v1.0.184-alpha

Commit message

Upgrade: [dependabot] - bump org.springframework.boot:spring-boot-starter-parent from 3.3.1 to 3.3.2 (#170)

Bumps
org.springframework.boot:spring-boot-starter-parent
from 3.3.1 to 3.3.2.

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.3.2

🐞 Bug Fixes

• No configuration property for defaultTimeout setting that was introduced in Spring Integration 6.2 #41521
• NPE during auto-configuration in OnClassCondition.resolveOutcomesThreaded because firstHalf is null #41504
• Spring Authorization Server now defaults multipleIssuersAllowed to false and it cannot be easily re-enabled #41355
• ServiceConnection does not work with @DataLdapTest #41325
• PropertiesMigrationListener wrongly reports property as deprecated #41252
• @NestedConfigurationProperty doesn't work on records #41251
• TestcontainersLifecycleBeanPostProcessor does not work correctly with scoped beans #41238
• Error message can be misleading if spring.config.import fails to resolve #41236
• build-image failures after docker desktop update with 'Illegal char at index 5: npipe:////' #41234
• When using Jetty, filters, listeners, and servlets are not initialized with the same thread context classloader #41225
• DirtiesContext used with Webflux, a random port and multiple contexts causes multiple contexts to misbehave #41221
• NoSuchMethodException on org.apache.activemq.ActiveMQConnectionFactory.<init> when using spring-boot-starter-activemq in a native image #41214

📔 Documentation

• Fix documentation links in the README #41531
• Document the types to which each spring.mvc.format and spring.webflux.format property applies #41518
• Document that logging.file.name and logging.file.path cannot be used together #41516
• Refine CDS how-to guide #41464
• Fix typos in javadoc of BootstrapContext #41448
• CDS link in "Efficient Deployments" documentation is broken #41321
• Update Kotlin DSL examples that configure the environment of bootBuildImage to be additive #41270
• Document tracing support for RestClient #41192
• Documentation wrongly states that zipkin-sender-urlconnection is needed #41181

🔨 Dependency Upgrades

• Upgrade to AspectJ 1.9.22.1 #41474
• Upgrade to Byte Buddy 1.14.18 #41371
• Upgrade to Dependency Management Plugin 1.1.6 #41372
• Upgrade to GraphQL Java 22.1 #41219
• Upgrade to Groovy 4.0.22 #41373
• Upgrade to HttpCore5 5.2.5 #41374
• Upgrade to Jackson Bom 2.17.2 #41375
• Upgrade to Jetty 12.0.11 #41376
• Upgrade to JsonAssert 1.5.3 #41377
• Upgrade to JUnit Jupiter 5.10.3 #41378
• Upgrade to Kafka 3.7.1 #41379
• Upgrade to Lombok 1.18.34 #41380
• Upgrade to Micrometer 1.13.2 #41298
• Upgrade to Micrometer Tracing 1.3.2 #41299
• Upgrade to MSSQL JDBC 12.6.3.jre11 #41381
• Upgrade to Neo4j Java Driver 5.22.0 #41382
• Upgrade to R2DBC MariaDB 1.2.1 #41383
• Upgrade to Reactor Bom 2023.0.8 #41384
• Upgrade to Spring Data Bom 2024.0.2 #41300
• Upgrade to Spring Framework 6.1.11 #41301

... (truncated)

Commits

• 2d0861d Release v3.3.2
• 397f3f4 Merge branch '3.2.x' into 3.3.x
• f5df7e7 Fix documentation links in the README
• 6f745c7 Merge pull request #41531 from anbusampath
• 3d29359 Update README to fix links to the docs
• b7ff40e Merge pull request #41355 from opcooc
• 1a6760e Polish "Add configuration property to allow multiple issuers"
• b0b97fb Add configuration property to allow multiple issuers
• f7780b4 Polish
• 51646fb Upgrade to Spring Pulsar 1.1.2
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits
  that have bee...

v1.0.183-alpha

Commit message

Upgrade: [dependabot] - bump setuptools from 68.2.2 to 70.0.0 (#169)

Bumps setuptools from 68.2.2 to
70.0.0.

