Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump org.springframework.boot from 3.2.5 to 3.3.1 #3315

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 21, 2024

Bumps org.springframework.boot from 3.2.5 to 3.3.1.

Release notes

Sourced from org.springframework.boot's releases.

v3.3.1

🐞 Bug Fixes

  • SQL Server JDBC URL is malformed after adding org.springframework.boot.jdbc.parameters label #41169
  • Git instant properties cannot be coerced following git-commit-id Maven plugin upgrade #41152
  • Excluding status code from DefaultErrorAttributes throws NPE #41141
  • Spring Boot remote restart with devtools causes 'factory already defined' Tomcat error when running with 'java -jar' #41107
  • MongoHealthIndicator not compliant with Mongo stable API with strict setting #41104
  • Service connection for bitnami mongodb fails to connect #41097
  • Image building requires builder to specify a stack #41091
  • DataSourceProperties fail to bind if java.sql module isn't included #41084
  • AOT causes Logback configuration error when using include #41081
  • Image building hangs when builder and buildpack are configured #41049
  • IllegalArgumentException when trying to use Tomcat's HttpNio2Protocol with Spring Boot-configured SSL #41010
  • Uber jar fails to start when it contains a dependency with Multi-Release: true in its manifest and unexpected file entries in META-INF/versions #41006
  • JSP-related resources may not be found in an executable war file when using Jetty #40996
  • The value of the tomcat.threads.config.max metric is always -1, irrespective of the configured maximum number of threads #40957
  • The auto-configured reactiveNeo4jTransactionManager may cause a failure due to multiple TransactionManager beans #40953
  • Application fails to start when server.tomcat.threads.max < 10 #40945
  • SBOM actuator endpoint doesn't work in a native image #40939
  • Starter parent applies its configuration of the CycloneDX Maven plugin too broadly #40927
  • buildInfo does not work with Gradle 8.7 or later when the configuration cache is enabled #40924
  • Prometheus Exemplars are missing from _count #40904
  • Extract fails due to a duplicate entry when BOOT-INF/classes contains a directory that's also present in the root of the jar #40903
  • sbom is not available to the actuator endpoint when using bootRun or bootWar #40890
  • A newline character is missing from the start of the default banner #40889

📔 Documentation

  • Fix links to Spring AMQP's javadoc #41144
  • Document more precisely how a Container's Docker image name is used to find the matching service connection #41123
  • Cross-link to the CDS how-to guide #41118
  • Fix typos in javadoc of MockServerRestClientCustomizer and MockServerRestTemplateCustomizer #41065
  • Improve readability when listing three pillars of observability #41064
  • Add CDS training run configuration documentation #41045
  • Document the need to switch to io.micrometer:micrometer-registry-prometheus-simpleclient to use the Prometheus push gateway #40993
  • Improve consistency of documentation guidelines for packaging and running applications #40977
  • Fix typos in method names and javadoc #40976
  • Replace hard-coded links to Micrometer in documentation #40967
  • Add Kotlin example for @Testcontainers #40943
  • Fix various minor inconsistencies of the documentation #40942
  • Warn in the documentation that spring.profiles.group can only be used in non-profile-specific documents #40941
  • Broken Micrometer links in documentation #40916
  • Document Buildpacks CDS and Spring AOT support #40762

🔨 Dependency Upgrades

  • Upgrade to Byte Buddy 1.14.17 #41066
  • Upgrade to FreeMarker 2.3.33 #41067
  • Upgrade to HSQLDB 2.7.3 #41068

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 21, 2024
Copy link

coderabbitai bot commented Jun 21, 2024

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link

github-actions bot commented Jun 23, 2024

Qodana for JVM

76 new problems were found

Inspection name Severity Problems
Field may be 'final' 🔶 Warning 55
Lombok @Getter may be used 🔶 Warning 11
@NotNull/@Nullable problems 🔶 Warning 5
Stream API call chain can be simplified 🔶 Warning 5

💡 Qodana analysis was run in the pull request mode: only the changed files were checked
☁️ View the detailed Qodana report

Detected 104 dependencies

Third-party software list

This page lists the third-party software dependencies used in bsl-language-server

