Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump org.springframework.boot from 2.5.2 to 2.5.4 in /examples #4435

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 1, 2021

Bumps org.springframework.boot from 2.5.2 to 2.5.4.

Release notes

Sourced from org.springframework.boot's releases.

v2.5.4

🐞 Bug Fixes

  • spring-boot-configuration-metadata leaks enforced dependency constraints into consuming builds #27730
  • Potential NPE in TomcatMetricsBinder.findContext() #27616
  • Cyclic bean definition when a Spring Data repository is a dependency of a MeterBinder #27591
  • spring-boot:build-image hangs when exceptions are thrown during upload #27535
  • WebTestClientContextCustomizerFactory causes an IllegalStateException when WebClient is on the classpath without a supported HTTP client #27527
  • spring.security.dispatcher-types is not applied to Spring Security's filter when running in a separate management context #27505
  • A URI with non-alpha characters in its scheme is not sanitized #27488

📔 Documentation

  • Mention productionRuntimeClasspath in Gradle plugin's documentation #27620
  • Fix typo in javadoc #27618

🔨 Dependency Upgrades

  • Upgrade to ActiveMQ 5.16.3 #27742
  • Upgrade to AppEngine SDK 1.9.91 #27743
  • Upgrade to Cassandra Driver 4.11.3 #27674
  • Upgrade to Couchbase Client 3.1.7 #27675
  • Upgrade to Ehcache3 3.9.5 #27676
  • Upgrade to Glassfish JAXB 2.3.5 #27677
  • Upgrade to Hazelcast 4.1.5 #27744
  • Upgrade to Hazelcast Hibernate5 2.2.1 #27678
  • Upgrade to Janino 3.1.6 #27679
  • Upgrade to Logback 1.2.5 #27680
  • Upgrade to MariaDB 2.7.4 #27681
  • Upgrade to Maven Enforcer Plugin 3.0.0 #27682
  • Upgrade to Micrometer 1.7.3 #27601
  • Upgrade to MIMEPull 1.9.15 #27683
  • Upgrade to Netty 4.1.67.Final #27745
  • Upgrade to Nimbus JOSE JWT 9.10.1 #27701
  • Upgrade to OAuth2 OIDC SDK 9.9.1 #27700
  • Upgrade to Reactor 2020.0.10 #27600
  • Upgrade to SendGrid 4.7.4 #27684
  • Upgrade to Spring Data 2021.0.4 #27633
  • Upgrade to Spring Integration 5.5.3 #27604
  • Upgrade to Spring Kafka 2.7.6 #27602
  • Upgrade to Spring Security 5.5.2 #27603
  • Upgrade to Spring Session 2021.0.2 #27605
  • Upgrade to Tomcat 9.0.52 #27685
  • Upgrade to Undertow 2.2.10.Final #27686

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

... (truncated)

Commits
  • 4c81152 Release v2.5.4
  • a5bd4e9 Merge branch '2.4.x' into 2.5.x
  • 6be27e2 Download artifacts for the publish_gradle_plugin task
  • 29ccbdd Merge branch '2.4.x' into 2.5.x
  • f2b7092 Use token for GitHub authentication consistently
  • e28115e Next development version (v2.4.11-SNAPSHOT)
  • 2c18f26 Merge branch '2.4.x' into 2.5.x
  • ea95c99 Update email address used for release commit
  • 6d8ba3e Merge branch '2.4.x' into 2.5.x
  • ea9f851 Merge pull request #27736 from izeye
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 2.5.2 to 2.5.4.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.5.2...v2.5.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java labels Sep 1, 2021
@rnorth rnorth mentioned this pull request Sep 6, 2021
@rnorth rnorth merged commit 86a043f into master Sep 6, 2021
@delete-merged-branch delete-merged-branch bot deleted the dependabot/gradle/examples/org.springframework.boot-2.5.4 branch September 6, 2021 13:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant