Previously, JettyEmbeddedErrorHandler would change the method of every
request that is handles to GET. This was being done to work around
Jetty's error handling only dealing with GET, POST, and HEAD requests
by default. It had the unwanted side-effect of causing an error
response to a HEAD request having a body as, from the error handling's
perspective, it was a GET request.
This commit updates JettyEmbeddedErrorHandler to only set the method
on a request for which error handling is being performed if the method
isn't already one that will be handled, leaving the method of GET,
POST, and HEAD requests unchanged.
Unfortunately, short of implementing an HTTP client, this change cannot
be tested as the Apache HttpClient, OkHttp, and the JDK's
HttpURLConnection all silently drop the body of a response to a HEAD
request, preventing a test from asserting that a body hasn't been sent.
Closes gh-23551
Previously, we configured embedded Tomcat in such a way that no TLD
scan patterns were configured. This differed from a standalone
Tomcat installation where 4 patterns are configured that take
precedence over some of the skip patterns. The missing scan patterns
resulted in the skip patterns preventing the discovery of Log4j2's
TLDs.
This commit updates TomcatServletWebServerFactory to configure the
same four scan patterns as standalone Tomcat configures by default.
Fixes gh-23302
Previously, the web environment configured on `@SpringBootTest` was not
part of the context cache key. As a result, two test classes that has
identical configuration other than one using a MOCK web environment and
the other using a DEFINED_PORT web environment would share a context
when they should not do so. Classes that use MOCK and RANDOM_PORT were
not affected as the use of RANDOM_PORT results in a property for the
port being added to the environment.
This commit adds a new ContextCustomizer, SpringBootTestWebEnvironment,
that is used to capture the `webEnvironment` from `@SpringBootTest`
and use it in its hashCode and equals implementations. This fixes the
problem as all context customizers are evaluated when determing the
equality of two context cache keys.
Fixes gh-23085
This commit rework the tip on locating templates when running the app
in the IDE. Using classpath* should not change anything as this won't
make a difference without a pattern in the path.
Closes gh-23068
Previously LOG_LEVEL_PATTERN and LOG_DATEFORMAT_PATTERN were not
consumed as system properties in log4j2.xml and log4j2-file.xml. As a
result, the logging.pattern.level and logging.pattern.dateformat
configuration properties, which are translated into the
LOG_LEVEL_PATTERN and LOG_DATEFORMAT_PATTERN system properties
respectively had no effect.
This commit updates the log4j2.xml and log4j2-file.xml config files to
consume LOG_LEVEL_PATTERN and LOG_DATEFORMAT_PATTERN as system
properties. When the system property is not set, the configuation falls
back to the default values specified in the config files. Tests for
both log4j2.xml and log4j2-file.xml to verify the behaviour have also
bean added.
Fixes gh-22983
Previously, spring.flyway.init-sqls was only applied to Flyway's
configuration if Flyway was being configured to create the DataSource.
If Flyway was being configured to use an existing DataSource, init-sqls
was not applied. This is a hangover from when the init SQLs support was
introduced. At that time, Flyway only supported SQL to initialize the
connection when it was creating the DataSource. Flyway 5.2 added init
SQL support no matter how Flyway's DataSource was configured.
This commit updates FlywayAutoConfiguration to always apply the
init-sqls property to Flyway's configuration. The property's
documentation does not describe the current limitation so this change
should align the behaviour with what the documentation leads people to
expect.
Fixes gh-23392
Update `JarFileEntries` so that the interface is obtained rather than
the concrete implementation. This allows `JarEntry` values to be used
without causing a ClassCastException.
Closes gh-19041
Update the performance improvements to push certificate loading
and storage into the `JarFileEntries` class. This allows us to
keep certificates without needing to cache all entry data. We
now also keep certificates and code signers in a dedicated class
which is set whenever the full jar stream as been read, even if
the contained values are `null`. The logic that assumes META-INF
entries are not signed has been removed in favor of delegating to
the streamed entry results.
