When a Configuration is copied, any before and after resolve actions
that are registered with its ResolvableDependencies are also copied
over. This means that, when a copied configuration is resolved the
resolution actions may be called on a ResolvableDependencies instances
that isn't the one to which they were added.
Previously, the above-described Gradle behaviour would result in
BootJar accessed the ResolvedConfiguration of a Configuration that may
not have yet been resolved. At best this would trigger Configuration
resolution and at worst it would fail. A failure could occur if the
configuration had been copied so that it could be made resolvable.
The afterResolve action would then try to access the
ResolvedConfiguration of the original Configuration. This would trigger
a resolution attempt that fails due to the original configuration being
marked as unresolvable.
This commit updates the afterResolve action in BootJar to check that
the ResolvableDependencies with which it is called matches the
ResolvableDependencies with which it was original registered. Only
when the two match, and therefore the configuration has actually been
resolved, does processing proceed.
Fixes gh-24072
A previous change intended to prevent temporary directories created as
an implementation detail of mounting volumes on kubernetes pods from
being used as a source for property files had a side-effect of also
preventing other types of hidden directories from being recognized. This
commit narrows the criteria for considering a directory as hidden,
using the kubernetes `..` prefix convention instead of the Unix `.`
prefix.
Fixes gh-23983
Previously, when an embedded test database was being auto-configured
any schema username and password specified by the user would result
in a separate embedded test database being created to load the schema.
This then left the actual test database without the schema causing
test failures.
This commit updates the test database auto-configuration to set the
schema username to an empty string in a property source that's added
first to the environment's property sources. This causes any schema
username configured by the user to be ignored, preventing the creation
of a separate database for schema.sql processing.
Fixes gh-19321
Previously, Quartz could be configured with a specific DataSource
using `@QuartzDataSource` but it was not possible to configure a
Quartz-specific transaction manager. This could result in the
different DataSources being used by Quartz itself and Quart'z
DataSourceTransactionManager.
This commit introduces a new qualifier, `@QuartzTransactionManager`,
that can be used to avoid the above-described problem. Any
`@QuartzTransactionManager`-annotated bean will be used by the
Quartz auto-configure configuration instead of the application's main
`TransactionManager`. If no such qualified bean is present, the
application's main TransactionManager, if any, will be used as before.
Fixes gh-20184
The `FreeMarkerViewResolver` (and other template-based resolvers) in
Spring Framework avoid using reflection if they know how to
instantiate the view class. This change aligns with them.
See gh-24011
When running on Java 11 (where `@PostConstruct` is no longer part of
the JRE) and without a dependency on jakarta-annotation-api,
`@PostContruct` annotions are silently dropped. This leads to obscure and
hard-to-track down changes in the behaviour of our auto-configuration
as the `@PostConstruct`-annotated methods are not invoked.
To allow users to run on Java 11 without having jakarta-annotation-api
on the classpath, this commit removes use of `@PostConstruct` from main
code. A Checkstyle rule has also been added to prevent its usage in
main code from being reintroduced.
Closes gh-23723
A test case would fail to accurately capture the contents
of the layers.idx file unless the test project contained
at least one non-project snapshot dependency, which was only
true when the Spring Boot version was a snapshot.
See gh-23463
Update `MetadataCollector` merge logic so that previous items are no
longer added if the current round contains a property of the same name.
Fixes gh-23916
Ensure that metadata sourced from inner-types is not deleted when
performing an incremental compile. Prior to this commit, the source
type was searched using the `Outer$Inner` format. This is not supported
`Elements.getTypeElement` so we now convert the names to `Outer.Inner`.
Closes gh-10886
Docker daemon authorization plugins reject POST or PUT requests that have a
content type `application/json` header but no content length header. This
commit ensures that a content length header is provided in these cases.
This is a cherry-pick of the changes in d5b2836ec9
which were lost in a forward-merge.
Fixes gh-23957
Docker daemon authorization plugins reject POST or PUT requests that have a
content type `application/json` header but no content length header. This
commit ensures that a content length header is provided in these cases.
Fixes gh-22840
This commit removes `<version>` from the Maven Plugin documentation
where it makes sense so that versions aren't hardcoded unnecessarily.
Rather, a plugin or dependency management should be in place so those
are not needed.
Closes gh-23909
Update `OriginTrackedPropertiesLoader` with stricter logic around the
document separator. If the preceding or following lines are comments
then the separator will be ignored.