Changelog

Sourced from setuptools's changelog.

v70.0.0

Features

• Emit a warning when [tools.setuptools] is present in pyproject.toml and will be ignored. -- by :user:SnoopJ (#4150)
• Improved AttributeError error message if pkg_resources.EntryPoint.require is called without extras or distribution Gracefully "do nothing" when trying to activate a pkg_resources.Distribution with a None location, rather than raising a TypeError -- by :user:Avasam (#4262)
• Typed the dynamically defined variables from pkg_resources -- by :user:Avasam (#4267)
• Modernized and refactored VCS handling in package_index. (#4332)

Bugfixes

• In install command, use super to call the superclass methods. Avoids race conditions when monkeypatching from _distutils_system_mod occurs late. (#4136)
• Fix finder template for lenient editable installs of implicit nested namespaces constructed by using package_dir to reorganise directory structure. (#4278)
• Fix an error with UnicodeDecodeError handling in pkg_resources when trying to read files in UTF-8 with a fallback -- by :user:Avasam (#4348)

Improved Documentation

• Uses RST substitution to put badges in 1 line. (#4312)

Deprecations and Removals

• Further adoption of UTF-8 in setuptools. This change regards mostly files produced and consumed during the build process (e.g. metadata files, script wrappers, automatically updated config files, etc..) Although precautions were taken to minimize disruptions, some edge cases might be subject to backwards incompatibility.

  Support for "locale" encoding is now deprecated. (#4309)

• Remove setuptools.convert_path after long deprecation period. This function was never defined by setuptools itself, but rather a side-effect of an import for internal usage. (#4322)

• Remove fallback for customisations of distutils' build.sub_command after long deprecated period. Users are advised to import build directly from setuptools.command.build. (#4322)

• Removed typing_extensions from vendored dependencies -- by :user:Avasam (#4324)

• Remove deprecated setuptools.dep_util. The provided alternative is setuptools.modified. (#4360)

... (truncated)

Commits

• 5cbf12a Workaround for release error in v70
• 9c1bcc3 Bump version: 69.5.1 → 70.0.0
• 4dc0c31 Remove deprecated setuptools.dep_util (#4360)
• 6c1ef57 Remove xfail now that test passes. Ref #4371.
• d14fa01 Add all site-packages dirs when creating simulated environment for test_edita...
• 6b7f7a1 Prevent bin folders to be taken as extern packages when vendoring (#4370)
• 69141f6 Add doctest for vendorised bin folder
• 2a53cc1 Prevent 'bin' folders to be taken as extern packages
• 7208628 Replace call to deprecated validate_pyproject command (#4363)
• 96d681a Remove call to deprecated validate_pyproject command
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits
  that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after
  your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge
  and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating
  it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all
  of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop
  Dependabot creating any more for this major version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop
  Dependabot creating any more for this minor version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop
  Dependabot creating any more for this dependency (unless you reopen the
  PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the
  Security Alerts
  page.

Signed-off-by: dependabot[bot] [email protected]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Info

See code diff
Release workflow run

It was initialized by eps-autoapprove-dependabot[bot]

v1.0.182-alpha

Commit message

Upgrade: [dependabot] - bump pip-licenses from 4.5.0 to 4.5.1 (#168)

Bumps pip-licenses from
4.5.0 to 4.5.1.

Release notes

Sourced from pip-licenses's releases.

4.5.1

• Fixes "tomli" to be output only with --with-system option

Changelog

Sourced from pip-licenses's changelog.

4.5.1

• Fixes "tomli" to be output only with --with-system option

Commits

• c194757 Merge pull request #205 from raimon49/release-4.5.1
• e83acdb Bump version to 4.5.1
• 86fde3d Add 'tomli' in SYSTEM_PACKAGES
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits
  that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after
  your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge
  and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating
  it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all
  of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop
  Dependabot creating any more for this major version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop
  Dependabot creating any more for this minor version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop
  Dependabot creating any more for this dependency (unless you reopen the
  PR or upgrade to it yourself)

Signed-off-by: dependabot[bot] [email protected]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Info

See code diff
Release workflow run

It was initialized by eps-autoapprove-dependabot[bot]

v1.0.181-alpha

Commit message

Upgrade: [dependabot] - bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 (#167)

Bumps
org.apache.maven.plugins:maven-surefire-plugin
from 3.3.0 to 3.3.1.

Commits

• 7e45620 [maven-release-plugin] prepare release surefire-3.3.1
• 561b4ca [SUREFIRE-2250] Surefire Test Report Schema properties element is not consist...
• 6aaea8a [SUREFIRE-1360] Ability to disable properties for successfully passed tests
• c17b92b Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.23 to 1.24
• 748d9dc Fix typos
• f8092e9 Improve time units
• c670335 [SUREFIRE-1934] Ability to disable system-out/system-err for successfully pas...
• bce1b39 Improve docs of linkXRef
• 3c49ebd Bump org.htmlunit:htmlunit from 4.2.0 to 4.3.0
• 6ff0f83 [SUREFIRE-2242] Plain test report does not include names of the skipped tests
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits
  that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after
  your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge
  and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating
  it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all
  of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop
  Dependabot creating any more for this major version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop
  Dependabot creating any more for this minor version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop
  Dependabot creating any more for this dependency (unless you reopen the
  PR or upgrade to it yourself)

Signed-off-by: dependabot[bot] [email protected]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Info

See code diff
Release workflow run

It was initialized by eps-autoapprove-dependabot[bot]

v1.0.180-alpha

Commit message

Upgrade: [dependabot] - bump pip-licenses from 4.4.0 to 4.5.0 (#166)

Bumps pip-licenses from
4.4.0 to 4.5.0.

Release notes

Sourced from pip-licenses's releases.

4.5.0

• Implement new feature pyproject.toml support

Changelog

Sourced from pip-licenses's changelog.

4.5.0

• Implement new feature pyproject.toml support

Commits

• 9c2db19 Merge pull request #202 from raimon49/release-4.5.0
• 41f52cc Bump zipp from 3.11.0 to 3.19.1
• adddac8 Bump certifi from 2023.7.22 to 2024.7.4
• 0915817 Bump version to 4.5.0
• e65760f Add external packages that depend on it at runtime
• 4e56124 Fix internal page link ancor (a little fix)
• ef8805a Merge pull request #200 from mbalatsko/support-pyproject-toml-config
• ee26a1c add to table of contents
• 051f12a add description of feature to README.md
• ad42380 support configuring input parameters using pyptoject.toml
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits
  that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after
  your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge
  and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating
  it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all
  of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop
  Dependabot creating any more for this major version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop
  Dependabot creating any more for this minor version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop
  Dependabot creating any more for this dependency (unless you reopen the
  PR or upgrade to it yourself)

Signed-off-by: dependabot[bot] [email protected]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Info

See code diff
Release workflow run

It was initialized by eps-autoapprove-dependabot[bot]

v1.0.179-alpha

Commit message

Upgrade: [dependabot] - bump fasterxml.version from 2.17.1 to 2.17.2 (#165)

Bumps fasterxml.version from 2.17.1 to 2.17.2.
Updates com.fasterxml.jackson.core:jackson-core from 2.17.1 to 2.17.2

Commits

• a6f49ca [maven-release-plugin] prepare release jackson-core-2.17.2
• 3d41b1c Prepare for 2.17.2 release
• 55261be Fix #1308: allow trailing dot for "Stringified numbers" (#1309)
• 449ed86 Update javadoc to clarify buffering of JsonParser.getText(Writer) wrt #1288
• 27edeb7 Back to snapshot deps
• 948e63d [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.17.1 to
2.17.2

