Sourced from versions-maven-plugin's releases.

2.14.0

Changes

🚀 New features and improvements

• #333: aggregated reports site information (#841) @​MihaStemberger
• #333: aggregated reports (#836) @​MihaStemberger
• Resolves #837: Add includeParent (default true) to UpdatePropertiesMojo (#838) @​ajarmoniuk
• #767 display update information for ranges (#823) @​sultan
• Resolves #387: Provide an enforcer rule to specify the maximum number of allowed dependency updates (#801) @​ajarmoniuk
• Introduce Plugin API for ChangeRecorder (#819) @​slawekjaranowski
• Issue 134 removing the no longer needed patch + adding integration tests (#814) @​ajarmoniuk
• Make includeParent false by default to retain backward compatibility. (#817) @​ajarmoniuk
• Resolves #359: XML Property Updates Report (#804) @​ajarmoniuk
• Resolves #793: Added includeParent to DisplayPropertyUpdates and PropertyUpdatesReport (#795) @​ajarmoniuk

🐛 Bug Fixes

• Wagon should use remote repository instead of proxy repository for repo authentication (#842) @​ajarmoniuk
• Resolves #289: Handle processParent in mojos which support it. (#813) @​ajarmoniuk
• Resolves #505: getReactorModels using correct module paths when the module name includes pom.xml (#805) @​ajarmoniuk
• #794: SetMojo would always change the version of the POM, regardless if a match was found (#799) @​ajarmoniuk
• #614 resolve version from model properties if necessary (#797) @​TorstenKruse
• Resolves #790: Fix update scope determination in DisplayDependencyUpdatesMojo (#791) @​ajarmoniuk

📦 Dependency updates

• Bump parent version from 71 to 72 (#844) @​slawekjaranowski
• Bump commons-text from 1.9 to 1.10.0 (#827) @​dependabot
• Bump mockito-inline from 4.8.1 to 4.9.0 (#815) @​dependabot
• Bump plexus-utils from 3.4.2 to 3.5.0 (#811) @​dependabot
• Upgrade com.fasterxml.woodstox:woodstox-core to 6.4.0 (#798) @​slachiewicz
• Bump plexus-utils from 3.4.2 to 3.5.0 (#792) @​dependabot

📝 Documentation updates

• Make Max Dependency enforcer rule as main page of enforcer module (#847) @​slawekjaranowski
• Clarification in README - maintained versions, issues and PR creation (#832) @​slawekjaranowski
• #725: Migrate Set Aggregator to Markdown (#784) @​ajarmoniuk
• #725: Migrate Recording Changes to Markdown (#783) @​ajarmoniuk
• #725: Migrate Update Parent to Markdown (#787) @​ajarmoniuk
• #725: Migrate Unlock Snapshots to Markdown (#785) @​ajarmoniuk
• #725: Migrate Update Child Modules to Markdown (#786) @​ajarmoniuk
• #725: Migrate Use Releases to Markdown (#788) @​ajarmoniuk
• #725: Migrate Update Properties to Markdown (#789) @​ajarmoniuk

👻 Maintenance

• Enable Spotless plugin - automatic code formatting (#845) @​slawekjaranowski
• #704: Remove remaining ArtifactRepository leftovers + use version range for VersionsHelper where applicable (#833) @​ajarmoniuk

... (truncated)

• fde050e [maven-release-plugin] prepare release 2.14.0
• a9e9e14 Make Max Dependency enforcer rule as main page of enforcer module
• e01dbb7 Fix links in site
• 84dc123 Add 404 page
• 30b44a0 Ignore code reformat form git blame after spotless
• 1fb9f3b Enable Spotless plugin - code reformat
• 42341fb Enable Spotless plugin - automatic code formatting
• 1f7058d Bump parent version from 71 to 72
• 3e4aee0 Wagon should use remote repository instead of proxy repository for repo authe...
• 3003f8b Fixed #333
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from spring-boot-dependencies's releases.

v3.0.0

:star: New Features

• Provide a configuration property for the observation patterns of Spring Integration components #33099

:lady_beetle: Bug Fixes

• io.micrometer.tracing.Tracer on the classpath breaks AOT processing for tests #33298
• Tracer library HTTP instrumentation is auto-configured unnecessarily #33287
• Auto-configuration ignores user-provided ObservationConventions #33285
• ScheduledBeanLazyInitializationExcludeFilter is auto-configured even when annotation-based scheduled has not been enabled #33284
• SpringBootContextLoader prints banner twice when using a @ContextHierarchy #33263
• Properties migrator causes an application to fail to start if it tries to map a property whose metadata data entry contains an invalid configuration property name #33250
• Wavefront MeterRegistryCustomizer is not applying application tags from application.properties #33244
• Actuator responses no longer format timestamps as ISO-8601 #33236
• Configuration property is not bound in a native image when property has get, set, and is methods #33232
• Configuration property binding does not deal with bridge methods #33212
• Contribute missing resource hints for GraphQL schema files and GraphiQL HTML page #33208
• Hints for ClientHttpRequestFactory should only be generated for matching methods #33203
• Native profile should configure execution in pluginManagement #33184
• Configuring management.server.port via a config tree results in a ConverterNotFoundException when the management context is refreshed #33169
• JBoss logging does not route directly to SLF4J when using Logback #33155
• Test with UseMainMethod.Always do not work with Kotlin main functions #33114
• Maven process-aot does not specify source and target release when compiling generated sources #33112
• Some Actuator beans are ineligible for post-processing #33110
• AOT-generated source fails to compile when Actuator is enabled on a WebFlux project #33106
• @ContextHierarchy should never be used with main method #33078
• Maven process-aot fails when compiler plugin has been configured with --enable-preview #33012
• Wavefront application tags differ from those used in a Spring Boot 2.x application #32844
• Maven goal spring-boot:build-image runs package phase twice #26455

:notebook_with_decorative_cover: Documentation

• Document observation for R2DBC #33335
• Align Tomcat multiple connectors example with recommendation to configure SSL declaratively #33333
• Actuator document is misleading about k8s startup probe #33327
• Update documented for @Timed to reflect narrower support #33282
• Update reference documentation to replace mentions of tags providers and contributors with their Observation-based equivalents #33281
• Link to Micrometer's @Timed documentation #33266
• Clarify use of the spring.cache.type property with Hazelcast #33258
• Example git.commit.time in the Actuator API documentation is thousands of years in the future #33256
• Update Spring Security filter dispatcher types docs to reflect change in default value #33252
• Documentation for nested configuration properties in a native image uses @NestedConfigurationProperty too widely #33239
• Document that the jar task should not be disabled when building a native image #33238
• Document nesting configuration properties using records or Kotlin data classes and how and when to use @NestedConfigurationProperty #33235
• Links to Features describes sections that have moved elsewhere #33214
• Fix broken links in docs #33209
• Document the need for compilation with -parameters when targeting a native image #33182
• Remove outdated native image documentation #33109
• Mention @RegisterReflectionForBinding in the docs #32903

... (truncated)

• c9c359f Release v3.0.0
• fb2cc73 Work around Thymeleaf's dependency on spring-security-bom:6.0.0-RC2
• 355b428 Merge branch '2.7.x'
• 7ea5881 Update LATEST_GA to false to prepare for 3.0.0's release
• 1de09f4 Merge branch '2.6.x' into 2.7.x
• e922650 Upgrade to Spring Framework 6.0.2
• 4b8a28a Next development version (v2.7.7-SNAPSHOT)
• 14ba9b1 Start building against Spring Framework 6.0.2 snapshots
• d4a9100 Next development version (v2.6.15-SNAPSHOT)
• 28cb225 Merge branch '2.7.x'
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from axon-bom's releases.

Axon Bill of Materials v4.6.0

:star: Features

• Add Axon Framework's Jakarta modules #93
• Add axon-tracing-opentelemetry to the BoM #92
• Add the new multi-tenancy and Spring Native extensions #88

:hammer_and_wrench: Dependency Upgrade

• Bump axon-kotlin from 0.2.0 to 4.6.0 #91
• Bump extension.reactor.version from 4.5.1 to 4.6.0 #90
• Bump axon-mongo from 4.5 to 4.6.0 #89
• Bump extension.springcloud.version from 4.5 to 4.6.0 #87
• Bump extension.jgroups.version from 4.5.1 to 4.6.0 #86
• Bump extension.tracing.version from 4.5.2 to 4.6.0 #85
• Bump extension.kafka.version from 4.5.4 to 4.6.0 #84
• Bump axon.version from 4.5.15 to 4.6.0 #83
• Bump extension.amqp.version from 4.5 to 4.6.0 #82
• Bump reactor-core from 3.4.22 to 3.4.23 #81
• Bump actions/setup-java from 3.4.1 to 3.5.0 #80
• Bump reactor-core from 3.4.21 to 3.4.22 #79
• Bump maven-install-plugin from 3.0.0 to 3.0.1 #77
• Bump axonserver-connector-java from 4.5.6 to 4.6.1 #74
• Bump axonserver-plugin-api from 4.5 to 4.6.0 #73

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

• @​smcvb
• @​Morlack

• 91a0baf [maven-release-plugin] prepare release axon-4.6.0
• fe2219a Merge pull request #93 from AxonFramework/feature/add-jakarta-modules
• 9fcc82d Add Jakarta modules
• b8b2cde Merge pull request #88 from AxonFramework/feature/add-springnative-and-multit...
• 5761d73 Rename multi-tenancy Spring Boot dependencies
• 21c1514 Rename multi-tenancy Spring Boot dependencies
• aa6e5c8 Merge branch 'master' into feature/add-springnative-and-multitenancy
• f3023c2 Merge pull request #90 from AxonFramework/dependabot/maven/extension.reactor....
• 9e5faf8 Merge pull request #91 from AxonFramework/dependabot/maven/org.axonframework....
• 2560ee0 Merge branch 'master' into feature/add-springnative-and-multitenancy
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from axon-bom's releases.

Axon Bill of Materials v4.5.13

:hammer_and_wrench: Dependency Upgrade

• Bump axon.version from 4.5.9 to 4.5.10 #59
• Bump extension.kafka.version from 4.5.3 to 4.5.4 #58
• Bump reactor-core from 3.4.17 to 3.4.18 #57
• Bump reactor-core from 3.4.16 to 3.4.17 #53
• Bump maven-clean-plugin from 3.1.0 to 3.2.0 #52

• 30a36b8 [maven-release-plugin] prepare release axo13
• be96942 Bump axon.version from 4.5.9 to 4.5.10
• f1e5bce Merge pull request #58 from AxonFramework/dependabot/maven/extension.kafka.ve...
• 2de7ea8 Bump extension.kafka.version from 4.5.3 to 4.5.4
• e3c1820 Merge pull request #57 from AxonFramework/dependabot/maven/io.projectreactor-...
• a69b941 Bump reactor-core from 3.4.17 to 3.4.18
• 9a60070 Merge pull request #56 from AxonFramework/dependabot/github_actions/actions/s...
• 0f60073 Bump actions/setup-java from 3.2.0 to 3.3.0
• 65668a8 Merge pull request #55 from AxonFramework/dependabot/github_actions/actions/s...
• 1f33349 Bump actions/setup-java from 3.1.1 to 3.2.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from spring-boot-dependencies's releases.

v2.7.0

:star: New Features

• Revert to using "application/json" as default MIME type for GraphQL while remaining compatible with "application/graphql+json" #30860
• Allow customization of single logout in auto-configured SAML relying party registration #30128

:lady_beetle: Bug Fixes

• Default properties configured on SpringApplication have higher precedence than properties configured with @PropertySource #31093
• A failure when an instrumented WebClient records metrics causes the request to fail #31089
• Dependency management for Artemis is incomplete #31079
• Configuration properties for Statsd's buffered and step properties are missing #31059
• Debug logging for requests to WebFlux-based Actuator endpoints does not identify the endpoint #30887
• @ConditionalOnProperty meta annotation with @AliasFor does not work #30874
• Event handling in JobExecutionExitCodeGenerator is not thread-safe #30846
• Hibernate service loading logs HHH000505 warnings for ServiceConfigurationError with Gradle-built jars since 2.5.10 when using Java 11 or later #30791
• Cryptic startup failure with bare LOGGING_LEVEL environment variable #30789
• SearchStrategy argument of MethodValidationExcludeFilter byAnnotation(Class, SearchStrategy) is not used #30787
• spring.security.saml2.relyingparty.registration..asserting-party. properties contain unwanted hyphen in asserting-party #30785
• DevTools sets deprecated spring.mustache.cache property #30774

:notebook_with_decorative_cover: Documentation

• Extend documentation on Datadog metrics #30997
• Fix link to Upgrading From 1.x in multi-page documentation #30995
• Document support for Java 18 #30782

:hammer: Dependency Upgrades

• Upgrade to ActiveMQ 5.16.5 #30927
• Upgrade to Byte Buddy 1.12.10 #30928
• Upgrade to Cassandra Driver 4.14.1 #30929
• Upgrade to Couchbase Client 3.2.7 #30930
• Upgrade to Couchbase Client 3.3.0 #31031
• Upgrade to Elasticsearch 7.17.3 #30931
• Upgrade to Flyway 8.5.11 #31080
• Upgrade to GraphQL Java 18.1 #30859
• Upgrade to Hibernate 5.6.9.Final #31081
• Upgrade to Infinispan 13.0.10.Final #30933
• Upgrade to Jackson Bom 2.13.3 #31046
• Upgrade to Jaybird 4.0.6.java8 #30934
• Upgrade to Johnzon 1.2.18 #30935
• Upgrade to Kafka 3.1.1 #31047
• Upgrade to Micrometer 1.9.0 #31013
• Upgrade to Mockito 4.5.1 #30936
• Upgrade to MSSQL JDBC 10.2.1.jre8 #31048
• Upgrade to MySQL 8.0.29 #30937
• Upgrade to Netty 4.1.77.Final #30938
• Upgrade to Postgresql 42.3.5 #30939
• Upgrade to Reactor Bom 2020.0.19 #30940

... (truncated)

• 1168d66 Release v2.7.0
• 516d9db Update CI pipeline in preparation for 2.7.0
• 97613f1 Merge branch '2.6.x' into 2.7.x
• f95fa63 Merge branch '2.5.x' into 2.6.x
• 98d91ba Next development version (v2.6.9-SNAPSHOT)
• bf3c6df Next development version (v2.5.15-SNAPSHOT)
• 63fc60d Upgrade to SendGrid 4.9.2
• 7011119 Merge branch '2.6.x' into 2.7.x
• d1ec5d4 Upgrade CI to Docker 20.10.16
• d8bcdde Merge branch '2.5.x' into 2.6.x
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from axon-bom's releases.

Axon Bill of Materials v4.5.7

:hammer_and_wrench: Dependency Upgrade

• Bump extension.jgroups.version from 4.5 to 4.5.1 #31
• Bump extension.tracing.version from 4.5 to 4.5.1 #30
• Bump extension.tracing.version from 4.5.1 to 4.5.2 https://github.com/AxonFramework/axon-bom/commit/493f25fd908db82b4531f9ef309b0546d3bc6e76

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

• @​lfgcampos
• @​dependabot[bot]

Axon Bill of Materials v4.5.6

:hammer_and_wrench: Dependency Upgrade

• Bump actions/cache from 2.1.3 to 2.1.7 #29
• Bump axon-mongo from 4.4 to 4.5 #28
• Bump axon-kotlin from 0.1.0 to 0.2.0 #27
• Bump actions/cache from 2.1.3 to 2.1.6 #19
• Bump Axon Framework from 4.5.4 to 4.5.5 in commit 4ebae6a95013b6011b200783e2b630570e95377e

• 259b60c [maven-release-plugin] prepare for next development iteration
• a4c92c0 [maven-release-plugin] prepare release axon-bom-4.5.7
• 493f25f Bump extensions.tracing.version from 4.5.1 to 4.5.2
• 96b8b93 Merge pull request #31 from AxonFramework/dependabot/maven/extension.jgroups....
• 9336ee0 Merge pull request #30 from AxonFramework/dependabot/maven/extension.tracing....
• 9cb8b5e Bump extension.jgroups.version from 4.5 to 4.5.1
• ba5399b Bump extension.tracing.version from 4.5 to 4.5.1
• 962665e Adjust milestone
• 7b4055c [maven-release-plugin] prepare for next development iteration
• 4d39af8 [maven-release-plugin] prepare release axon-4.5.6
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from axon-bom's releases.

Axon Bill of Materials v4.5.6

:hammer_and_wrench: Dependency Upgrade

• Bump actions/cache from 2.1.3 to 2.1.7 #29
• Bump axon-mongo from 4.4 to 4.5 #28
• Bump axon-kotlin from 0.1.0 to 0.2.0 #27
• Bump actions/cache from 2.1.3 to 2.1.6 #19
• Bump Axon Framework from 4.5.4 to 4.5.5 in commit 4ebae6a95013b6011b200783e2b630570e95377e

• 4d39af8 [maven-release-plugin] prepare release axon-4.5.6
• 4ebae6a Update framework version
• c86fa68 Change milestone version
• 66147f2 Merge pull request #29 from AxonFramework/dependabot/github_actions/actions/c...
• bd9a4ef Bump actions/cache from 2.1.3 to 2.1.7
• 9bcad04 Merge pull request #28 from AxonFramework/dependabot/maven/org.axonframework....
• 1059082 Bump axon-mongo from 4.4 to 4.5
• e062ee1 Merge pull request #27 from AxonFramework/dependabot/maven/org.axonframework....
• c4e56d9 Bump axon-kotlin from 0.1.0 to 0.2.0
• c518191 Update milestone
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from spring-boot-dependencies's releases.

v2.6.0

For full upgrade instructions and new and noteworthy features please see the release notes.

:star: New Features

• Support both kebab-case and camelCase as Spring init CLI Options #28138

:lady_beetle: Bug Fixes

• Profiles added using @ActiveProfiles have different precedence #28724
• Dependency management for JSTL is out of date #28660
• A RestClientBuilder bean is not defined when RestHighLevelClient is unavailable #28655
• JUnit annotations may prevent a test context from being cached #28566
• Avoid duplicate AOP proxy class definition with FilteredClassLoader #28545
• Metrics for ThreadPoolTaskScheduler can conflict with the metrics of ThreadPoolTaskExecutor if they share the same bean name prefix #28536
• Task metrics should not expose time-related metrics as these are not supported yet #28535
• Logback should default to JVM's default charset instead of ASCII #28487
• When a parent context has method validation configuration, it isn't auto-configured in its child contexts #28480
• Prometheus actuator endpoint should produce a text/plain response unless application/openmetrics-text is explicitly accepted #28469
• Lettuce metrics auto-configuration should not require Spring Data #28436
• Error page is accessible when no credentials are provided #26356

:notebook_with_decorative_cover: Documentation

• Fix "Configure Two DataSources" example #28713
• Configuration sample in reference doc has wrong yaml formatting #28693
• Fix yaml sample format in reference doc #28692
• Update URL for GraphQL Spring Boot starter #28691
• Fix @deprecated and @see in org.springframework.boot.loader.archive.Archive's javadoc #28681
• Update links to Spring Security's reference documentation #28618
• Replace "e.g." by "for example" #28583
• Fix typo in "Ant-style path matching" #28550
• Replace "refer to" with "see" #28537
• Replace "check out" with more formal language #28503
• Replace "etc" in reference documentation #28497
• Change description of property "logging.logback.rollingpolicy.max-history" to match Logback documentation #28467
• Improve documentation on using an embedded ActiveMQ broker #28435
• Remove use of {@code ? } from configuration property descriptions #28431
• Reinstate monospaced formatting in Actuator endpoint documentation #28430

:hammer: Dependency Upgrades

• Upgrade to AppEngine SDK 1.9.92 #28569
• Upgrade to Awaitility 4.1.1 #28570
• Upgrade to Byte Buddy 1.11.22 #28571
• Upgrade to Couchbase Client 3.2.3 #28664
• Upgrade to Elasticsearch 7.15.2 #28665
• Upgrade to Flyway 8.0.4 #28697
• Upgrade to Gson 2.8.9 #28573