Closes gh-22963
Update `AnnotationsPropertySource` so that nested annotations are
supported. Prior to this commit, annotations annotated with
`@PropertyMapping` that contained nested annotation attributes would
result in instances of `TypeMappedAnnotation` being used as properties.
This usually led to errors due to not being able to convert those to
Strings. This commit makes it so that nested annotations are recursively
mapped to properties. This should allow for more complex configuration
to be mapped from annotations.
See gh-23146
Exclude `@ConfigurationProperties` beans from method validation so
that `@Validated` can be used on final classes without the method
validation post-processor throwing an exception.
This commit introduces a `FilteredMethodValidationPostProcessor` class
which will use `MethodValidationExcludeFilters` to exclude beans from
method validation processing. Using `@EnableConfigurationProperties`
will automatically register an appropriate filter.
Closes gh-21454
Update `ConfigTreeConfigDataResource` so that a wildcard suffix can
be used to import multiple folders. The pattern logic from
`StandardConfigDataLocationResolver` has been extracted into a new
`LocationResourceLoader` class so that it can be reused.
Closes gh-22958
Previously, the test would make an HTTP request and, as soon as the
response was received, it would check the presence and value of the
http.server.requests meter. This create a race condition between the
meter being registered once the response had been flushed and the
meter's presence being checked. If the check won the race, the test
would fail.
This commit updates the test to wait for up to 5 seconds for the
meter to be present and have a count of 1, matching the single request
that has been made.
Fixes gh-23919
Previously, the locale context resolver used with WebFlux could only be
configured by provided a custom LocaleContextResolver bean. By
constrast, when using Spring MVC, the spring.mvc.locale and
spring.mvc.locale-resolver properties could be used to configure the
locale and the resolver (fixed or Accept header) respectively.
This commit introduces spring.web.locale and spring.web.locale-resolver
properties and deprecates their spring.mvc equivalents. The new
properties can be used to configure locale resolution with either
Spring MVC or WebFlux.
Closes gh-23449
Add a dedicate condition annotation to detect when Spring Security is
available but has not been configured by the user. The new annotation
helps simplify quite a few of our auto-configuration classes.
See gh-23421
Replace `WebSecurityConfigurer` and `WebSecurityConfigurerAdapter`
configurations with `WebSecurityCustomizer` or `SecurityFilterChain`
beans.
Closes gh-23421
Previously, @WebListeners were discovered via custom component scanning
and then registered programmatically via the ServletContext. The servlet
spec requires any ServletContextListener registered in this manner to be
prohibited from programatically configuring servlets, filters, and
listeners. This left us not strictly complying with the servlet spec
as a ServletContextListener registered via a @WebListener annotation
should be able to programatically configure other components.
This commit updates WebListenerHandler to register each @WebListener
component directly with Jetty, Tomcat, or Undertow rather than via the
ServletContext API. This ensure that any @WebListener-annoated
ServletContextListener registered via servlet component scanning is
able to programatically register servlets, filters, and listeners.
There is a small chance that this will be a breaking change for some
users:
1. The ServletListenerRegistrationBeans that were previously defined
for each @WebListener will now be
WebListenerHandler.WebListenerRegistrars
2. Each @WebListener-annotated class will now be instantiated by
Jetty, Tomcat, or Undertow. Jetty and Tomcat both require the class
to be public and have a public default constructor. Previously,
a package-private class or default constructor could be used as the
instantiation was performed by Spring Framework. Undertow is not
affected as it can instantiate a package-private type.
Fixes gh-18303
When `EnvironmentEndpoint` is building a response to return to the
web infrastructure, it creates a data structure containing all
property values from all property sources. Prior to this commit, it
was possible for the response data structure to contain property
values that were not serializable to JSON by Jackson, which would
cause an exception to be thrown by the web infrastructure. This
commit ensures the data structure is serializable to JSON by
ensuring property values are primitives or Strings, and returning
a placeholder value if a property value is of any other type.
Fixes gh-23805
Previously, the test would make an HTTP request and, as soon as the
response was received, it would check the presence and value of the
http.server.requests meter. This create a race condition between the
meter being registered once the response had been flushed and the
meter's presence being checked. If the check won the race, the test
would fail.
This commit updates the test to wait for up to 5 seconds for the
meter to be present and have a count of 1, matching the single request
that has been made.
Fixes gh-23863
Previously, the base path of a servlet-based management server could be
configured using management.server.servlet.context-path but there was no
equivalent property for WebFlux.