Dependency Version Licenses
aho-corasick-double-array-trie 1.2.2 Apache-2.0
aspectjrt 1.9.22.1 Apache-2.0
checker-qual 3.42.0 MIT
classgraph 4.8.147 MIT
commons-beanutils 1.9.4 Apache-2.0
commons-collections 3.2.2 Apache-2.0
commons-collections4 4.4 Apache-2.0
commons-digester 2.1 Apache-2.0
commons-exec 1.4.0 Apache-2.0
commons-io 2.16.1 Apache-2.0
commons-lang3 3.14.0 Apache-2.0
commons-logging 1.2 Apache-2.0
commons-pool2 2.12.0 Apache-2.0
commons-text 1.10.0 Apache-2.0
commons-validator 1.7 Apache-2.0
english-pos-dict 0.3 LGPL-2.1-only
error_prone_annotations 2.26.1 Apache-2.0
grpc-netty-shaded 1.61.1 Apache-2.0
gson 2.10.1 Apache-2.0
guava 33.2.1-jre Apache-2.0
hunspell 2.1.2 Apache-2.0
istack-commons-runtime 4.1.2 BSD-3-Clause
j2objc-annotations 3.0.0 Apache-2.0
jackson-annotations 2.17.1 Apache-2.0
jackson-core 2.17.1 Apache-2.0
jackson-databind 2.17.1 Apache-2.0
jackson-datatype-jdk8 2.17.1 Apache-2.0
jackson-datatype-jsr310 2.17.1 Apache-2.0
jackson-module-parameter-names 2.17.1 Apache-2.0
jakarta.activation-api 2.1.3 BSD-3-Clause
jakarta.annotation-api 2.1.1 Classpath-exception-2.0
EPL-2.0
GPL-2.0-only
jakarta.websocket-api 2.1.1 Classpath-exception-2.0
EPL-2.0
GPL-2.0-only
jakarta.xml.bind-api 4.0.2 BSD-3-Clause
java-diff-utils 4.12 Apache-2.0
java-sarif 2.0 MIT
javax.activation-api 1.2.0 CDDL-1.1
GPL-2.0-only
javax.annotation-api 1.3.2 CDDL-1.0
GPL-2.0-only
ORACLE-OPENJDK-EXCEPTION-2.0
jaxb-api 2.3.0 CDDL-1.1
GPL-2.0-only
ORACLE-OPENJDK-EXCEPTION-2.0
jaxb-core 4.0.5 BSD-3-Clause
jaxb-runtime 4.0.5 BSD-3-Clause
jgrapht-core 1.5.2 EPL-1.0
LGPL-2.0-or-later
jline-native 3.24.1 BSD-3-Clause
jline-terminal 3.24.1 BSD-3-Clause
jna-platform 5.12.1 Apache-2.0
jna 5.12.1 Apache-2.0
jsr305 3.0.2 Apache-2.0
jul-to-slf4j 2.0.13 MIT
language-detector 0.6 Apache-2.0
language-en 6.4 LGPL-2.0-or-later
language-ru 6.4 LGPL-2.0-or-later
languagetool-core 6.4 LGPL-2.0-or-later
log4j-api 2.23.1 Apache-2.0
log4j-to-slf4j 2.23.1 Apache-2.0
lombok 1.18.32 BSD-3-CLAUSE-NO-TRADEMARK
MIT
lucene-backward-codecs 5.5.5 Apache-2.0
lucene-core 5.5.5 Apache-2.0
micrometer-commons 1.13.1 Apache-2.0
micrometer-core 1.13.1 Apache-2.0
micrometer-observation 1.13.1 Apache-2.0
micrometer-registry-prometheus 1.13.1 Apache-2.0
mxparser 1.2.2 xpp
opennlp-chunk-models 1.5 Apache-2.0
opennlp-postag-models 1.5 Apache-2.0
opennlp-tokenize-models 1.5 Apache-2.0
opennlp-tools 1.9.4 Apache-2.0
openregex 1.1.1 LGPL-2.0-or-later
progressbar 0.10.1 MIT
prometheus-metrics-config 1.2.1 Apache-2.0
prometheus-metrics-core 1.2.1 Apache-2.0
prometheus-metrics-model 1.2.1 Apache-2.0
prometheus-metrics-tracer-common 1.2.1 Apache-2.0
proto-google-common-protos 2.29.0 Apache-2.0
segment 2.0.1 MIT
simpleclient 0.16.0 Apache-2.0
simpleclient_guava 0.16.0 Apache-2.0
simpleclient_tracer_common 0.16.0 Apache-2.0
simpleclient_tracer_otel 0.16.0 Apache-2.0
simpleclient_tracer_otel_agent 0.16.0 Apache-2.0
slf4j-api 2.0.13 MIT
snakeyaml 2.2 Apache-2.0
spring-aop 6.1.10 Apache-2.0
spring-beans 6.1.10 Apache-2.0
spring-boot-autoconfigure 3.3.1 Apache-2.0
spring-boot-starter-json 3.3.1 Apache-2.0
spring-boot-starter-logging 3.3.1 Apache-2.0
spring-boot-starter-tomcat 3.3.1 Apache-2.0
spring-boot-starter-web 3.3.1 Apache-2.0
spring-boot-starter-websocket 3.3.1 Apache-2.0
spring-boot-starter 3.3.1 Apache-2.0
spring-boot 3.3.1 Apache-2.0
spring-context 6.1.10 Apache-2.0
spring-core 6.1.10 Apache-2.0
spring-expression 6.1.10 Apache-2.0
spring-jcl 6.1.10 Apache-2.0
spring-messaging 6.1.10 Apache-2.0
spring-web 6.1.10 Apache-2.0
spring-webmvc 6.1.10 Apache-2.0
spring-websocket 6.1.10 Apache-2.0
tomcat-embed-core 10.1.25 Apache-2.0
CDDL-1.0
PROPRIETARY-LICENSE
tomcat-embed-el 10.1.25 Apache-2.0
tomcat-embed-websocket 10.1.25 Apache-2.0
txw2 4.0.5 BSD-3-Clause
vavr-match 0.10.2 Apache-2.0
vavr 0.10.2 Apache-2.0
Contact Qodana team

Contact us at [email protected]

@theshadowco
Copy link
Member

theshadowco commented Jul 10, 2024

@dependabot rebase

Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 10, 2024

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@theshadowco
Copy link
Member

@dependabot recreate

Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.2.5 to 3.3.1.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.2.5...v3.3.1)

---
updated-dependencies:
- dependency-name: org.springframework.boot
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/gradle/org.springframework.boot-3.3.1 branch from 57d321c to 552ac52 Compare July 10, 2024 17:43
Copy link

sonarcloud bot commented Jul 10, 2024

@nixel2007
Copy link
Member

@theshadowco нормально ты так мои коммиты снёс)))

Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 19, 2024

Superseded by #3327.

@dependabot dependabot bot closed this Jul 19, 2024
@dependabot dependabot bot deleted the dependabot/gradle/org.springframework.boot-3.3.1 branch July 19, 2024 09:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants