Update spring-boot-dependency-tools to support transitive excludes.
Transitive excludes are useful with Gradle which considers each
dependency independently (see GRADLE-3061).
Transitive excludes are supported by parsing the dependency-tree file
from spring-boot-versions.
See gh-1047
Update spring-boot-versions to generate a dependency-tree file and
attach it as an artifact. The file is generated by creating a temporary
POM and calling the invoker plugin.
The spring-boot-versions POM now depends on all spring-boot-starter-*
POMs to ensure that they have been installed before the dependency
tree is processes.
See gh-1047
Refactor dependency-tools to restore API compatibility with Spring
Boot 1.0. This should reduce reflection hacks that tools such as Gretty
would otherwise have to make.
See gh-1035
Update Spring Mobile support with the following changes:
- Apply source formatting
- User lowercase property prefixes
- Use dashed notation when accessing properties
- Inline some constants
See gh-1049
@PropertySources *can* and should be added in the slot
after the application.properties (code that is part of the
application should have lower precedence than external
configuration).
Fixes gh-1044
Extract common "depends on" functionality to a new
EntityManagerFactoryDependsOnPostProcessor class.
Apply consistent formatting.
Fix issue with Flyway location detection.
It was doing scary things (like starting elasticsearch, hornetq etc).
There's still an outstanding question about why the context was
not being properly closed in such a scenario (maybe one of those
embedded servers lurking on a background thread?).
See gh-1034
They all want to create an MBeanServer and when that happens
user sees no MBeans, or sometimes just one set (Spring Core,
Spring Integration or Spring Boot). To harmonise them we
create a @Bean of type MBeanServer and link to it in the
other autoconfigs
Fixes gh-1046
We now register the Jackson JodaTime module with Jackson ObjectMappers
if it is on the classpath. We also register the JSR-310 module if it's
on the classpath and the application is running Java 8 or better.
Extracted the Jackson specific configuration previously residing in
HttpMessageConvertersAutoConfiguration into a JacksonAutoConfiguration
class.
Added the Jackson JSR-310 module as a managed Boot dependency.
Added a new @ConditionalOnJava annotation that allows to conditionally
enable configuration based on the Java version that is running.
The annotation currently supports two modes of restricting Java versions:
the default mode checks for a Java version equal or better than the
requested one. Beyond that it can be configured to only match if Java
version is older than the configured one.
We've had problems with the starters when used with Gradle. They have
been pulling in commons-logging (#987) and the wrong version of Spring
(#1028) due to Gradle's different exclusion and dependency resolution
semantics.
This commit adds some integration tests that use Gradle's tooling API
to take each starter in turn and build a Gradle project that depends
upon it. The build looks at the transitive dependencies and checks
that neither commons-logging nor any Spring modules with the wrong
version are present.
Closes#1036
We also convert the SpringBootPlugin to be .groovy to ease defaulting
the encoding to UTF-8. We do not make the file any "more groovy" to leave
this to a distinct commit.
There were some residual issues to do with the changes to the implementation
of security.basic.enabled=false. It was a good idea to have a filetr chain
triggered by the flag being off because it smooths the way for user-defined
filter chains to use the Boot AuthenticationManager (as a first step at least),
but it wasn't a goog idea to add any actual secuity features to that filter.
E.g. if it has HSTS then even an app like Sagan that has some secure endpoints
that it manages itself and the rest is unsecured has issues because it can't
accept connections over HTTP even on unsecure endpoints.
TODO: find a way for security.ssl_enabled=true to apply to only the user-
defined security filter (maybe not possible or worth the effort, since they
can inject a SecurityProperties if they need it?).
See gh-928
This commit changes the default behavior of the HornetQ auto
configuration. Prior to this commit, an embedded broker was only
started when it was requested explicitly by a configuration option.
This is inconsistent with the ActiveMQ support and boot favors the
easiest route. If the necessary classes are available, HornetQ is
embedded in the application by default.
Fixes gh-1029
HypermediaAutoConfiguration didn't consider an @EnableHypermediaSupport
annotation being present in the user configuration which could've caused
it to be evaluated twice.
This is especially the case if both the auto-configuration for Spring
HATEOAS and Spring Data REST kick in as Spring Data REST actively declares
@EnableHypermediaSupport. The double evaluation then causes injection
ambiguities as we now get multiple beans of e.g. LinkDiscoverers deployed.
Due to the lack of dependency management in Gradle a number of the
starters were pulling in old versions of spring-tx (and in some cases
spring-context-support as well) as the only dependency was a
transitive one that pulled in an older version.
This commit adds explicit dependencies on spring-context-support and
spring-tx where appropriate. These dependencies will specify Boot's
preferred version of Spring causing Gradle to do the right thing as it
prefers the latest version of a dependency when there is more than one
to choose from.
Fixes#1028
The list continuation character '+' can be used to prevent a blank
line from ending a list, thereby allowing code blocks to be included
in a list. See "Complex content in outline lists" [1] for more
details.
[1] http://asciidoctor.org/docs/asciidoc-syntax-quick-reference/#listsFixes#1025
Gradle hasn’t different exclusion semantics to Maven. In Maven you can
exclude spring-core’s commons-logging dependency once and it’ll be
honoured even if you have multiple transitive routes to commons-logging
via spring-core. In Gradle you have to exclude commons-logging from
everything that has a transitive spring-core dependency. To make matters
worse this doesn’t only apply to dependencies and exclusions declared in
build.gradle but also to dependencies and exclusions declared in the pom
files of the artifacts that a Gradle build depends upon.
In short, to make our starters work as intended with Gradle, this commit
adds many, many exclusions for commons-logging. It also removes
commons-logging exclusions from spring-boot-dependencies’
<dependencyManagement> as they have no effect with Gradle and their
presence can cause us to miss required exclusions in a starter
Fixes#987