There is a direct link between the sslEnabled flag and the default port
that should be used by an address. The checks are currently set in two
places:
* Determine which port should be used
* Determine if SSL should be enabled
This commit polishes the initial proposal so that secureConnection is
only set if a protocol is available.
See gh-19109
Prior to this commit, ApiVersion was treated as a mandatory parameter in
CachingOperationInvokerAdvisor and thus prevented the
CachingOperationInvoker to kick in. By skipping ApiVersion in the same
way we're skipping SecurityContext we can avoid this.
In order to not return the same cached response, this commit also
changes the cache handling in CachingOperationInvoker to account for
different ApiVersions being passed.
See gh-18961
Previously, our Gradle plugin was not tested against Gradle 6.0,
a number of deprecation warnings were output when using the plugin
with Gradle 6, and some functionality related to the application
plugin did not work as expected.
This commit tests the plugin against Gradle 6. It also avoids calling
deprecated APIs. The plugin is compatibile against Gradle 4.10 where
the deprecated APIs' replacements are not available so reflection is
used to call the replcaements. Lastly, the way in which the base name
of the boot distribution that is created when the application plugin
is applied has been modified to ensure that it is effective when using
Gradle 6.
Closes gh-18663
Previously, when RunProcess handled a SIGINT it would immediately
attempt to destroy the process that it had run. This created a race
condition between the SIGINT being handled by the child process
and RunProcess destroying the child. The exact behavior of destroy
is implementation dependent and it may result in forcible termination
of the process where shutdown hooks are not called. This is what
happens on Windows. The exit code in such a case is 1 which prevents
anything from waiting for the process to complete from detecting
that it ended as a result of a SIGINT, leaving it with no choice but
to report an error. This is what happens with mvn spring-boot:run
with a forked process on Windows and results in the build failing.
This commit updates RunProcess to allow the child process to handle
the SIGINT itself, waiting for up to five seconds for that to happen
before the process is then destroyed. Given this time, the child
process exits with 130 which RunMojo already handles correctly as
indicating that the process died due to SIGINT and the build completes
with success as a result.
Fixes gh-18936
Previously, whitespace in between the keys and values in the JSON was
not trimmed correctly in BasicJsonParser which lead to it incorrectly
parsing JSON with whitespace between the opening of a list ([) and the
opening of a map ({).
This commit updates the parser to trim unwanted whitespace and adds a
test to AbstractJsonParserTests to verify the whitespace handling
behaviour across all JsonParser implementations.
Closes gh-18911
Previously @ServletComponentScan did not work when there was a
component index on the classpath as it made an assumption about
the concrete type of the BeanDefinitions produced by scanning that
does not hold true when an index is present.
This commit updates the scanning and the handlers to correct the
assumpution by working with a bean definition type that is produced
by scanning both when there is and when there is not an index present.
To prevent the problem from reoccuring, a test that uses and index
has been added and the import of ScannedGenericBeanDefinition is now
prohibited by Checkstyle.
Closes gh-18910
This commit makes sure that the health endpoint returns a default health
status when no contributors are available. Previously, it was returning
`null` which leads to a 404 when exposed via HTTP.
Closes gh-18676
Prior to this commit constructor bound configuration properties could
not be mocked because it would fail validation from
ConfigurationPropertiesBeanDefinitionValidator. The MockitoPostProcessor
registers the mocked bean as a singleton and validation can be skipped if a
singleton for the type is found in the bean factory.
Fixes gh-18652
This commit fixes a few bugs related to constructor binding.
The ContructorFilter on the Bindable has been replaced with a
Binder level BinderConstructorProvider so that it can be used to
determine the constructor to use for nested properties as well.
Fixes gh-18810
Fixes gh-18670
Closes gh-18685
Closes gh-18894
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
Previously, when the configuration properties annotation processor
encountered a property that was the same as an outer type that had
already been processed, it would fail with a stack overflow error.