This commit introduces a new property, management.server.base-path,
that can be used with both servlet and reactive management servers. The
existing servlet-specific property has been deprecated in favour of the
new general property. When using the servlet stack, if both the general
property and the servlet-specific property are set, the new general
property takes precedence. When using the reactive stack, only the new
general property is considered.
Closes gh-22906
This commit fixes the auto-configuration of Spring Session to use
"server.servlet.session.timeout" as a fallback for Servlet-based web
applications only.
Closes gh-23752
Prior to this commit, the `StaticResourceLocation` for favicons would
point to `"/**/favicon.ico"`. This location does not reflect the current
web development landscape, since the png format and size variants are
not supported here. Also, the `"**"` pattern can be costly at runtime
and is deprecated by the new path pattern support in Spring Framework
(see gh-22833).
This commit changes the default locations to `"/favicon.*","/*/icon-*"`,
supporting common use cases such as `"/favicon.ico"`, `"/favicon.png"`
and `"/icons/icon-48x48.png"`.
Closes gh-23126
Update the `AbstractJarWriter` so that it can directly build the layer
index as entries are written. Prior to this commit, a layer tracking
was handled by a decorator class which was broken because it didn't
override enough methods. Since `AbstractJarWriter` has quite a complex
API, it seems sensible to have it handle the layer index directly,
removing the need for a decorator entirely.
Fixes gh-23801
Deprecate and provide alternatives for logging properties that are
specific to Logback.
The following Spring Boot properties have been changed:
* logging.pattern.rolling-file-name ->
logging.logback.rollingpolicy.file-name-pattern
* logging.file.clean-history-on-start ->
logging.logback.rollingpolicy.clean-history-on-start
* logging.file.max-size ->
logging.logback.rollingpolicy.max-file-size
* logging.file.total-size-cap ->
logging.logback.rollingpolicy.total-size-cap
* logging.file.max-history ->
logging.logback.rollingpolicy.max-history
As have the system environment properties that they map to:
* ROLLING_FILE_NAME_PATTERN ->
LOGBACK_ROLLINGPOLICY_FILE_NAME_PATTERN
* LOG_FILE_CLEAN_HISTORY_ON_START ->
LOGBACK_ROLLINGPOLICY_CLEAN_HISTORY_ON_START
* LOG_FILE_MAX_SIZE ->
LOGBACK_ROLLINGPOLICY_MAX_FILE_SIZE
* LOG_FILE_TOTAL_SIZE_CAP ->
LOGBACK_ROLLINGPOLICY_TOTAL_SIZE_CAP
* LOG_FILE_MAX_HISTORY ->
LOGBACK_ROLLINGPOLICY_MAX_HISTORY
This commit also cleans up and simplifies `DefaultLogbackConfiguration`.
Closes gh-23609
Prior to this commit, the how-to documentation would say that Spring
Boot does not support the h2c protocol. While it's not supported
out-of-the-box with a configuration property, this protocol can still be
configured using server customizers.
This commit documents, with code snippets, the server customizers one
should use to configure the h2c protocol in an application - for each
supported server.
Closes gh-21997
Prior to this commit, tests using the `@WebMvcTest` annotation would not
include the `HttpEncodingAutoConfiguration`. This means that, even if
configured, the encoding filter would not be configured in MVC tests,
resulting in an inconsistency with `@SpringBootTest` tests.
This commit ensures that the `HttpEncodingAutoConfiguration` is included
when `@WebMvcTest` is used.
Fixes gh-23749
Previously, when building a layered jar with Maven, dependencies
on modules in the same build were treated the same as any other
dependency, being included in the dependencies or snapshot dependencies
layer based on their version.
This commit updates the default layering when using Maven to include
dependencies on modules in the same build in the application layer by
default. The XML schema has also been updated to allow the layer to be
customized using new <includeModuleDependencies/> and
<excludeModuleDependencies/> elements rather than relying on including
and excluding them via a group:artifact:version pattern.
Closes gh-23463
This commit modifies the logic for finding properties files using
wildcard paths to ignore files if any part of the file path contains
a hidden directory. Hidden directories are common when Kubernetes
mounts config maps onto volumes in a pod, which was causing the same
properties files to be loaded multiple times.
Fixes gh-23160
Remove code from `LogbackLoggingSystem.loadDefaults` that sets Logback
context properties from the Spring Environment. The code should not be
required since `LoggingSystemVariables` will have already set system
variables for the logging config to use.
Closes gh-23767
This commit makes sure to defer registration of hibernate statistics
outside of the singleton lock as it can lead to deadlocks when the
EntityManagerFactory is initialized in deferred mode.
