We have hazelcast configuration files that are used with multiple
versions of Hazelcast. Version 3's scheme doesn't allow us to set
<auto-detection enabled="false" />. To work around this, we
configure a system property that causes Hazelcast to disable schema
validation.
See gh-38163
This only registers the default locations, not the one users can provide
via 'spring.sql.init.schema-locations' and
'spring.sql.init.data-locations'.
Closes gh-31533
This commit introduces auto-configuration for the new Elasticsearch
clients that are based upon their new Java client. The new Java
client builds on top of their existing low-level REST client,
replacing the high-level REST client which has been deprecated.
As part of introducing support for the new Elasticsearch client,
the auto-configuration for the templates (both imperative and
reactive) provided by Spring Data has also been updated to use the
new templates that build upon the new Java client.
As part of these changes, support for the high-level REST client and
the old Spring Data Elasticsearch templates has been removed. One
significant change is that the new reactive template is no longer
based on WebClient. As a result, the WebClient-specific configuration
property has been removed.
Closes gh-30647
Closes gh-28597
Closes gh-31755
With the 1.0 release of the SPI, R2DBC's bom is no longer published.
This commit updates Spring Boot's dependency management to no longer
use the bom. Tests have also been updated to adapt to slight changes
in R2DBC's configuration options and their default values.
Closes gh-31702
Spring Security now filters every dispatch by default and not only
once-per-request. Security configuration has been updated in a number of
places to restore the old behavior as needed for the tests to pass.
gh-31703 has been opened to review this and to investigate if we can
now remove the error page security filter and rely on the filtering of
every dispatch instead.
In addition to switching to once-per-request filtering where needed,
this commit also restructures the configuration of the error page
security filter. The restructuring was necessary to ensure that the
privilege evaluator bean has been defined before the conditions on the
error page security filter are evaluated. Without the change, the filter
was no longer being configured as the privilege evaluator hadn't been
defined before the on bean condition was evaluated. We may want to back
port this change as the ordering doesn't appear to have been defined
before and we were just getting lucky.
See gh-31622
See spring-projects/spring-security#11466
This commit makes the following potentially breaking changes:
- Dependency management for modules that do not exist in Hibernate
6.1 has been removed.
- Hibernate's modules are now in the org.hibernate.orm group. Users
not using the starter or using modules that are not in the starter
will have to update their build configuration accordingly.
- spring.jpa.hibernate.use-new-id-generator-mappings has been removed
as Hibernate no longer supports switching back to the old ID
generator mappings.
Co-authored-by: Andy Wilkinson <wilkinsona@vmware.com>
Closes gh-31674
This reverts commit 47993c094b.
Couchbase and Spring Data Couchbase are not compatibile with the
latest Reactor snapshots as they use deprecated API that has now
been removed.
See gh-31609
Update `CassandraAutoConfiguration` so that properties in a
`spring.data.cassandra.config` file can override the default values
defined in `CassandraProperties`.
This commit changes two things:
1. Any primitive on `CassandraProperties` are replaced with object values.
This allows distinguishing between defaults values and no-values. Then
CassandraAutoConfiguration.mapConfig() can use whenNonNull() predicate
to ignore those.
2. `CassandraProperties` no longer populate default values on any
property. With that, the defaults can be applied on top of the file
spring.data.cassandra.config; i.e. the config file have higher
precedence than the defaults, but lower that any spring.data.cassandra.*
property.
See gh-31238
There's no setter for the max header size in Tomcat 10 as it's now
inherited from the underlying HTTP 1.1 protocol. The test that
was merged forwards from 2.7.x is retained to verify that this is
the case.
See gh-31330
This commit adapts how the BasePackages bean is registered so that
AOT processing works with it out-of-the-box. Previously we were using
an instance supplier with the accumulated base packages. This commit
changes that to set a constructor argument values.
Closes gh-31223
This commit removes auto-configuration and dependency management
for Flapdoodle embedded MongoDB in favor of the Spring Boot support
provided by Flapdoodle.
Closes gh-30863
As seen in spring-projects/spring-graphql#375, Spring Boot should also
use "application/json" as the default MIME type but remain compatible
with "application/graphql+json" still if clients POST content with this
type or explicitly accept it.
Closes gh-30860
spring.security.saml2.relyingparty.registration.*.asserting-party.* is
now named spring.security.saml2.relyingparty.registration.*.assertingparty.*
Closes gh-30785
Rename spring.security.saml2.relyingparty.registration.*.identity-provider.*
to spring.security.saml2.relyingparty.registration.*.asserting-party.*
The old property names are still supported, but will lead to a warning
in the logs.
Closes gh-30642
This commit contributes a `RSocketGraphQlClient.Builder` component to
the context, pre-configured with the `RSocketStrategies`, a customized
`RSocketConnector` and the expected data MIME type.
See gh-30453
This commit adds the ability to configure SSL in embedded web containers
using PEM-encoded certificate and private key files, as an alternative
to configuring SSL with Java KeyStore files.
Closes gh-29273
Prior to this commit, Spring Boot would only auto-configure the
`RestHighLevelClient` and `RestClientBuilder` if the
`RestHighLevelClient` was present. This was done in 1d73d4ed.