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-annotations from 2.17.1 to
2.17.2

Commits

• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits
  that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after
  your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge
  and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating
  it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all
  of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop
  Dependabot creating any more for this major version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop
  Dependabot creating any more for this minor version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop
  Dependabot creating any more for this dependency (unless you reopen the
  PR or upgrade to it yourself)

Signed-off-by: dependabot[bot] [email protected]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Info

See code diff
Release workflow run

It was initialized by eps-autoapprove-dependabot[bot]

v1.0.178-alpha

Commit message

Upgrade: [dependabot] - bump certifi from 2023.7.22 to 2024.7.4 (#164)

Bumps certifi from
2023.7.22 to 2024.7.4.

Commits

• bd81538 2024.07.04 (#295)
• 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
• 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
• e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
• 124f4ad 2024.06.02 (#291)
• c2196ce --- (#290)
• fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)
• 3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)
• 4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)
• 1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits
  that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after
  your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge
  and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating
  it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all
  of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop
  Dependabot creating any more for this major version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop
  Dependabot creating any more for this minor version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop
  Dependabot creating any more for this dependency (unless you reopen the
  PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the
  Security Alerts
  page.

Signed-off-by: dependabot[bot] [email protected]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Info

See code diff
Release workflow run

It was initialized by eps-autoapprove-dependabot[bot]

v1.0.177-alpha

Commit message

Upgrade: [dependabot] - bump org.springframework.boot:spring-boot-starter-parent from 3.3.0 to 3.3.1 (#163)

Bumps
org.springframework.boot:spring-boot-starter-parent
from 3.3.0 to 3.3.1.

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.3.1

🐞 Bug Fixes

• SQL Server JDBC URL is malformed after adding org.springframework.boot.jdbc.parameters label #41169
• Git instant properties cannot be coerced following git-commit-id Maven plugin upgrade #41152
• Excluding status code from DefaultErrorAttributes throws NPE #41141
• Spring Boot remote restart with devtools causes 'factory already defined' Tomcat error when running with 'java -jar' #41107
• MongoHealthIndicator not compliant with Mongo stable API with strict setting #41104
• Service connection for bitnami mongodb fails to connect #41097
• Image building requires builder to specify a stack #41091
• DataSourceProperties fail to bind if java.sql module isn't included #41084
• AOT causes Logback configuration error when using include #41081
• Image building hangs when builder and buildpack are configured #41049
• IllegalArgumentException when trying to use Tomcat's HttpNio2Protocol with Spring Boot-configured SSL #41010
• Uber jar fails to start when it contains a dependency with Multi-Release: true in its manifest and unexpected file entries in META-INF/versions #41006
• JSP-related resources may not be found in an executable war file when using Jetty #40996
• The value of the tomcat.threads.config.max metric is always -1, irrespective of the configured maximum number of threads #40957
• The auto-configured reactiveNeo4jTransactionManager may cause a failure due to multiple TransactionManager beans #40953
• Application fails to start when server.tomcat.threads.max < 10 #40945
• SBOM actuator endpoint doesn't work in a native image #40939
• Starter parent applies its configuration of the CycloneDX Maven plugin too broadly #40927
• buildInfo does not work with Gradle 8.7 or later when the configuration cache is enabled #40924
• Prometheus Exemplars are missing from _count #40904
• Extract fails due to a duplicate entry when BOOT-INF/classes contains a directory that's also present in the root of the jar #40903
• sbom is not available to the actuator endpoint when using bootRun or bootWar #40890
• A newline character is missing from the start of the default banner #40889