This commit introduces the use of a stack to track the types that
have been processed. Types that have been seen before are skipped,
thereby preventing a failure from occurring. We do not fail upon
encountering a recursive type to allow metadata generation to
complete. At runtime, the recursive property will not cause a problem
if it is not bound.
Fixes gh-18365
Previously, the documentation did not provide any guidance on using
Jersey alongside Spring MVC or any other web framework.
This improves the documentation in two ways:
1. It notes that, in the presence of both Jersey and Spring MVC, the
Actuator will prefer Spring MVC for exposing HTTP endpoints.
2. It adds a how-to describing how to configure Jersey to forward
requests for which it has no handler on to the rest of the filter
chain. When Spring MVC is the other framework, this allows them to
be handled by its dispatcher servlet.
Closes gh-17523
This commit is a continuation of the work done in 987a5f81. In
addition to developers and licenses that are covered in the earlier
commit, a number of other settings are still inherited from the
starter parent. This commit updates the documentation to show them
being overridden as well.
Closes gh-18532
Previously, @EndpointFilter would only have an effect when used as
an annotation or meta-annotation on the endpoint class itself. It
would have no effect when used on a super-class of the endpoint
bean's class.
This commit updates EndpointDiscoverer so that an @EndpointFilter
annotation or meta-annotation on a super-class will be found and
applied to the discovery process. This is achieved by using find…
rather than get… when retrieving the attributes for the EndpointFilter
annotation.
Fixes gh-17866
Previously, AbstractDependsOnBeanFactoryPostProcessor was unordered
which meant that it was impossible to guarantee that another bean
factory post-processor would run after it. This prevented overriding
of the dependsOn relationships that is creates.
This commit updates AbstractDependsOnBeanFactoryPostProcessor to give
it a default order of zero. This will allow additional bean factory
post-processors to be configured with a lower precedence order (values
greater than 0) so that they run after any
AbstractDependsOnBeanFactoryPostProcessor and can override the
dependencies that it has configured.
Fixes gh-18362
Publishing to Maven Central requires spring-boot-starter-parent to
declare its license and developers. When a user then uses
spring-boot-starter-parent as their project's parent, these values
are inherited and this is almost certainly unwanted.
This commit updates the documentation to recommend and demonstrate
overriding the license and developers that are inherited from the
starter parent.
Closes gh-18532
Previously, the security risks and our recommendations on how to
mitigate them were not documented as clearly as they could have been.
This commit makes some changes to try to address this:
1. The security risk is now noted at the beginning of the section
2. The recommendation to use SSL is now documented more prominently
and an alternative recommendation to only use remote support on
a trusted network has been added.
3. The example secret has been removed to prevent copy and paste
4. A recommendation to use a secret that is unique and strong has been
added
Closes gh-18825
Previously, AopAutoConfiguration would only enable CGLib-based
proxies if aspectjweaver was on the classpath. The intention was for
CGLib-based proxies to always be used by default so this behaviour
was incorrect.
This commit updates AopAutoConfiguration to force the use of
CGLib-based proxies even in the absence of aspectjweaver.
Closes gh-18523
Previously, the endpoint tables in the documentation include an
"Enabled by default" column that listed whether or not an endpoint
was enabled by default. This resulted in some confusion as an endpoint
could be listed as being enabled by default but not actually be
enabled as the requirements for it being auto-configured has not been
met.
This commit removes the "Enabled by default" column and replaces it,
where needed, with some extra information in the "Description"
column that describes what is needed for the endpoint to be
auto-configured.
Closes gh-18633
In 2.2.0, @ConfigurationPropertiesScan was enabled by default.
Unfortunately, this had the unexpected side-effect of breaking
conditional enablement of a @ConfigurationProperties class via
@EnableConfigurationProperties if the @ConfigurationProperties class
was in a package covered by scanning.
This commit remove @ConfigurationPropertiesScan from
@SpringBootApplication so that it is no longer enabled by default.
