Skip to content

Update all dependencies#108

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all
Open

Update all dependencies#108
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 14, 2023
edited by jarkkoka
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
com.diffplug.spotless:spotless-maven-plugin 3.1.03.3.0 age adoption passing confidence
org.apache.maven.plugins:maven-compiler-plugin (source) 3.14.13.15.0 age adoption passing confidence
org.assertj:assertj-db 3.0.13.0.2 age adoption passing confidence
org.springframework.boot:spring-boot-starter-parent (source) 4.0.14.0.3 age adoption passing confidence

Release Notes

diffplug/spotless (com.diffplug.spotless:spotless-maven-plugin)

v3.3.0

Added
  • Allow specifying path to Biome JSON config file directly in biome step. Requires biome 2.x. (#​2548)
  • GitPrePushHookInstaller, a reusable library component for installing a Git pre-push hook that runs formatter checks. (#​2553)
  • Allow setting Eclipse XML config from a string, not only from files (#​2361)

v3.2.0

Added
  • Support for idea (#​2020, #​2535)
  • Add support for removing wildcard imports via removeWildcardImports step. (#​2517)
  • scalafmt: enforce version consistency between the version configured in Spotless and the version declared in Scalafmt config file (#​2460)
Fixed
  • SortPom disable expandEmptyElements, to avoid empty body warnings. (#​2520)
  • Fix biome formatter for new major release 2.x of biome (#​2537)
  • Make sure npm-based formatters use the correct node_modules directory when running in parallel. (#​2542)
Changed
  • Bump internal dependencies for npm-based formatters (#​2542)
spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-parent)

v4.0.3

Compare Source

⭐ New Features

  • Add TWENTY_SIX to JavaVersion enum #​49193

🐞 Bug Fixes

  • Jackson properties may not be applied correctly to RestClients #​49223
  • ClassNotFoundException when using Actuator without spring-boot-health #​49196
  • Using the OTel and Zipkin starters together creates invalid configuration #​49183
  • Whitespace can be incorrectly removed when spring-boot-configuration-processor runs on multi-line javadoc #​49060
  • Jackson2HttpMessageConvertersConfiguration uses ConditionOn Jackson3 XMLMapper class #​49015
  • server.jetty.threads.max is ignored when using virtual threads #​48989
  • Slice test includes fail to load when using spring-boot-starter-test-classic #​48981
  • Docker credential helpers with file extensions cannot be executed on Windows #​48979
  • Java version requirement check for native image is confusing if AOT didn't run #​48963
  • TestPropertyValues.Pair.fromMapEntry(Entry<String, String>) does not comply with its nullability contract #​48948

📔 Documentation

  • Couchbase and Kafka are incorrectly listed as supporting SSL with Docker Compose #​49212
  • Document that use of non idiomatic format for '@Value' still apply for environment variables #​49109
  • Document naming convention for custom test-scoped starters #​49017
  • Delay removal of Jackson 2 support until 4.3 at the earliest #​49010
  • LICENSE.txt and NOTICE.txt files have the wrong content in the latest releases #​49003
  • ApplicationContextAssert documents a non-existent assertion in getFailure() #​48977
  • Highlight the importance of the preStop hook when configuring Kubernetes probes #​48946

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​GaetanoCerciello, @​dsyer, @​linkian209, @​nosan, @​quaff, @​scordio, and @​srt

v4.0.2

Compare Source

⚠️ Noteworthy Changes

  • The dependency on org.eclipse.jetty.ee11:jetty-ee11-servlets has been removed from spring-boot-jetty as it was unnecessary and unused. If your application code depends on a class from jetty-ee11-servlets, declare a dependency on it in your build configuration. #​48677

🐞 Bug Fixes

  • No TransactionAutoConfiguration with spring-boot-starter-kafka for Spring Boot 4 #​48880
  • Evaluation of bean conditions unnecessarily queries the bean factory for types that are not present #​48840
  • When a bean condition references a type that is not present, it appears as ? in the condition evaluation report #​48838
  • SessionAutoConfiguration creates a DefaultCookieSerializer with a default SameSite of null instead of Lax #​48830
  • Setting graphql schema location to "classpath*:graphql/**/" causes failure due to incorrectly packaged test resource #​48829
  • Message interpolation by MVC and WebFlux's Validators does not work correctly in a native image #​48828
  • CloudFoundry integration fails in Servlet-based web app without a dependency on spring-boot-starter-restclient #​48826
  • RestTestClientAutoConfiguration and TestRestTemplateAutoConfiguration should be package-private #​48820
  • SSL metrics are no longer auto-configured #​48819
  • Actuator /info endpoint fails in Java 25 Native Image (VirtualThreadSchedulerMXBean support) #​48812
  • DataSourceBuilder cannot create oracle.ucp.jdbc.PoolDataSourceImpl in a native image #​48703
  • The spring-boot-cloudfoundry module should only have an optional dependency on spring-boot-security #​48685
  • Application JAR created by extract command is not reproductible #​48678
  • AOT processing of tests should not be disabled when 'skipTests' is set #​48662
  • @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) is no longer applied to the management server #​48653
  • Fix zero-length byte buffer in InspectedContent #​48650
  • Can no longer override JacksonJsonHttpMessageConverter with ServerHttpMessageConvertersCustomizer #​48635
  • HttpServiceClientProperties incorrectly uses the @ConfigurationProperties annotation on a LinkedHashMap class #​48616
  • spring-boot-micrometer-tracing-opentelemetry fails if spring-boot-opentelemetry isn't there #​48585
  • App fails to start with starter-webmvc and starter-zipkin #​48581
  • Micrometer test modules should have an api dependency on micrometer-observation-test #​48386