📔 Documentation

• Fix links to Spring AMQP's javadoc #41144
• Document more precisely how a Container's Docker image name is used to find the matching service connection #41123
• Cross-link to the CDS how-to guide #41118
• Fix typos in javadoc of MockServerRestClientCustomizer and MockServerRestTemplateCustomizer #41065
• Improve readability when listing three pillars of observability #41064
• Add CDS training run configuration documentation #41045
• Document the need to switch to io.micrometer:micrometer-registry-prometheus-simpleclient to use the Prometheus push gateway #40993
• Improve consistency of documentation guidelines for packaging and running applications #40977
• Fix typos in method names and javadoc #40976
• Replace hard-coded links to Micrometer in documentation #40967
• Add Kotlin example for @Testcontainers #40943
• Fix various minor inconsistencies of the documentation #40942
• Warn in the documentation that spring.profiles.group can only be used in non-profile-specific documents #40941
• Broken Micrometer links in documentation #40916
• Document Buildpacks CDS and Spring AOT support #40762

🔨 Dependency Upgrades

• Upgrade to Byte Buddy 1.14.17 #41066
• Upgrade to FreeMarker 2.3.33 #41067
• Upgrade to HSQLDB 2.7.3 #41068

... (truncated)

Commits

• 586499d Release v3.3.1
• 3ef5254 Merge branch '3.2.x'
• b65aae4 Next development version (v3.2.8-SNAPSHOT)
• 8e405c0 Merge branch '3.2.x'
• c2f21e9 Don't execute @​DockerComposeTests if docker is not running
• e7ffeb3 Use Tomcat's new setter for max queue size
• fb9d779 Merge pull request #41162 from mateusscheper
• 955fe18 Polish 'Improve readability of documentation'
• cf8ed63 Improve readability of documentation
• 6c34c02 Improving readability
• Additional commits viewable in compare view

[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.springframework.boot:spring-boot-...

v1.0.176-alpha

Commit message

Upgrade: [dependabot] - bump urllib3 from 2.0.7 to 2.2.2 (#162)

Bumps urllib3 from 2.0.7 to 2.2.2.

Release notes

Sourced from urllib3's releases.

2.2.2

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.
• Allowed passing negative integers as amt to read methods of http.client.HTTPResponse as an alternative to None. (#3122)
• Fixed return types representing copying actions to use typing.Self. (#3363)

Full Changelog: urllib3/urllib3@2.2.1...2.2.2

2.2.1

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. (#3331)
• Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. (#3343)
• Changed ProtocolError to InvalidChunkLength when response terminates before the chunk length is sent. (#2860)
• Changed ProtocolError to be more verbose on incomplete reads with excess content. (#3261)

2.2.0

🖥️ urllib3 now works in the browser

🎉 This release adds experimental support for using urllib3 in the browser with Pyodide! 🎉

Thanks to Joe Marshall (@​joemarshall) for contributing this feature. This change was possible thanks to work done in urllib3 v2.0 to detach our API from http.client. Please report all bugs to the urllib3 issue tracker.

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Added support for Emscripten and Pyodide, including streaming support in cross-origin isolated browser environments where threading is enabled. (#2951)
• Added support for HTTPResponse.read1() method. (#3186)
• Added rudimentary support for HTTP/2. (#3284)
• Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (#2244)
• Fixed HTTPConnection.proxy_is_verified and HTTPSConnection.proxy_is_verified to be always set to a boolean after connecting to a proxy. It could be None in some cases previously. (#3130)

... (truncated)

Changelog

Sourced from urllib3's changelog.

2.2.2 (2024-06-17)

• Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.
• Allowed passing negative integers as amt to read methods of http.client.HTTPResponse as an alternative to None. ([#3122](https://github.com/urllib3/urllib3/issues/3122) <https://github.com/urllib3/urllib3/issues/3122>__)
• Fixed return types representing copying actions to use typing.Self. ([#3363](https://github.com/urllib3/urllib3/issues/3363) <https://github.com/urllib3/urllib3/issues/3363>__)

2.2.1 (2024-02-16)

• Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. ([#3331](https://github.com/urllib3/urllib3/issues/3331) <https://github.com/urllib3/urllib3/issues/3331>__)
• Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. ([#3343](https://github.com/urllib3/urllib3/issues/3343) <https://github.com/urllib3/urllib3/issues/3343>__)
• Changed InvalidChunkLength to ProtocolError when response terminates before the chunk length is sent. ([#2860](https://github.com/urllib3/urllib3/issues/2860) <https://github.com/urllib3/urllib3/issues/2860>__)
• Changed ProtocolError to be more verbose on incomplete reads with excess content. ([#3261](https://github.com/urllib3/urllib3/issues/3261) <https://github.com/urllib3/urllib3/issues/3261>__)

2.2.0 (2024-01-30)

• Added support for Emscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html>, including streaming support in cross-origin isolated browser environments where threading is enabled. ([#2951](https://github.com/urllib3/urllib3/issues/2951) <https://github.com/urllib3/urllib3/issues/2951>)
• Added support for HTTPResponse.read1() method. ([#3186](https://github.com/urllib3/urllib3/issues/3186) <https://github.com/urllib3/urllib3/issues/3186>__)
• Added rudimentary support for HTTP/2. ([#3284](https://github.com/urllib3/urllib3/issues/3284) <https://github.com/urllib3/urllib3/issues/3284>__)
• Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. ([#2244](https://github.com/urllib3/urllib3/issues/2244) <https://github.com/urllib3/urllib3/issues/2244>__)
• Fixed HTTPConnection.proxy_is_verified and HTTPSConnection.proxy_is_verified to be always set to a boolean after connecting to a proxy. It could be None in some cases previously. ([#3130](https://github.com/urllib3/urllib3/issues/3130) <https://github.com/urllib3/urllib3/issues/3130>__)
• Fixed an issue where headers passed in a request with json= would be mutated ([#3203](https://github.com/urllib3/urllib3/issues/3203) <https://github.com/urllib3/urllib3/issues/3203>__)
• Fixed HTTPSConnection.is_verified to be set to False when connecting from a HTTPS proxy to an HTTP target. It was set to True previously. ([#3267](https://github.com/urllib3/urllib3/issues/32...

v1.0.175-alpha

Commit message

Upgrade: [dependabot] - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 (#161)

Bumps
org.apache.maven.plugins:maven-surefire-plugin
from 3.2.5 to 3.3.0.

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.3.0

Release Notes - Maven Surefire - Version 3.3.0

What's Changed

• Bump org.htmlunit:htmlunit from 3.9.0 to 3.10.0 by @​dependabot in apache/maven-surefire#717

... (truncated)

Commits

• d0b96a4 [maven-release-plugin] prepare release surefire-3.3.0
• 71796af Bump org.codehaus.plexus:plexus-component-annotations
• afb2d4e Bump org.codehaus.plexus:plexus-interpolation from 1.25 to 1.27
• e6287dd [SUREFIRE-2232] [REGRESSION] StatelessXmlReporter fails to process failed res...
• 57b7837 Bump org.htmlunit:htmlunit from 3.11.0 to 4.2.0
• fd440c4 Bump org.xmlunit:xmlunit-core from 2.9.1 to 2.10.0
• 5c34c43 Bump org.assertj:assertj-core from 3.25.3 to 3.26.0
• 680fb00 Bump org.apache.commons:commons-compress from 1.26.1 to 1.26.2
• cad0931 [SUREFIRE-2248] Make "type" attribute on failures and errors in (surefire|fai...
• a88d786 [SUREFIRE-2047] Upgrade to maven-common-artifact-filters 3.4.0
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits
  that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after
  your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge
  and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating
  it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all
  of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop
  Dependabot creating any more for this major version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop
  Dependabot creating any more for this minor version (unless you reopen
  the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop
  Dependabot creating any more for this dependency (unless you reopen the
  PR or upgrade to it yourself)

Signed-off-by: dependabot[bot] [email protected]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Info

See code diff
Release workflow run

It was initialized by eps-autoapprove-dependabot[bot]