2.1.x users who rely upon such conditional enablement of
@ConfigurationProperties classes can now upgrade to 2.2.x without
having to make any changes. Users who do not have such a need and are
in a position to use configuration properties scanning can now opt-in
by adding @ConfigurationPropertiesScan to their main application class
alongside @SpringBootApplication.
Closes gh-18674
Previously, all of the type exclude filters in
spring-boot-test-autoconfigure were package-private. This prevent a
user who was creating their own test slice from composing their own
TypeExcludeFilter with one of Boot's.
This commit updates all of the TypeExcludeFilters in the
test-autoconfigure module to make them public. The intention is only
to allow them to be composed with other type exclude filters when
referenced in a @TypeExcludeFilters annotation. Therefore, each
filter class is declared final and their constructors remain
package-private.
Closes gh-18746
This commit creates a new configuration property
`spring.codec.max-in-memory-size` which configures the maximum
amount of data to be buffered in memory by codecs (both client and
server).
This property has no default value - it will let Spring Framework handle
the default behavior, currently enforcing a 256KB for provided codecs.
Fixes gh-18828
Update `HealthEndpointConfiguration` to also include adapted reactive
health contributors when project reactor is on the classpath. Prior to
this commit, reactive contributors were only exposed in WebFlux
applications. This was a regression from Spring Boot 2.1 that we didn't
catch because all our own reactive contributors all have non-reactive
equivalents.
Closes gh-18805
This commit is a follow-up of a change in Spring Framework[1] to make
sure injection points that are expecting a specific bean by name use
a qualifier.
As a result of this change, MVC uses the dedicated MVC validator again
rather than the general one auto-configured by Spring Boot.
[1] https://github.com/spring-projects/spring-framework/issues/23887
Closes gh-18672
This commit restores the highest precedence of reactive
HealthContributor over imperative one. Previously, both would be
registered, leading to duplicate entries in health output.
Closes gh-18748
The configuration property is always cleared before bean instantiation
because the problem with bean instantiation might not necessarily be the
last bound property.
Fixes gh-18704
Previously, if a bean definition had no resource description, the
failure analysis description would state that the been had been
defined in null which was of no use to the user.
This commit updates the failure analysis to omit information about
where the bean was definied when the definition has no resource
description.
Fixes gh-18721
Update `ConfigurationPropertiesBean.getAll()` to limit the candidate
beans that will actually need a `getBean()` call. Prior to this commit
calling `getAll()` would trigger a get of every bean in the context,
some of which might fail.
Fixes gh-18714
Update `DataSourceHealthContributorAutoConfiguration` so that any
`AbstractRoutingDataSource` beans are still included in the overall
health. Prior to this commit, a regression in Spring Boot 2.2 meant
that if a single routing bean was found an `IllegalArgumentException`
would be thrown.
In Spring Boot 2.1 all `AbstractRoutingDataSource` would be filtered
from the results, but if no results existed the following was returned:
"details": {
"db": {
"status": "UNKNOWN"
},
In Spring Boot 2.2 we now always include routing datasource beans, even
if other non-routing database beans are found. The health details
includes `"routing" : true` to help users disambiguate any results.
Fixes gh-18661
Update `NamedContributorsMapAdapter` to check for `null` keys or values
during construction. Also update `HealthEndpointSupport` to allow
null component entries.
See gh-18687
Update `HealthEndpointSupport` so that aggregate elements that don't
ultimately provide a contribution are filtered out. Prior to this
commit an NPE was returned when calculating the aggregate status.
Fixes gh-18687
Rename `max-http-post-size` to `max-http-form-post-size` for Jetty and
Tomcat to make it clearer that they only apply to POSTed form content.
See gh-18566
Previously, the documentation did not describe how to combine
multiple security components when one component's
WebSecurityConfigurerAdapter or SecurityWebFilterChain would cause
the other components' beans of the same type to back off.
This commit adds a note that such cases should be handled by the user
defining their own WebSecurityConfigurerAdapter or
SecurityWebFilterChain that configures the use of all of the
components as required.
