Update `OriginTrackedPropertiesLoader` with stricter logic around the
document separator. If the preceding or following lines are comments
then the separator will be ignored.
Closes gh-22963
Update `AnnotationsPropertySource` so that nested annotations are
supported. Prior to this commit, annotations annotated with
`@PropertyMapping` that contained nested annotation attributes would
result in instances of `TypeMappedAnnotation` being used as properties.
This usually led to errors due to not being able to convert those to
Strings. This commit makes it so that nested annotations are recursively
mapped to properties. This should allow for more complex configuration
to be mapped from annotations.
See gh-23146
Exclude `@ConfigurationProperties` beans from method validation so
that `@Validated` can be used on final classes without the method
validation post-processor throwing an exception.
This commit introduces a `FilteredMethodValidationPostProcessor` class
which will use `MethodValidationExcludeFilters` to exclude beans from
method validation processing. Using `@EnableConfigurationProperties`
will automatically register an appropriate filter.
Closes gh-21454
Update `ConfigTreeConfigDataResource` so that a wildcard suffix can
be used to import multiple folders. The pattern logic from
`StandardConfigDataLocationResolver` has been extracted into a new
`LocationResourceLoader` class so that it can be reused.
Closes gh-22958
Previously, the test would make an HTTP request and, as soon as the
response was received, it would check the presence and value of the
http.server.requests meter. This create a race condition between the
meter being registered once the response had been flushed and the
meter's presence being checked. If the check won the race, the test
would fail.
This commit updates the test to wait for up to 5 seconds for the
meter to be present and have a count of 1, matching the single request
that has been made.
Fixes gh-23919
Previously, the locale context resolver used with WebFlux could only be
configured by provided a custom LocaleContextResolver bean. By
constrast, when using Spring MVC, the spring.mvc.locale and
spring.mvc.locale-resolver properties could be used to configure the
locale and the resolver (fixed or Accept header) respectively.
This commit introduces spring.web.locale and spring.web.locale-resolver
properties and deprecates their spring.mvc equivalents. The new
properties can be used to configure locale resolution with either
Spring MVC or WebFlux.
Closes gh-23449
Add a dedicate condition annotation to detect when Spring Security is
available but has not been configured by the user. The new annotation
helps simplify quite a few of our auto-configuration classes.
See gh-23421
Replace `WebSecurityConfigurer` and `WebSecurityConfigurerAdapter`
configurations with `WebSecurityCustomizer` or `SecurityFilterChain`
beans.
Closes gh-23421
Previously, @WebListeners were discovered via custom component scanning
and then registered programmatically via the ServletContext. The servlet
spec requires any ServletContextListener registered in this manner to be
prohibited from programatically configuring servlets, filters, and
listeners. This left us not strictly complying with the servlet spec
as a ServletContextListener registered via a @WebListener annotation
should be able to programatically configure other components.
This commit updates WebListenerHandler to register each @WebListener
component directly with Jetty, Tomcat, or Undertow rather than via the
ServletContext API. This ensure that any @WebListener-annoated
ServletContextListener registered via servlet component scanning is
able to programatically register servlets, filters, and listeners.
There is a small chance that this will be a breaking change for some
users:
1. The ServletListenerRegistrationBeans that were previously defined
for each @WebListener will now be
WebListenerHandler.WebListenerRegistrars
2. Each @WebListener-annotated class will now be instantiated by
Jetty, Tomcat, or Undertow. Jetty and Tomcat both require the class
to be public and have a public default constructor. Previously,
a package-private class or default constructor could be used as the
instantiation was performed by Spring Framework. Undertow is not
affected as it can instantiate a package-private type.
Fixes gh-18303
When `EnvironmentEndpoint` is building a response to return to the
web infrastructure, it creates a data structure containing all
property values from all property sources. Prior to this commit, it
was possible for the response data structure to contain property
values that were not serializable to JSON by Jackson, which would
cause an exception to be thrown by the web infrastructure. This
commit ensures the data structure is serializable to JSON by
ensuring property values are primitives or Strings, and returning
a placeholder value if a property value is of any other type.
Fixes gh-23805
Previously, the test would make an HTTP request and, as soon as the
response was received, it would check the presence and value of the
http.server.requests meter. This create a race condition between the
meter being registered once the response had been flushed and the
meter's presence being checked. If the check won the race, the test
would fail.
This commit updates the test to wait for up to 5 seconds for the
meter to be present and have a count of 1, matching the single request
that has been made.
Fixes gh-23863
Previously, the base path of a servlet-based management server could be
configured using management.server.servlet.context-path but there was no
equivalent property for WebFlux.
