Dependency Upgrades

  • Upgrade to Dependency Management Plugin 1.1.7 #43542
  • Upgrade to Hibernate Validator 8.0.2.Final #43509
  • Upgrade to Jetty 12.0.16 #43487
  • Upgrade to jOOQ 3.19.16 #43463
  • Upgrade to Kafka 3.7.2 #43502
  • Upgrade to Micrometer 1.13.9 #43388
  • Upgrade to Micrometer Tracing 1.3.7 #43389
  • Upgrade to Native Build Tools Plugin 0.10.4 #43385
  • Upgrade to Netty 4.1.116.Final #43549
  • Upgrade to Reactor Bom 2023.0.13 #43390
  • Upgrade to RxJava3 3.1.10 #43386
  • Upgrade to Spring Authorization Server 1.3.4 #43391
  • Upgrade to Spring Batch 5.1.3 #43474
  • Upgrade to Spring Data Bom 2024.0.7 #43392
  • Upgrade to Spring Framework 6.1.16 #43393
  • Upgrade to Spring HATEOAS 2.3.4 #43475

... (truncated)

Commits
  • 7657d61 Release v3.3.7
  • a085a01 Upgrade to Spring Batch 5.1.3
  • ba916cb Allow KafkaProperties to build properties with empty bundle name
  • a5c2f0f Improve diagnostics when config prop value conversion fails
  • 88fad3c Merge pull request #43557 from quaff
  • 6366511 Fix typo
  • 38d96aa Drop {*-javadoc} attribute prefixes when possible
  • 229137d Document certain server.ssl.properties are ignored when using a bundle
  • aa374bf Correct links used in upgrade issues
  • cbb8d12 Upgrade to Spring Session 3.3.5
  • Additional commits viewable in compare view

Updates com.google.cloud:spring-cloud-gcp-dependencies from 5.8.0 to 5.9.0

Release notes

Sourced from com.google.cloud:spring-cloud-gcp-dependencies's releases.

v5.9.0

5.9.0 (2024-12-06)

Features

  • Add all additional Cloud SQL Java Connector parameters to the spring configuration. (#3286) (f2212d3)
  • add property to customize universe domain in Pub/Sub (#3348) (9cf2145)

Bug Fixes

  • deps: update dependency com.google.cloud:libraries-bom to v26.51.0 (#3350) (a270a7d)
  • include limit in query for findFirst and findTop support in Firestore (#3387) (9fe8e91)
  • migrate logic to create tmpdir to build script (#3367) (a12638c)
  • need to update to use new trampoline_release.py script as well as update to configure docker auth with new image (#3356) (b5ace26)
  • sonar build 401 issue (#3381) (fa53707)

Notable Changes

Libraries-Bom was upgraded from v26.49.0 to v26.51.0. This upgrade bumps the Protobuf-Java Runtime major version (3.x -> 4.x) and Spring-Cloud-GCP now uses Protobuf-Java v4.28.3.

The Google Cloud Java SDK is compatible with both Protobuf-Java 3.25.x and 4.27.4+ runtimes. However, uses may still experience issues related to the Protobuf-Java upgrade. Issues may stem from older dependencies (not managed by libraries-bom) or user defined protos. See these release notes for more information on how to resolve these issues.

Changelog

Sourced from com.google.cloud:spring-cloud-gcp-dependencies's changelog.

5.9.0 (2024-12-06)

Features

  • Add all additional Cloud SQL Java Connector parameters to the spring configuration. (#3286) (f2212d3)
  • add property to customize universe domain in Pub/Sub (#3348) (9cf2145)

Bug Fixes

  • deps: update dependency com.google.cloud:libraries-bom to v26.51.0 (#3350) (a270a7d)
  • include limit in query for findFirst and findTop support in Firestore (#3387) (9fe8e91)
  • migrate logic to create tmpdir to build script (#3367) (a12638c)
  • need to update to use new trampoline_release.py script as well as update to configure docker auth with new image (#3356) (b5ace26)
  • sonar build 401 issue (#3381) (fa53707)
Commits
  • c4f4bb9 chore(main): release 5.9.0 (#3351)
  • a270a7d fix(deps): update dependency com.google.cloud:libraries-bom to v26.51.0 (#3350)
  • 03b7416 chore(deps): update gapic-generator-java-bom.version to v2.50.0 (#3327)
  • fa53707 fix: sonar build 401 issue (#3381)
  • 9fe8e91 fix: include limit in query for findFirst and findTop support in Firestore (#...
  • a12638c fix: migrate logic to create tmpdir to build script (#3367)
  • a2d9df3 chore: revert exclude commons logging from artifacts. (#3366)
  • b5ace26 fix: need to update to use new trampoline_release.py script as well as update...
  • 9cf2145 feat: add property to customize universe domain in Pub/Sub (#3348)
  • f2212d3 feat: Add all additional Cloud SQL Java Connector parameters to the spring co...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the spring group with 2 updates
3202a73 
Bumps the spring group with 2 updates: [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) and [com.google.cloud:spring-cloud-gcp-dependencies](https://github.com/GoogleCloudPlatform/spring-cloud-gcp).


Updates `org.springframework.boot:spring-boot-starter-parent` from 3.3.6 to 3.3.7
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.3.6...v3.3.7)

Updates `com.google.cloud:spring-cloud-gcp-dependencies` from 5.8.0 to 5.9.0
- [Release notes](https://github.com/GoogleCloudPlatform/spring-cloud-gcp/releases)
- [Changelog](https://github.com/GoogleCloudPlatform/spring-cloud-gcp/blob/main/CHANGELOG.md)
- [Commits](GoogleCloudPlatform/spring-cloud-gcp@v5.8.0...v5.9.0)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: com.google.cloud:spring-cloud-gcp-dependencies
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: spring
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jan 1, 2025
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jan 2, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@fcrespel fcrespel merged commit 0200e59 into master Jan 12, 2025
6 checks passed
@dependabot dependabot bot deleted the dependabot/maven/spring-792889bd14 branch January 12, 2025 22:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@fcrespel