Closes gh-18507
This commit renames the `server.jetty.idle-timeout` property to
`server.jetty.thread-idle-timeout`, since there are other timeout
properties that are not tied to the threadpool configuration (e.g. the
connection idle timeout).
We might regroup thread-related properties in a dedicated group in the
future, see gh-18620.
Fixes gh-18615
Previously, the methods were named addServerProcessors and
setServerProcessors which wasn't aligned with them taking
socket factory processors (ServerRSocketFactoryProcessor) as an
argument.
This commit renames the methods to align them more closely with the
type of their arguments.
Closes gh-18617
Prior to this commit, all supported servers would share the same
configuration property `server.connection-timeout`. Unfortunately, in
many cases the behavior of this timeout changes depending on the server.
From actual connection setup timeout, to detecting and closing idle
connections, this property cannot be properly translated from one server
implementation to another.
This commit deprecates this configuration property and introduces server
specific properties:
* `server.jetty.connection-idle-timeout`
(Time that the connection can be idle before it is closed.)
* `server.netty.connection-timeout`
(Connection timeout of the Netty channel.)
* `server.tomcat.connection-timeout`
(Amount of time the connector will wait, after accepting a connection,
for the request URI line to be presented.)
* `server.undertow.no-request-timeout`
(Amount of time a connection can sit idle without processing a request,
before it is closed by the server.)
`server.connection-timeout` is now deprecated and will be removed in a
future release.
Fixes gh-18473
Previously, a WebSecurityConfigurerAdapter would be configured
irrespective of whether or not the user had provided their own
WebSecurityConfigurerAdapter. This then required them to use ordering
to diambiguate the configuration and made it harder to take complete
control of security configuration.
This commit updates the configuration of the SAML 2 login configurer
adapter to be conditional on missing bean, aligning it with other
security configuration such as the equivalent OAuth 2 configurer
adapter.
Closes gh-18530
Previously, when a NoSuchBeanDefinitionException was being analyzed,
the possibility of a missing @ConstructorBinding annotation on a
@ConfigurationProperties class was not considered.
This commit updates the failure analysis for failed constructor
injection of an instance of a @ConfigurationProperties-annotated
class. When such a failure occurs, adding @ConstructorBinding is
now suggested as an action.
Closes gh-18545
Due to a current limitation of Spring Framework, when bean metadata
caching is disabled, a merged bean definition may have a null
resolved factory method that would have been non-null if bean metadata
caching was enabled. Configuration property binding for @Bean methods
annotated with @ConfigurationProperties relied upon the resolved
factory method being enabled to find the @ConfigurationProperties
annotation and trigger property binding. As a result, when bean
metadata caching is disabled on the bean factory, such
@ConfigurationProperties beans would not be bound.
This commit works around the limitation by adding a fallback that
performs a reflection-based search for the factory method when the
resolved factory method on the bean definition is null. This allows
the bean's factory method and any @ConfigurationProperties annotation
on it to be found, ensuring that propoerty binding is then performed.
Fixes gh-18440
This commit adds a note to spring-boot-features.adoc to clarify that
using javadoc tags to format configuration property descriptions is not
supported.
See gh-18578
The upgrade to Jackson 2.10.0 means that the possibility of getting
an incompatible combination of Woodstox and the StAX API when
building with Maven has gone. This commit removes the dependency
management as it was only added to work around the incompatibility
in Jackson's transitive dependencies.
Closes gh-18500
Update `NewRelicProperties` so that the event type sent with each
metric can be configured. An additional `boolean` property has
also been added if the previous behavior using the "meter-name"
is required.
NewRelic's own agents publish metrics to eventTypes aligned with broader
categories. To align with their recommendation the default behavior is
to publish metrics under a "SpringBootSample" category. When doing so,
additional context is provided by including "metricName" and
"metricType" attributes.
See gh-18472
Add `String` -> `File` support to the `ApplicationConversionService`
that can support both simple filename as well as file URLs.