This commit brings back the exposing of the `RestClient` bean in when
exposing the `RestHighLevelClient` or when the `RestHighLevelClient`
is not present. It allows for using the auto-configuration and its
customizers of the `RestClientBuilder` in a similar way as it is done
for the `RestTemplateBuilder` and the `WebClient.Builder`.
The presence of the `elasticsearch-rest-high-level-client` module is
now optional. This opens the door for potentially adding support for
the new Elasticsearch Java Client[1] that is based on the same
`RestClient`.
The health contributor and its configuration has also been updated to
only depend on the low-level RestClient.
See gh-28496
[1] https://github.com/elastic/elasticsearch-java
As a result of changes for
https://github.com/spring-projects/spring-graphql/issues/342,
GraphQlWebSocketHandler now exposes a method to create the
WebSocketHttpRequestHandler, pre-configured with a context propagating
HandshakeInterceptor. This commit updates the autoconfig to use it.
Closes gh-30641
All `FailureAnalyzer` implementations should use constructor
injection for `BeanFactory` and `Environment` instead of implementing
`BeanFactoryAware` or `EnvironmentAware` interfaces.
Fixes gh-30585
As seen in spring-projects/spring-graphql#108, the GraphQL HTTP spec now
requires the "application/graphql+json" media type and accepts
"application/json" for backwards compatibility.
This commit updates the `RouterFunction` definition for the GraphQL HTTP
endpoints so that both types are accepted.
Closes gh-30407
This commit adapts to the latest Spring GraphQL changes, renaming
`GraphQlService` to `ExecutionGraphQlService` as well as the
`WebInterceptor` contract to `WebGraphQlHandlerInterceptor`.
See spring-projects/spring-graphql#332
Ensure that the `spring.jmx.unique-names` property is applied to the
auto-configured `MBeanExporter` as well as the `ObjectNamingStrategy`.
Fixes gh-29968
As part of the upgrade, the property for configuring features has
been removed as support for feature-aware versions has been removed
from Embedded Mongo. For advanced configuration where features were
specified, users should provide a MongodConfig bean instead.
Closes gh-29985
Closes gh-30219
Prior to this commit, launching a GraphQL application without any schema
file or customizer bean would result in an exception caught by a
FailureAnalyzer telling the developer about configured locations.
Since then, a new client has been introduced in Spring GraphQL and the
mere presence of the GraphQL starter does not mean anymore that the
intent is to create a GraphQL API in the app: we could instead just
consume an existing, remote API.
This commit refines the GraphQL server auto-configuration so that it is
enabled only if:
* there is at least one schema file in the configured locations
* or a `GraphQlSourceCustomizer` bean has been defined in the app
These changes make the custom FailureAnalyzer useless and is also
removed as part of this commit.
Closes gh-30035
Prior to this commit, we would configure a default conversion service
for GraphQL annotated controllers, without registering any additional
formatters.
This commit aligns the GraphQL auto-configuration with MVC and WebFlux,
since we now use the `ApplicationConversionService` to register all
application formatters for the GraphQL infrastructure.
Closes gh-29638
After 0b449d89e1,
the ConversionService on AnnotatedControllerConfigurer is an internally
managed instance that is customized with FormatterRegistrar rather than
set.
Closes gh-29636
This commit switches to 1.0.0-SNAPSHOT for Spring GraphQL, before its
upcoming 1.0.0-M6 version.
This commit adapts to the changes introduced in
spring-projects/spring-graphql#317 : now that `GraphQlClient` has been
introduced, `GraphQlTester` has been aligned with the new
infrastructure. The `@GraphQlTest` and `@SpringBootTest` testing support
is now using different variants for each.
All samples have been updated to use the proper GraphQL terminology, see
and spring-projects/spring-graphql#310 .
See gh-29637
- Adds a new @DisableOnOs annotation, which is inspired from JUnit5s
@DisableOnOs annotation. This new annotation supports the architecture
and is repeatable
Closes gh-30082
As @AutoConfiguration is now meta-annotated with @AutoConfigureAfter
and @AutoConfigureBefore, the generated property files have a lot of
superfluous lines in the format <class>.AutoConfigureAfter= and
<class>.AutoConfigureBefore=.
One can now configure in the annotation processor for each property key
if empty values should be omitted. This is currently only activated for
AutoConfigureAfter and AutoConfigureBefore
See gh-29907
The relative ordering is implemented with @AliasFor annotations on the
@AutoConfiguration annotation. The production code already works without
changes, only the test code had to be modified. It now uses
AnnotationMetadata which already knows how to deal with @AliasFor
instead of using the reflection API directly.
See gh-29907
This commit adds support for instantiating FailureAnalyzer
implementations with BeanFactory and/or an Environment constructor
arguments and deprecates support for setter injection of these values
using BeanFactoryAware and EnvironmentAware.
Closes gh-29811
The import selector will now, in addition to spring.factories, look for
ManagementContextConfiguration classes in a file called
META-INF/spring/org.springframework.boot.actuate.autoconfigure.web.ManagementContextConfiguration.imports
The existing ManagementContextConfigurations have been moved from
spring.factories to the new file.