Closes gh-23740
This commit adds support for platform API 0.4 when invoking a CNB
builder in the Maven and Gradle plugins. If the builder advertises
that it supports platform API 0.4 then that version will be
requested when invoking lifecycle phases. Otherwise the plugins
will fall back to requesting platform API 0.3.
Requesting platform API 0.4 when invoking builder lifecycle phases
has the primary benefit of making it easier to pass command-line
arguments to the default process in the generated image.
Fixes gh-23692
This commit polishes the javadoc for Maven plugin classes now that
the plugin reference docs link to the javadoc. Visibility of some
MOJO parameter class getters and setters were also changed for
consistency.
See gh-21555
Previously, the shutdown hook was only registered once refresh has
completed. If the JVM was shut down during refresh (or after refresh
and before the hook was registered) the hook wouldn't run and the
partially refreshed context would not be cleaned up.
This commit moves the registration of the shutdown hook to before
refresh processing begins. This ensures that the hook is available
to clean up the context if the JVM is shutdown while refresh is in
progress.
Fixes gh-23625
This commit modifies the documentation generated for the
Maven plugin to include links to javadoc when Spring
Boot types are mentioned. Some javadoc was also polished
to improve the generated docs.
Fixes gh-21555
Refactor `ConfigData` processing code to make it less awkward to
follow.
Prior to this commit the `ConfigDataLocationResolver` would take a
String location and return a `ConfigDataLocation` instance. This was
a little confusing since sometimes we would refer to `location` as the
String value, and sometimes it would be the typed instance. We also
had nowhere sensible to put the `optional:` prefix logic and we needed
to pass a `boolean` parameter to a number of methods. The recently
introduced `Orgin` support also didn't have a good home.
To solve this, `ConfigDataLocation` has been renamed to
`ConfigDataResource`. This frees up `ConfigDataLocation` to be used
as a richer `location` type that holds the String value, the `Orgin`
and provides a home for the `optional:` logic.
This commit also cleans up a few other areas of the code, including
renaming `ResourceConfigData...` to `StandardConfigData...`. It also
introduces a new exception hierarchy for `ConfigDataNotFoundExceptions`.
Closes gh-23711
Update `SpringApplication` so that `FailureAnalyzers` apply even if
the `ApplicationContext` was not created. If no `ApplicationContext`
is available, only `FailureAnalyzer` instances that do not implement
any `Aware` interfaces are considered.
Closes gh-23710
Previously, when building a layered jar with Gradle, project
dependencies were treated the same as any other dependency, being
included in the dependencies or snapshot dependencies layer based
on their version.
This commit updates the default layering when using Gradle to include
project dependencies in the application layer by default. The DSL has
also been updated to allow their layer to be customized using new
includeProjectDependencies() and excludeProjectDependencies() methods
rather than relying on including and excluding them via a
group:artifact:version pattern.
Closes gh-23431
This commit upgrades to Liquibase 3.10.3 and adds an explicit exclude
check as this version started to include a "banner.txt" at the root of
the classpath. Given it may override a banner configured by the user it
is ignored so that the default banner is displayed.
Users impacted by this change can rename their banner and configure the
"spring.banner.location" property to point to it.
Closes gh-23658
When Kubernetes mounts config maps onto volumes in a pod, it creates
hidden files on the pod filesystem with symbolic links to the
hidden files. The symlinks are named for the user-provided config
map that was mounted, while the hidden files have system-generated
names.
Prior to this commit, the property sources created by the
configtree property source were added to the environment using the
system-generated hidden file name instead of the user-provided
symlink name. This commit corrects that behavior so the property
sources are named as a user would expect.
Fixes gh-23232
The CNB specifications allow builders to support multiple platform
API versions. The supported versions are published in the builder
image metadata as an array of version numbers, while a single
supported version number was published in earlier builder metadata.
These changes read the supported versions from the builder metadata
and fall back to the single version if the array is not present.
A CNB_PLATFORM_API environment variable is set on each lifecycle
phase invocation to request a specific version as recommended in
the CNB platform spec.
Fixes gh-23682
Stephane Nicoll
Andy Wilkinson
Scott Frederick
Pascal Schumacher
Michal Růžička
Dave Syer
Phillip Webb
izeye
Evgeniy Cheban
Sebastian Nohn
Stefan Zwanenburg
Madhura Bhave
Andy Wilkinson
Kedar Joshi
Brian Clozel
Pushkaraj S
Gary Russell
cdalexndr
olivier.antoine
dreis2211
Asha Somayajula
Michal Mlak
Adrien Bennadji