This allows Spring Boot application to work in a similar way to vanilla
Spring applications where Spring's `FileEditor` provides similar
support.
Closes gh-16931
Update `AutoConfigureAnnotationProcessor` to no longer store
`@Configuration.value` in the meta-data JSON since we never actually
read it.
Closes gh-16608
Fix a regression caused by e41c5a43 which incorrectly allowed the
`ValueObjectBinder` to be picked when the `JavaBeanBinder` should
have been used.
Closes gh-18485
Update the configuration processor to use the newly introduced
`@ConstructorBinding` annotation to determine when meta data
should be generated from constructor parameters.
Prior to this commit, the processor had no good way to tell when
constructor parameters should be used instead of getters/setters.
Closes gh-17035
Add a bean definition post-processor that throws a better exception
if @ConstructorBinding property beans are being instantiated as
regular Spring beans.
Prior to this commit, a constructor bound properties bean would fail
with an unsatisfied dependency exception which isn't all that helpful.
Closes gh-17831
Previously, Maven's default behaviour was relied up which resulted
in the artifact ID being appended to each URL as it was inherited.
This behaviour can only be disabled in Maven 3.6 and later, a version
that we cannot use due to an incompatibility with the Flatten Plugin.
This commit works around Maven's default behaviour by defining
properties for the SCM URL, connection, and developer connection and
then explicitly defining the settings in each pom using these
properties. The explicit definition of the properties in each pom
prevents them being inherited from the parent, thereby disabling the
unwanted appending of the artifact ID to the URL.
Fixes gh-18328
Update `@ConfigurationProperties` constructor binding support to only
apply when a `@ConstructorBinding` annotation is present on either the
type or the specific constructor to use.
Prior to this commit we didn't have a good way to tell when constructor
binding should be used vs regular autowiring.
For convenience, an `@ImmutableConfigurationProperties` meta-annotation
has also been added which is composed of `@ConfigurationProperties` and
`@ConstructorBinding`.
Closes gh-18469
Update `JerseyManagementContextConfiguration` so that customizer beans
are not longer applied. The endpoint resource endpoints are now added
with a registrar bean `@PostConstruct` method.
Prior to this commit, when running the management server on a different
port a `Resource` added by a customizer could be added two different
`ResourceConfig` instance. This breaks the singleton contract expected
by Jersey.
Fixes gh-17801
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
Fix a package tangle that was introduced when we added cache bypass to
`SpringIterableConfigurationPropertySource`. Ideally we should have
been able to depend on `env` from `context` but unfortunately the
`EnvironmentPostProcessor` interface references `SpringApplication`
which needs to use the Binder.
The `isImmutable` method has now been moved to `OriginLookup` which
removes the immediate tangle.
Closes gh-18393
Add an appication context initializer to detect and store the
active RSocket port in the Environment under
`local.rsocket.server.port`.
Additionally add a `@LocalServerPort` that provides a convenient
alternative to `@Value`.
See gh-18287
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
Extract reactor specific code to an inner class to protect
against ClassNotFound exceptions if reactor is not in use.
Also add support for `Flux`.
See gh-18339
Update `CachingOperationInvoker` so that TTL caching is applied directly
to reactive types. Prior to this commit, a `Mono` would be cached, but
the values that it emitted would not.
See gh-18339
Allow the `LazyInitializationBeanFactoryPostProcessor` to skip setting
lazy-init based on a programmatic callback. This feature allows
downstream projects to deal with edge-cases in which it is not easy to
support lazy-loading (such as in DSLs that dynamically create additional
beans).
See gh-16615
Update `LegacyHealthEndpointCompatibilityConfiguration` to ensure that
the default configuration is only overwritten when the user has
explicitly set new values.
Fixes gh-18354
Add a `show-components` property under `management.endpoint.health` and
`management.endpoint.health.group.<name>` that can be used to change
when components are displayed.
Prior to this commit it was only possible to set `show-details` which
offered an "all or nothing" approach to the resulting JSON. The new
switch allows component information to be displayed whilst still hiding
potentially sensitive details returned from the actual `HealthIndicator`.