See gh-19041
Update Spring Boot nested JarFile support to improve the performance of
signed jars. Prior to this commit, `certificates` and `codeSigners`
were read by streaming the entire jar whenever the existing values
were `null`. Unfortunately, the contract for `getCertificates` and
get `getCodeSigners` states that `null` is a valid return value. This
meant that full jar streaming would occur whenever either method was
called on an entry that had no result. The problem was further
exacerbated by the fact that entries might not be cached.
See gh-19041
Update `ValidationBindHandler` so that pushed fields that reference
map keys can be used. This fixes a regression that was introduced in
commit 4483f417 when we switched to a `AbstractBindingResult` that no
longer required public getters/setters.
Closes gh-20350
Remove casting "timestamp" to `java.util.Date` in
`ErrorMvcAutoConfiguration` as the cast is not necessary and it
prevents other types (e.g. `java.time`) from being used.
See gh-23256
Prior to this commit, Actuator would sanitize properties values when
serializing them on the dedicated endpoint. Keys like "password" or
"secret" are entirely sanitized, but other keys like "uri" or "address"
are considered as URI types and only the password part of the user info
is sanitized.
This commit fixes the sanitization process where lists of such URI types
would not match the first entries of the list since they're starting
with `'['`. This commit improves the regexp matching process to sanitize
all URIs within a collection.
The documentation is also updated to better underline the processing
difference between complete sanitization and selective sanitization for
URIs.
Fixes gh-23037
Extend `initializeSystem` to search the exception stack for a
FileNotFoundException before reporting the error. This allows
us to provide a similar stack trace to the one that used to be
thrown when we had the `ResourceUtils.getURL` check.
See gh-22946
Remove `ResourceUtils.getURL` checking from `LoggingApplicationListener`
so that logging systems can implement custom location support.
Prior to this commit, we checked in the listener if the specified config
location could be opened as a URL. This unfortunately prevents Log4J
extensions such as `log4j-spring-cloud-config-client` from implementing
configurable SSL and credentials support.
See gh-22946
Create a new `JarFileWrapper` class so that we can wrap and existing
`JarFile` and offer a version that can be safely closed.
Prior to this commit, we provided wrapper functionality in the `JarFile`
class itself. Unfortunately, because we override `close` and also create
a lot of wrappers this caused memory issues when running on Java 11.
With Java 11 `java.util.zip.ZipFile` class uses `FinalizableResource`
for any implementation that overrides `close()`. This means that any
wrapper classes will not be garbage collected until the JVM finalizer
thread runs.
Closes gh-22991
Update metrics auto-configurations so that they are auto-configured
after `CompositeMeterRegistryAutoConfiguration` in order to ensure
the `MeterRegistry` bean has been defined.
Prior to this commit, metrics auto-configurations that depended on a
`MeterRegistry` has `@AutoConfigureAfter(MetricsAutoConfiguration.class)`
which is not sufficient since `MetricsAutoConfiguration` does not export
a `MeterRegistry`.
See gh-21134
Prior to this commit, DebugAgentEnvironmentPostProcessor throws a
RuntimeException with a generic error message if its initialization
fails. The causing exception is discarded, which makes error analysis
unnecessarily difficult.
This commit attaches the cause to the newly thrown RuntimeException.
See gh-22777
Previously, the endpoints' responses could occasionally exceed
WebClient's in-memory buffer limt, for example if the threads endpoint
was reporting a large number of threads or the threads had large
stacks.
This commit disables WebClient's in-memory buffer size limit so that
the tests passing is not dependent on the size of the endpoints'
responses.
Closes gh-22743
Previously, waitsForQuietPeriod would iterate 10 times, touching a new
file and then sleeping for 100ms at it did so. With a quiet period of
200ms, this was intended to result in a single change set containing
10 files. However, the test would fail occasionally as multiple change
sets were detected. The test is multi-threaded and is, therefore, at
the mercy of the scheduler. If the thread that is iterating and
touching the files takes over 200ms to be scheduled – exceeding the
watcher's quiet period – the watcher may detect a change set while the
changes are still being made. Eliminating this possibilty would require
the test to participate in the watcher's synchronization, which would
require some changes to its implementation. Instead, this commit
aims to avoid the problem by sleeping for 1/10 of the time (10ms) and
expecting a single change set of 100 files. The hope is that the much
shorter sleep time will result in the file touching thread being
scheduled well within the 200ms quiet period.