... (truncated)

• 44047f3 Release v2.6.0
• e9beac6 Drop CI registry mirror settings
• b6d0b44 Fix @​SuppressWarnings
• dd1d148 Deny unauthorized access to the error page
• 8bd3d53 Merge branch '2.5.x'
• c4e2252 Merge branch '2.4.x' into 2.5.x
• da82619 Upgrade to concourse/oci-build-task 0.9.1
• 7ed19a3 Merge branch '2.5.x'
• 88457d9 Merge branch '2.4.x' into 2.5.x
• 7d19ea4 Limit log output produced by spring-boot-deployment-tests:intTest
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from kotlin-bom's releases.

Kotlin 1.8.0

Changelog

Analysis API

• KT-50255 Analysis API: Implement standalone mode for the Analysis API

Analysis API. FIR

• KT-54292 Symbol Light classes: implement PsiVariable.computeConstantValue for light field
• KT-54293 Analysis API: fix constructor symbol creation when its accessed via type alias

Android

• KT-53342 TCS: New AndroidSourceSet layout for multiplatform
• KT-53013 Increase AGP compile version in KGP to 4.1.3
• KT-54013 Report error when using deprecated Kotlin Android Extensions compiler plugin
• KT-53709 MPP, Android SSL2: Conflicting warnings for androidTest/kotlin source set folder

Backend. Native. Debug

• KT-53561 Invalid LLVM module: "inlinable function call in a function with debug info must have a !dbg location"

Compiler

New Features

• KT-52817 Add @JvmSerializableLambda annotation to keep old behavior of non-invokedynamic lambdas
• KT-54460 Implementation of non-local break and continue
• KT-53916 Support Xcode 14 and new Objective-C frameworks in Kotlin/Native compiler
• KT-32208 Generate method annotations into bytecode for suspend lambdas (on invokeSuspend)
• KT-53438 Introduce a way to get SourceDebugExtension attribute value via JVMTI for profiler and coverage

Performance Improvements

• KT-53347 Get rid of excess allocations in parser
• KT-53689 JVM: Optimize equality on class literals
• KT-53119 Improve String Concatenation Lowering

Fixes

• KT-53465 Unnecessary checkcast to array of reified type is not optimized since Kotlin 1.6.20
• KT-49658 NI: False negative TYPE_MISMATCH on nullable type with when
• KT-48162 NON_VARARG_SPREAD isn't reported on *toTypedArray() call
• KT-43493 NI: False negative: no compilation error "Operator '==' cannot be applied to 'Long' and 'Int'" is reported in builder inference lambdas
• KT-54393 Change in behavior from 1.7.10 to 1.7.20 for java field override.
• KT-55357 IllegalStateException when reading a class that delegates to a Java class with a definitely-not-null type with a flexible upper bound
• KT-55068 Kotlin Gradle DSL: No mapping for symbol: VALUE_PARAMETER SCRIPT_IMPLICIT_RECEIVER on JVM IR backend
• KT-51284 SAM conversion doesn't work if method has context receivers
• KT-48532 Remove old JVM backend

... (truncated)

Sourced from kotlin-bom's changelog.

1.8.0

Analysis API

• KT-50255 Analysis API: Implement standalone mode for the Analysis API

Analysis API. FIR

• KT-54292 Symbol Light classes: implement PsiVariable.computeConstantValue for light field
• KT-54293 Analysis API: fix constructor symbol creation when its accessed via type alias

Android

• KT-53342 TCS: New AndroidSourceSet layout for multiplatform
• KT-53013 Increase AGP compile version in KGP to 4.1.3
• KT-54013 Report error when using deprecated Kotlin Android Extensions compiler plugin
• KT-53709 MPP, Android SSL2: Conflicting warnings for androidTest/kotlin source set folder

Backend. Native. Debug

• KT-53561 Invalid LLVM module: "inlinable function call in a function with debug info must have a !dbg location"