This commit introduces a new property, management.server.base-path,
that can be used with both servlet and reactive management servers. The
existing servlet-specific property has been deprecated in favour of the
new general property. When using the servlet stack, if both the general
property and the servlet-specific property are set, the new general
property takes precedence. When using the reactive stack, only the new
general property is considered.
Closes gh-22906
This commit fixes the auto-configuration of Spring Session to use
"server.servlet.session.timeout" as a fallback for Servlet-based web
applications only.
Closes gh-23752
Prior to this commit, the `StaticResourceLocation` for favicons would
point to `"/**/favicon.ico"`. This location does not reflect the current
web development landscape, since the png format and size variants are
not supported here. Also, the `"**"` pattern can be costly at runtime
and is deprecated by the new path pattern support in Spring Framework
(see gh-22833).
This commit changes the default locations to `"/favicon.*","/*/icon-*"`,
supporting common use cases such as `"/favicon.ico"`, `"/favicon.png"`
and `"/icons/icon-48x48.png"`.
Closes gh-23126
Update the `AbstractJarWriter` so that it can directly build the layer
index as entries are written. Prior to this commit, a layer tracking
was handled by a decorator class which was broken because it didn't
override enough methods. Since `AbstractJarWriter` has quite a complex
API, it seems sensible to have it handle the layer index directly,
removing the need for a decorator entirely.
Fixes gh-23801
Deprecate and provide alternatives for logging properties that are
specific to Logback.
The following Spring Boot properties have been changed:
* logging.pattern.rolling-file-name ->
logging.logback.rollingpolicy.file-name-pattern
* logging.file.clean-history-on-start ->
logging.logback.rollingpolicy.clean-history-on-start
* logging.file.max-size ->
logging.logback.rollingpolicy.max-file-size
* logging.file.total-size-cap ->
logging.logback.rollingpolicy.total-size-cap
* logging.file.max-history ->
logging.logback.rollingpolicy.max-history
As have the system environment properties that they map to:
* ROLLING_FILE_NAME_PATTERN ->
LOGBACK_ROLLINGPOLICY_FILE_NAME_PATTERN
* LOG_FILE_CLEAN_HISTORY_ON_START ->
LOGBACK_ROLLINGPOLICY_CLEAN_HISTORY_ON_START
* LOG_FILE_MAX_SIZE ->
LOGBACK_ROLLINGPOLICY_MAX_FILE_SIZE
* LOG_FILE_TOTAL_SIZE_CAP ->
LOGBACK_ROLLINGPOLICY_TOTAL_SIZE_CAP
* LOG_FILE_MAX_HISTORY ->
LOGBACK_ROLLINGPOLICY_MAX_HISTORY
This commit also cleans up and simplifies `DefaultLogbackConfiguration`.
Closes gh-23609
Prior to this commit, the how-to documentation would say that Spring
Boot does not support the h2c protocol. While it's not supported
out-of-the-box with a configuration property, this protocol can still be
configured using server customizers.
This commit documents, with code snippets, the server customizers one
should use to configure the h2c protocol in an application - for each
supported server.
Closes gh-21997
Prior to this commit, tests using the `@WebMvcTest` annotation would not
include the `HttpEncodingAutoConfiguration`. This means that, even if
configured, the encoding filter would not be configured in MVC tests,
resulting in an inconsistency with `@SpringBootTest` tests.
This commit ensures that the `HttpEncodingAutoConfiguration` is included
when `@WebMvcTest` is used.
Fixes gh-23749
Previously, when building a layered jar with Maven, dependencies
on modules in the same build were treated the same as any other
dependency, being included in the dependencies or snapshot dependencies
layer based on their version.
This commit updates the default layering when using Maven to include
dependencies on modules in the same build in the application layer by
default. The XML schema has also been updated to allow the layer to be
customized using new <includeModuleDependencies/> and
<excludeModuleDependencies/> elements rather than relying on including
and excluding them via a group:artifact:version pattern.
Closes gh-23463
This commit modifies the logic for finding properties files using
wildcard paths to ignore files if any part of the file path contains
a hidden directory. Hidden directories are common when Kubernetes
mounts config maps onto volumes in a pod, which was causing the same
properties files to be loaded multiple times.
Fixes gh-23160
Andy Wilkinson
Stephane Nicoll
Phillip Webb
Stefan Zwanenburg
Madhura Bhave
Andy Wilkinson
Scott Frederick
Kedar Joshi
Brian Clozel
Pushkaraj S
Gary Russell