Closes gh-29730
Implements a new AutoConfigurationLoader, which loads
auto-configurations from a file in META-INF/spring-boot.
Adapts the AutoConfigurationImportSelector to use the new loader.
Adapts the ImportAutoConfigurationImportSelector to use the new loader.
Adapts the metadata plugin in the build to additionally load the
auto-configurations from the new file.
Updates the documentation for auto-configurations and test slices.
Closes gh-29872
This commit makes @ConstructorBinding optional for a type
that has a single parameterized constructor. An @Autowired annotation
on any of the constructors indicates that the type should not be constructor
bound.
Since @ConstructorBinding is now deduced for a single parameterized constructor,
the annotation is no longer needed at the type level.
Closes gh-23216
This annotation can be used to mark auto-configurations with a dedicated
annotation. Under the hood, it's a standard @Configuration with
proxyBeanMethods set to false.
Closes gh-29870
Previously, when Tomcat was configured to use relative redirects
and the ForwardedHeaderFilter is in use, the filter would ignore
the use of the relative redirects.
This commit corrects this misalignment by applying Tomcat's use
relative redirects setting to the filter, but only when Tomcat is
being used as the servlet container.
See gh-29333
H2 2.x contains several important changes such as moving the primary key
generation mechanism to a sequence-based identifier. This commit fixes
a number of tests that were failing.
Closes gh-29651
Co-authored-by: Andy Wilkinson <wilkinsona@vmware.com>
This commit adapts to some changes in Spring Batch 5.0:
- A DataSource bean is now required by Batch
- A PlatformTransactionManager bean is no longer defined by Batch
See gh-29278
We've seen some problems, particularly on CI, where Embedded Mongo
hangs while trying to start the Mongo process. To limit the problem,
this commit replaces the use of Embedded Mongo with Testcontainers
where we can, leaving Embedded Mongo in use only where we're
specifically testing our Embedded Mongo support.
Closes gh-28843
Prior to this commit, the GraphQL schema assembled by the
auto-configuration would provide no option for disabling the field
introspection.
While this feature is essential for many tools (including GraphiQL),
some prefer disabling it because this allows clients to gather
information about types and schema easily. This commit introduces a new
`spring.graphql.schema.introspection.enabled` configuration property.
Because potential attackers can still gather this information and this
feature is a core concern in the GraphQL spec, introspection is enabled
by default for Spring Boot applications.
Closes gh-29248
This commit configures security features for Spring GraphQL.
In the case of both MVC and WebFlux, this contributes
`DataFetcherExceptionResolver` instances to resolve security exceptions
and expose them as proper errors in the GraphQL response.
For MVC only, this also configures a
`SecurityContextThreadLocalAccessor`. This component ensures that the
security context is propagated between `ThreadLocal` and the Reactor
asynchronous execution.
See gh-29140
This commit auto-configures a GraphQL WebSocket endpoint for both Spring
MVC and Spring WebFlux. This is only enabled if the required libraries
are on the classpath and if the `"spring.graphql.websocket.path"`
property is defined.
See gh-29140
Spring GraphQL ships with a static version of the graphiql IDE for
exploring and querying GraphQL endpoints.
See https://github.com/graphql/graphiql for more information.
This commit auto-configures the GraphiQL handler for both MVC and
WebFlux and points GraphiQL to the GraphQL HTTP endpoint exposed by the
application. This feature is disabled by default and can be switched on
with "spring.graphql.graphiql.enabled=true".
See gh-29140
This commit configuresa new endpoint for printing in text format the
resolved GraphQL schema.
This endpoint is exposed by default under "/graphql/schema" and must be
enabled with "spring.graphql.schema.printer=true".
See gh-29140
This commit adds two new auto-configuration classes for Spring GraphQL
support. Once the base GraphQL infrastructure is in place, we can now
expose the `GraphQlService` over an HTTP transport.
Spring GraphQL supports both MVC and WebFlux, so this commit ships with
one auto-configuration for each.
Developers can configure the HTTP path where the GraphQL resource is
exposed using the `spring.graphql.path` configuration property (this
defaults to `"/graphql"`).
See gh-29140
This commit adds a new `FailureAnalyzer` for exceptions thrown when no
GraphQL schema file could be found.
This lists configured locations (with `"classpath:..."` notation) and
also resolved locations - this helps developers figure out how the
pattern are resolved and why schema files cannot be found.
See gh-29140
This commit adds the auto-configuration for setting up the base Spring
GraphQL infrastructure. Because GraphQL doesn't depend on any particular
transport, we must have a separate configuration for creating:
* the `GraphQlSource`, which holds the schema and the `GraphQL` instance
* the `GraphQlService` for executing incoming requests
* the `BatchLoaderRegistry` for batch loading support
* the `AnnotatedControllerConfigurer` for supporting the annotated
controllers programming model
This comes with a starting point for the `"spring.graphql.*"`
configuration properties; we can now configure the locations and file
extensions of GraphQL schema files we should load and configure at
startup.
See gh-29140