Compiler

New Features

• KT-52817 Add @JvmSerializableLambda annotation to keep old behavior of non-invokedynamic lambdas
• KT-54460 Implementation of non-local break and continue
• KT-53916 Support Xcode 14 and new Objective-C frameworks in Kotlin/Native compiler
• KT-32208 Generate method annotations into bytecode for suspend lambdas (on invokeSuspend)
• KT-53438 Introduce a way to get SourceDebugExtension attribute value via JVMTI for profiler and coverage

Performance Improvements

• KT-53347 Get rid of excess allocations in parser
• KT-53689 JVM: Optimize equality on class literals
• KT-53119 Improve String Concatenation Lowering

Fixes

• KT-53465 Unnecessary checkcast to array of reified type is not optimized since Kotlin 1.6.20
• KT-49658 NI: False negative TYPE_MISMATCH on nullable type with when
• KT-48162 NON_VARARG_SPREAD isn't reported on *toTypedArray() call
• KT-43493 NI: False negative: no compilation error "Operator '==' cannot be applied to 'Long' and 'Int'" is reported in builder inference lambdas
• KT-54393 Change in behavior from 1.7.10 to 1.7.20 for java field override.
• KT-55357 IllegalStateException when reading a class that delegates to a Java class with a definitely-not-null type with a flexible upper bound
• KT-55068 Kotlin Gradle DSL: No mapping for symbol: VALUE_PARAMETER SCRIPT_IMPLICIT_RECEIVER on JVM IR backend
• KT-51284 SAM conversion doesn't work if method has context receivers
• KT-48532 Remove old JVM backend
• KT-55065 Kotlin Gradle DSL: Reflection cannot find class data for lambda, produced by JVM IR backend

... (truncated)

• da1a843 Add ChangeLog for 1.8.0-RC2
• d325cf8 Call additional publishToMavenLocal in maven build scripts and enable info
• 0403d70 Don't leave Gradle daemons after build scripts
• 52b225d Fix task module-name is not propagated to compiler arguments
• d40ebc3 Specify versions-maven-plugin version explicitly
• 2e829ed Fix version parsing crash on Gradle rich version string
• f603c0e Scripting, IR: fix capturing of implicit receiver
• 06cbf8f Scripting, tests: enable custom script tests with IR
• d61cef0 Fix deserialization exception for DNN types from Java
• ea33e72 JVM IR: script is a valid container for local delegated properties
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from versions-maven-plugin's releases.

2.14.2

Changes

🚀 New features and improvements

• Add a simple cache for ComparableVersions (#870) @​TobiX

🐛 Bug Fixes

• Resolves #872: Make allowSnapshots an explicit argument in lookupDependencyUpdates and in reports (#873) @​ajarmoniuk
• Fixes #866: Require maven 3.2.5 (#867) @​ajarmoniuk
• Resolves #850: Protecting the display-plugin-updates mojo against a NPE in case the effective version of a plugin is not resolved (#862) @​ajarmoniuk
• Resolves #855: Set should evaluate expressions (#856) @​ajarmoniuk
• Removes parallelStream use with non-thread safe collectors (#861) @​ajarmoniuk
• #858 Fix child module resolution for multi-level projects (#859) @​corebonts

📦 Dependency updates

• Bump wagon-provider-api from 3.5.2 to 3.5.3 (#879) @​dependabot
• Manage transitive dependencies version for security updates (#877) @​slawekjaranowski
• Upgrade com.fasterxml.woodstox:woodstox-core to 6.4.0 (#876) @​slawekjaranowski
• Bump actions/stale from 6 to 7 (#871) @​dependabot
• Bump mockito-inline from 4.9.0 to 4.10.0 (#854) @​dependabot

👻 Maintenance

• Project dependencies maintenance - move versions to dependencyManagement (#875) @​slawekjaranowski