Closes gh-15076
Update the health endpoint so the nested components are now exposed
under `components` rather than `details` when v3 of the actuator
REST API is being used.
This distinction helps to clarify the difference between composite
health (health composed of other health components) and health
details (technology specific information gathered by the indicator).
Since this is a breaking change for the REST API, it is only returned
for v3 payloads. Requests made accepting only a v2 response will have
JSON provided in the original form.
Closes gh-17929
Add `ApiVersion` enum that can be injected into actuator endpoints if
they need to support more than one API revision.
Spring MVC, WebFlux and Jersey integrations now detect the API version
based on the HTTP accept header. If the request explicitly accepts a
`application/vnd.spring-boot.actuator.v` media type then the version
is set from the header. If no explicit Spring Boot media type is
accepted then the latest `ApiVersion` is assumed.
A new v3 API revision has also been introduced to allow upcoming health
endpoint format changes. By default all endpoints now consume and
can produce v3, v2 and `application/json` media types.
See gh-17929
Update `DataSourceInitializedPublisher` to fallback to the
`LocalContainerEntityManagerFactoryBean` if the
`javax.persistence.nonJtaDataSource` property is not defined.
As of Hibernate 4.3 the property is no longer set if the `EntityManager`
is created from a `PersistenceUnitInfo` instance rather than actual
properties.
Although this is being addressed in Hibernate issue HHH-13432, it's
not strictly a requirement of the JPA spec that the property is set.
Fixes gh-17061
Allow legacy actuator endpoint IDs that contain dots to be transparently
migrated to the new format. This update will allow Spring Cloud users
to proactively migrate from endpoints such as `hystrix.stream` to
`hystrixstream`.
Closes gh-18148
This will ensure that ReactiveManagementWebSecurityAutoConfiguration backs
off and that the actuator endpoints are also secured via OAuth2.
Fixes gh-17949
Previously, a number of usages of @ConditionalOnMissingBean prevented
a bean that implements an auto-configured bean's "main" interface from
causing the auto-configuration of the bean to back off. This would
happen when @ConditionalOnMissingBean did not specify a type, the
@Bean method returned the bean's concrete type, and that concreate
type implements a "main" interface.
This commit updates such usages of @ConditionalOnMissingBean to
specify the "main" interface as the type of the bean that must be
missing. This will allow, for example, the auto-configured
MongoTemplate bean to back off when a MongoOperations bean is defined.
Fixes gh-18101
Restore `HealthIndicatorRegistry` and `ReactiveHealthIndicatorRegistry`
auto-configured beans with a version that adapts to the new contributor
interfaces.
Closes gh-16903
Add support for a `spring.banner.image.pixelmode` property which can
be set to `block` to use unicode block characters when rendering image
banners.
Closes gh-18301
Update `ApplicationContextRequestMatcher` to ensure that the `matches`
method is never called before `initialized`. This fixes an issue
accidentally introduced in commit 5938ca78 where concurrent calls
to `matches` could trigger unexpected errors due to the fact that the
second call proceeded before the `initialized` method had returned.
Fixes gh-18211
Refactor the `org.springframework.boot.actuate.context` package
with the following changes:
- Deprecate several classes which would ideally be internal
- Replace `ConfigurationBeanFactoryMetadata` with a new
`ConfigurationPropertiesBean` class to better reflect that we no
longer maintain meta-data directly.
- Use constructor injection and final fields whenever possible
- Rename `ConfiguraionPropertiesBeanDefinition` to
`ConfigurationPropertiesValueObjectBeanDefinition` to align
with the binder changes made in commit 0b3015e4ff
- Add additional tests
Closes gh-16903
This commit warns developers about the fact that plugging RSocket into
an existing web server is only possible with Reactor Netty web servers.
RSocket itself is using Reactor Netty, so this is why we can plug an
RSocket over websocket handler in an existing Reactor Netty handler.