📔 Documentation

  • Fix typo in REST client documentation #​48907
  • Remove duplicate word #​48874
  • Document support for configuring arguments passed to Docker Compose #​48806
  • The documentation related to EnvironmentPostProcessor links to deprecated interface #​48803
  • Update documentation for Buildpack's AOT Cache support #​48769
  • Correct docs to use new location for error handling configuration properties #​48767
  • Document spring-boot-starter-cloudfoundry on Cloud Foundry Support Page #​48675
  • Clarify javadoc to make it clear that HazelcastConfigCustomizer beans are only applied if Hazelcast is configured via a config file #​48659
  • Example using excludeDevtools property should document that optional dependencies should be enabled #​48641
  • Fix grammar and typos in the reference guide #​48601
  • Update Tracing section for Spring Boot 4's modularity #​48576

🔨 Dependency Upgrades

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​GaoSSR, @​ShaunHaldane, @​Zuohuang-Cai, @​izeye, @​mspiess, @​ngocnhan-tran1996, and @​philipbolting

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

This change is Reviewable

@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 020b323 to 60b927d Compare March 21, 2023 14:14
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from bfbf62f to d9ba274 Compare March 30, 2023 12:48
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from cfab1be to dba7efa Compare April 18, 2023 06:46
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from a59aa82 to 0c5f399 Compare May 12, 2023 00:43
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 053b526 to 744b0e5 Compare May 27, 2023 01:04
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 51c6dae to 62a7113 Compare June 9, 2023 01:18
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from 2824350 to cd9b4ae Compare June 30, 2023 20:16
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from 83a505d to 822fb73 Compare August 1, 2023 14:52
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 594e732 to d3d4592 Compare August 14, 2023 09:20
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from be45afb to 618344d Compare October 23, 2023 09:50
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 020a7dc to 679efaa Compare October 27, 2023 04:18
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 159877c to af7de6a Compare November 29, 2023 17:50
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 3b60708 to d06e08a Compare December 14, 2023 12:59
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from 9a57639 to c0eafc1 Compare December 24, 2023 18:02
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from e87ce1d to e3912f0 Compare January 9, 2024 10:18
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from e06a1d3 to ae7fe8a Compare January 17, 2024 16:48
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 4c92012 to 0d58ed2 Compare January 25, 2024 16:49
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from e3c3983 to 727b371 Compare February 20, 2024 22:50
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 15065f7 to 47f0640 Compare March 19, 2024 09:59
@github-actions
Copy link

github-actions bot commented Dec 22, 2025
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

pom.xml

PackageVersionLicenseIssue Type
com.diffplug.spotless:spotless-maven-plugin3.3.0NullUnknown License
org.apache.maven.plugins:maven-compiler-plugin3.15.0NullUnknown License
Allowed Licenses: CC0-1.0, CC-BY-4.0, Unlicense, WTFPL, 0BSD, MIT, Apache-2.0, ISC, BSD-2-Clause, BSD-3-Clause, Zlib, MPL-1.1, MPL-2.0, CDDL-1.0, EPL-1.0, EPL-2.0, CECILL-2.1, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-3.0-only, LGPL-3.0-or-later, EUPL-1.0, EUPL-1.1, EUPL-1.2, AAL, AFL-3.0, Apache-1.1, APL-1.0, APSL-2.0, Artistic-1.0-Perl, Artistic-2.0, BSL-1.0, CATOSL-1.1, CPAL-1.0, CUA-OPL-1.0, ECL-2.0, EFL-2.0, Entessa, EUDatagrid, Fair, LPPL-1.3c, LPL-1.02, MirOS, Motosoto, Multics, NASA-1.3, NCSA, NTP, Naumen, Nokia, PostgreSQL, PSF-2.0, RPSL-1.0, RSCPL, SimPL-2.0, Sleepycat, SPL-1.0, VSL-1.0, W3C, W3C-20150513, Xnet, ZPL-2.0
Excluded from license check: pkg:githubactions/trufflesecurity/trufflehog

OpenSSF Scorecard

PackageVersionScoreDetails
maven/com.diffplug.spotless:spotless-maven-plugin 3.3.0 UnknownUnknown
maven/org.apache.maven.plugins:maven-compiler-plugin 3.15.0 🟢 5.8
Details
CheckScoreReason
Code-Review🟢 7Found 15/20 approved changesets -- score normalized to 7
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1016 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy🟢 10security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
maven/org.assertj:assertj-db 3.0.2 UnknownUnknown

Scanned Files

  • pom.xml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jannebe