• 374ddab [maven-release-plugin] prepare release 2.14.2
• 2b9bdb7 Bump wagon-provider-api from 3.5.2 to 3.5.3
• 67c1800 Resolves #872: Make allowSnapshots an explicit argument in lookupDependencyUp...
• 2fe2c3d Manage transitive dependencies version for security updates
• 1130350 Upgrade com.fasterxml.woodstox:woodstox-core to 6.4.0
• 8f2fd07 Project dependencies maintenance - move versions to dependencyManagement
• 2bed457 Add a simple cache for ComparableVersions
• 2d7a157 Bump actions/stale from 6 to 7
• 4546a4e Fixes #866: Require maven 3.2.5
• 5ee419d Bump mockito-inline from 4.9.0 to 4.10.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from spring-boot-dependencies's releases.

v3.0.1

:lady_beetle: Bug Fixes

• Fix typo in LocalDevToolsAutoConfiguration logging #33615
• No warning is given when <springProfile> is used in a Logback <root> block #33610
• Auto-configure PropagationWebGraphQlInterceptor for tracing propagation #33542
• WebClient instrumentation fails with IllegalArgumentException when adapting to WebClientExchangeTagsProvider #33483
• Reactive observation auto-configuration does not declare order for WebFilter #33444
• Web server fails to start due to "Resource location must not be null" when attempting to use a PKCS 11 KeyStore #33433
• Actuator health endpoint for neo4j throws NoSuchElementException and always returns Status.DOWN #33428
• Anchors in YAML configuration files throw UnsupportedOperationException #33404
• ZipkinRestTemplateSender is not customizable #33399
• AOT doesn't work with Logstash Logback Encoder #33387
• Maven process-aot goal fails when release version is set in Maven compiler plugin #33382
• DependsOnDatabaseInitializationPostProcessor re-declares bean dependencies at native image runtime #33374
• @SpringBootTest now throws a NullPointerException rather than a helpful IllegalStateException when @SpringBootConfiguration is not found #33371
• bootBuildImage always trys to create a native image due to bootJar always adding a META-INF/native-image/argfile to the jar #33363

:notebook_with_decorative_cover: Documentation

• Improve gradle plugin tags documentation #33617
• Improve maven plugin tags documentation #33616
• Fix typo in tomcat accesslog checkExists doc #33512
• Documented Java compiler level is wrong #33505
• Fix typo in documentation #33453
• Update instead of replace environment in bootBuildImage documentation #33424
• Update the reference docs to document the need to declare the native-maven-plugin when using buildpacks to create a native image #33422
• Document that the shutdown endpoint is not intended for use when deploying a war to a servlet container #33410
• Reinstate GraphQL testing documentaion #33407
• Description of NEVER in Sanitize Sensitive Values isn't formatted correctly #33398

:hammer: Dependency Upgrades

• Upgrade to AspectJ 1.9.19 #33586
• Upgrade to Byte Buddy 1.12.20 #33587
• Upgrade to Couchbase Client 3.4.1 #33588
• Upgrade to Dropwizard Metrics 4.2.14 #33589
• Upgrade to Elasticsearch Client 8.5.3 #33590
• Upgrade to Hibernate 6.1.6.Final #33591
• Upgrade to HttpClient 4.5.14 #33592
• Upgrade to HttpCore 4.4.16 #33593
• Upgrade to Infinispan 14.0.4.Final #33594
• Upgrade to Jaybird 4.0.8.java11 #33595
• Upgrade to Jetty 11.0.13 #33596
• Upgrade to jOOQ 3.17.6 #33597
• Upgrade to Kotlin 1.7.22 #33598
• Upgrade to Lettuce 6.2.2.RELEASE #33599
• Upgrade to MongoDB 4.8.1 #33600
• Upgrade to MSSQL JDBC 11.2.2.jre17 #33601
• Upgrade to Native Build Tools Plugin 0.9.19 #33602

... (truncated)

• 837947c Release v3.0.1
• 5929d95 Merge branch '2.7.x'
• b10b788 Next development version (v2.7.8-SNAPSHOT)
• f588793 Update copyright year of changed files
• 0254619 Merge branch '2.7.x'
• e4772cf Update copyright year of changed files
• 2e7ca6f Warning if <springProfile> is used in phase 2 model elements
• 2ed512d Use model.deepMarkAsSkipped in SpringProfileModelHandler
• 532fed3 Increase couchbase connection timeout for tests
• 9562a2c Merge branch '2.7.x'
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)