This feature is not possible with other web servers, as existing APIs do
not make that possible.
Fixes gh-17494
After a change in Spring Framework (see
spring-projects/spring-framework#23314), the `RouteMatcher` to be used
with the RSocket infrastructure is configured on the `RSocketStrategies`
directly.
This commit moves the auto-configuration of the
`PathPatternRouteMatcher` from the message handling parts to the RSocket
strategy one.
Closes gh-17571
Prior to this commit, Spring Boot would use `Schedulers.elastic()` when
required to process blocking tasks in a reactive environment.
reactor/reactor-core#1804 introduced a new scheduler,
`Schedulers.boundedElastic()` that behaves quite similarly but:
* will limit the number of workers thread
* will queue tasks if no worker thread is available and reject them is
the queue is exceeds a limit
This allows Spring Boot to schedule blocking tasks as before and allows
greater flexibility.
Fixes gh-18269
See gh-18276
Previously, Reactor Netty was the only embedded server that enabled
H2C by default. This commit updates the factory to only enable HTTP/2
when SSL has also been configured, aligning it with Jetty, Tomcat,
and Undertow.
If H2C is required, it can be enabled using a NettyServerCustomizer:
@Bean
NettyServerCustomizer h2cCustomizer() {
return (httpServer) ->
httpServer.protocol(HttpProtocol.HTTP11, HttpProtocol.H2C);
}
Closes gh-17867
This commit makes sure that any subsequent call on addProtocolResolver
on the context will impact the ResourceLoader implementation that
DevTools sets on the context.
This makes sure that any custom ProtocolResolver that is set later in
the lifecycle is taken into account.
Closes gh-17214
Prior to this change, the custom port configured for the RSocket
server would not be used if the server factory is using the
websocket transport and is provided with a custom
`ReactorResourceFactory`.
Fixes gh-18200
This new property allows to customize `fileNamePattern` if it is set.
Otherwise, a default pattern remains. Also, new property is supported
`logging.pattern.rolling-file-name`.
See gh-18151
Previously, the upgrade to Flyway 6 broke compatibility with Flyway
5.2 due to the use of method references that refer to two methods
that do not exist in Flyway 5.2.
This commit replaces the method references with lambdas that are only
called if the user sets the related property. Unless a new-in-Flyway-6
property is set, the auto-configuration will work as before. When such
a property is set the auto-configuration will fail with a
NoSuchMethodError. This approach was chosen to make the
incompatibility clear.
We have also introduced support for passing any JavaMigration beans
in the context into Flyway. This too relies on API that is new in
Flyway 6. It is possible (although unlikely) that users had
JavaMigration beans in Spring Boot 2.1 that were being ignored. This
commit restores this behaviour when using Flyway 5.2.
Closes gh-18193
This commit applies `ServerRSocketFactoryCustomizer` beans to RSocket
setups when the RSocket server is being plugged into an existing Reactor
Netty web server.
Fixes gh-18208
Update configuration properties support to allow the `@Component`
annotation to be used on `@ConfigurationProperties` beans as long
as they are mutable.
This restores the behavior of Spring Boot 2.1 for mutable beans whilst
still allowing us to enforce the stricter rules for immutable value
object configuration properties.
Closes gh-18138
This commit moves `@ConfigurationProperties` to the `@Bean` factory
method as this is unusual to put it at class level if it's exposed
that way.
As HealthIndicatorProperties has a constructor, this makes sure that
the annotation processor enables JavaBean binding mode.
This commit makes sure that a ConfigurationProperties type contributed
by a `@Bean` factory method uses properties binding regardless of the
presence of a matching constructor.
`@Bean` method makes sure the user is in control and will be responsible
of creating the instance. As a result, binding of properties will not
happen there and therefore can only happen with regular JavaBean
accessors.
Closes gh-18184
Previously, a number of usages of @ConditionalOnMissingBean prevented
a bean that implements an auto-configured bean's "main" interface from
causing the auto-configuration of the bean to back off. This would
happen when @ConditionalOnMissingBean did not specify a type, the
@Bean method returned the bean's concrete type, and that concreate
type implements a "main" interface.