Closes gh-22732
This commit harmonizes dependency declarations for Jackson in the
actuator. Both Jackson and JSR 310 are back to optional in the core
actuator module and mandatory when using the auto-configuration.
Closes gh-22624
Prior to this change, TaskExecutorBuilder used seconds as its precision
to map the awaitTerminationPeriod value. This caused a loss of
millisecond information in the period.
This commit fixes the loss by converting the period to millisecond and
using setAwaitTerminationMillis to configure the executor.
See gh-22604
Previously, ignoring invalid fields would cause the failure for an
unknown field to be ignored, irrespective of the ignoreUnknownFields
attribute on `@ConfigurationProperties`.
This commit updates the NoUnboundElementsBindHandler to ensure that
any UnboundConfigurationPropertiesException is thrown rather than
being ignored when the handler has been wrapped by an
IgnoreErrorsBindHandler.
Fixes gh-22308
The fix for gh-20916 updated DefinitionsParser so that the
ResolvableType for each MockBean or SpyBean field included the
implementation class from which the field was found. Where the field
was declared with a variable generic signature that was made constant
by its implementation class, this allowed the correct concrete type to
be determined. It also had the unintended side-effect of preventing two
test classes with identical `@MockBean` and `@SpyBean` configuration
from sharing a context as the resolvable types for their mock and spy
bean fields would now be different.
This commit updates DefinitionsParser to only include the
implementation class in the ResolvableType if the field's generic type
is variable. For cases where it is not variable, this restores the
behaviour prior to the fix for gh-20916.
Fixes gh-22566
Previously, background pre-init was started in response to the
application starting event. This meant that it would be running while
the logging turbo filter was in place and was rejecting all logging.
As a result, any logging performed during pre-init would be lost.
This commit changes background pre-init so that it is now started
in response to the application environment prepared event. By this
point, the logging turbo filter has been removed as the logging levels
have been configured from the environment.
Closes gh-21897
Previously, only UndertowOptions was used as the source of options for
both server and socket options, but it only contains server options.
As a result, attempting to configure any socket options defined by
XNIO's Options class would fail.
This commit updates the property-based configuration of options to use
UndertowOptions as the source for server options and XNIO's Options as
the source for socket options.
Fixes gh-22502
The generated snippets were not declared as an output to the
`spring-boot-actuator-autoconfigure` test goal so when the test was
pulled from the cache, it did not contain the `generated-snippets`
directory. This directory is required as an input to the Asciidoctor
plugin.
See gh-22555
This adds build caching and build scans.
The changes required disabling scans when using the maven invoker
plugin in order to not cause duplicate build scans when invoking other
maven builds. There is also an empty `.mvn` folder in the
spring-boot-starters project to prevent duplicate build scans as well
since there is no way to pass properties to the maven-javadoc-plugin.
The checkstyle plugin was causing a cache miss with the
`propertyExpansion` because it contains an absolute path. The absolute
path is now ignored and instead the files are added as inputs to the
checkstyle plugin. This only enables the local build cache. The remote
cache is not yet enabled.
On my local machine:
./mvnw clean install build times go from about 30 minutes to about 10 minutes.
./mvnw clean install -Pfull build times go from about 60 minutes to about 13 minutes.
See gh-22089
Shraddha Yeole
Madhura Bhave
ketaki-t
Andy Wilkinson
Stephane Nicoll
Rujun Chen
Pavel Gordon
dreis2211
Phillip Webb
Sebastiaan Fernandez
mathieufortin01
lock14
David Good
Ralph Goers
spencergibb
Ivo Smid
Martin Benda
Maciej Walkowiak
smlc
Johnny Lim
John Franco
Gabriele Bianchet-David
davidbilge
biergit
Tadaya Tsuyukubo
Nelson Osacky