diff --git a/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/spring.factories b/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/spring.factories
index a08bdf2915..94fac42c97 100644
--- a/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/spring.factories
+++ b/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/spring.factories
@@ -61,8 +61,8 @@ org.springframework.boot.actuate.autoconfigure.mongo.MongoHealthIndicatorAutoCon
 org.springframework.boot.actuate.autoconfigure.neo4j.Neo4jHealthIndicatorAutoConfiguration,\
 org.springframework.boot.actuate.autoconfigure.redis.RedisHealthIndicatorAutoConfiguration,\
 org.springframework.boot.actuate.autoconfigure.scheduling.ScheduledTasksEndpointAutoConfiguration,\
-org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration,\
 org.springframework.boot.actuate.autoconfigure.security.reactive.ReactiveManagementWebSecurityAutoConfiguration,\
+org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration,\
 org.springframework.boot.actuate.autoconfigure.session.SessionsEndpointAutoConfiguration,\
 org.springframework.boot.actuate.autoconfigure.solr.SolrHealthIndicatorAutoConfiguration,\
 org.springframework.boot.actuate.autoconfigure.system.DiskSpaceHealthIndicatorAutoConfiguration,\
diff --git a/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfigurationTests.java b/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfigurationTests.java
index 963ca7bec4..a790b5cbcb 100644
--- a/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfigurationTests.java
+++ b/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfigurationTests.java
@@ -119,12 +119,9 @@ public class ReactiveManagementWebSecurityAutoConfigurationTests {
 
 	@Test
 	public void backsOffWhenWebFilterChainProxyBeanPresent() {
-		this.contextRunner
-				.withConfiguration(
-						AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class))
-				.withUserConfiguration(WebFilterChainProxyConfiguration.class)
+		this.contextRunner.withUserConfiguration(WebFilterChainProxyConfiguration.class)
 				.run((context) -> {
-					assertThat(getLocationHeader(context, "/health").toString())
+					assertThat(getLocationHeader(context, "/actuator/health").toString())
 							.contains("/login");
 					assertThat(getLocationHeader(context, "/foo").toString())
 							.contains("/login");
diff --git a/spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/metrics/web/reactive/client/MetricsWebClientFilterFunctionTests.java b/spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/metrics/web/reactive/client/MetricsWebClientFilterFunctionTests.java
index 0e1eea7187..68f4caf3f0 100644
--- a/spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/metrics/web/reactive/client/MetricsWebClientFilterFunctionTests.java
+++ b/spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/metrics/web/reactive/client/MetricsWebClientFilterFunctionTests.java
@@ -23,6 +23,7 @@ import java.util.concurrent.TimeUnit;
 
 import io.micrometer.core.instrument.MeterRegistry;
 import io.micrometer.core.instrument.MockClock;
+import io.micrometer.core.instrument.Timer;
 import io.micrometer.core.instrument.simple.SimpleConfig;
 import io.micrometer.core.instrument.simple.SimpleMeterRegistry;
 import org.junit.Before;
@@ -128,14 +129,10 @@ public class MetricsWebClientFilterFunctionTests {
 		this.filterFunction.filter(request, exchange).retry(1)
 				.onErrorResume(IllegalArgumentException.class, (t) -> Mono.empty())
 				.block();
-		assertThat(this.registry
-				.get("http.client.requests").tags("method", "GET", "uri",
-						"/projects/spring-boot", "status", "CLIENT_ERROR")
-				.timer().count()).isEqualTo(2);
-		assertThat(this.registry.get("http.client.requests")
-				.tags("method", "GET", "uri", "/projects/spring-boot", "status",
-						"CLIENT_ERROR")
-				.timer().max(TimeUnit.MILLISECONDS)).isLessThan(600);
+		Timer timer = this.registry.get("http.client.requests").tags("method", "GET",
+				"uri", "/projects/spring-boot", "status", "CLIENT_ERROR").timer();
+		assertThat(timer.count()).isEqualTo(2);
+		assertThat(timer.max(TimeUnit.MILLISECONDS)).isLessThan(600);
 	}
 
 }
diff --git a/spring-boot-project/spring-boot-dependencies/pom.xml b/spring-boot-project/spring-boot-dependencies/pom.xml
index f227e4658e..f293a142a0 100644
--- a/spring-boot-project/spring-boot-dependencies/pom.xml
+++ b/spring-boot-project/spring-boot-dependencies/pom.xml
@@ -1026,16 +1026,16 @@
 				<artifactId>javax.mail-api</artifactId>
 				<version>${javax-mail.version}</version>
 			</dependency>
-			<dependency>
-				<groupId>javax.persistence</groupId>
-				<artifactId>javax.persistence-api</artifactId>
-				<version>${javax-persistence.version}</version>
-			</dependency>
 			<dependency>
 				<groupId>javax.money</groupId>
 				<artifactId>money-api</artifactId>
 				<version>${javax-money.version}</version>
 			</dependency>
+			<dependency>
+				<groupId>javax.persistence</groupId>
+				<artifactId>javax.persistence-api</artifactId>
+				<version>${javax-persistence.version}</version>
+			</dependency>
 			<dependency>
 				<groupId>javax.servlet</groupId>
 				<artifactId>javax.servlet-api</artifactId>
diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
index 1fa65dbdb0..1b3338f27f 100644
--- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
+++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
@@ -3260,9 +3260,9 @@ default. The `management.endpoints.web.exposure.include` property can be used to
 the actuators.
 
 If Spring Security is on the classpath and no other WebSecurityConfigurerAdapter is
-present, all actuators other than `/health` and `/info` are secured by Spring Boot auto-config.
-If you define a custom `WebSecurityConfigurerAdapter`, Spring Boot auto-config will back off and you will be in
-full control of actuator access rules.
+present, all actuators other than `/health` and `/info` are secured by Spring Boot
+auto-configuration. If you define a custom `WebSecurityConfigurerAdapter`, Spring Boot
+auto-configuration will back off and you will be in full control of actuator access rules.
 
 NOTE: Before setting the `management.endpoints.web.exposure.include`, ensure that the
 exposed actuators do not contain sensitive information and/or are secured by placing them
diff --git a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/context/properties/CompositePropertySources.java b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/context/properties/CompositePropertySources.java
index 88a72adbf6..af5ee9499d 100644
--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/context/properties/CompositePropertySources.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/context/properties/CompositePropertySources.java
@@ -19,6 +19,7 @@ package org.springframework.boot.context.properties;
 import java.util.Arrays;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Objects;
 
 import org.springframework.core.env.PropertySource;
 import org.springframework.core.env.PropertySources;
@@ -45,23 +46,14 @@ final class CompositePropertySources implements PropertySources {
 
 	@Override
 	public boolean contains(String name) {
-		for (PropertySources sources : this.propertySources) {
-			if (sources.contains(name)) {
-				return true;
-			}
-		}
-		return false;
+		return this.propertySources.stream()
+				.anyMatch((sources) -> sources.contains(name));
 	}
 
 	@Override
 	public PropertySource<?> get(String name) {
-		for (PropertySources sources : this.propertySources) {
-			PropertySource<?> source = sources.get(name);
-			if (source != null) {
-				return source;
-			}
-		}
-		return null;
+		return this.propertySources.stream().map((sources) -> sources.get(name))
+				.filter(Objects::nonNull).findFirst().orElse(null);
 	}
 
 }