This commit updates such usages of @ConditionalOnMissingBean to
specify the "main" interface as the type of the bean that must be
missing. This will allow, for example, the auto-configured
MongoTemplate bean to back off when a MongoOperations bean is defined.
Previously, calling getComment() on a nested jar file would result
in the outer jar file's comment being returned.
This commit updates the loader's JarFile to read the file's comment
from the central directory end record and return it from getComment().
Fixes gh-18128
Previously, the configuration processor would ignore any
@ConfigurationProperties-annotated methods that were not public. This
prevented metadata generation for package-private @Bean methods such
as those in DataSourceConfiguration's inner-classes for DBCP2, Hikari,
and Tomcat JDBC.
This commit updates the annotation processor so that it will process
any non-private method annotated with @ConfigurationProperties.
Fixes gh-18124
Update the MockMvc documentation to provide more details about the
pros and cons of such an approach, specifically calling out the
difference with error page handling.
See gh-16718
Update the javadoc to note that `scanBasePackages` only affects the
`@ComponentScan` annotation and isn't a replacement for `@EntityScan`
or `@Enable...Repositories`.
Closes gh-18109
Update `SolrHealthIndicator` to fallback to a basic ping operation if
the `baseUrl` references a particular core rather than the root context.
Prior to this commit, if the Solr `baseUrl` pointed to a particular
core then the health indicator would incorrectly report `DOWN`.
See gh-16477
Previously, a custom FlywayMigrationInitializer bean named anything
other than flywayInitializer could result in a
NoSucBeanDefinitionException as the dependencies set up for JPA and
JDBC components used the bean name flywayInitializer.
This commit updates the configuration of the dependencies to depend
on FlywayMigrationInitializer beans by type rather than name.
Fixes gh-18105
Previously, a custom Flyway bean named anything other than flyway
could result in a NoSucBeanDefinitionException as the dependencies
set up for JPA and JDBC components used the bean name flyway.
This commit updates the configuration of the dependencies to depend
on Flyway beans by name rather than type.
Fixes gh-18102
This reverts commit f6f99d7855 as 9.4.20
includes an incompatible class change where an abstract class in
Jetty's public API was changed to an interface, making it incompatible
with Framework 5.1.9.
See gh-18035
Fix caching issues in `ApplicationContextRequestMatcher` and allow
subclasses to ignore an application context entirely. Update existing
matcher implementations so that they deal with the management context
correctly.
Prior to this commit, the `ApplicationContextRequestMatcher` would
return a context cached from the first request. It also didn't
provide any way to ignore a context. This meant that if the user was
running the management server on a different port the matching results
could be inconsistent depending on if the first request arrived on
the regular context or the management context. It also meant that we
could not distinguish between the regular context and the management
context when matching.
Closes gh-18012
Previously, when the Spring Boot CLI ran the Java command line for an
application it did a straight invocation which suppressed propagation of
signals to the JVM in certain circumstances (e.g within Docker containers).
This change prepends the command with exec which causes the Java process to
replace the script process in a shell ensuring that signals are propagated to
the Java process without suppression.
See gh-17976
Signed-off-by: Ben Hale <bhale@pivotal.io>
Previously, MetaInfResourceManager that we use with Undertow to serve
static resources from jar's META-INF/resources did not correctly
handle characters in the path that should be percent-encoded when
used in a URL.
This commit updates MetaInfResourceManager to encode the path before
it is used to create a URL. Prior to this encoding, encoded slashes
(%2F) are decoded as, unlike other encoded characters in the request's
URL, encoded slashes are not decoded prior to calling the
ResourceManager.
Fixes gh-17853
This commit also changes the request matcher for MVC
endpoints to use an AntPathRequestMatcher instead of an
MvcRequestMatcher. The endpoint is always available
under the mapped endpoint path and this way the same matcher
can be used for both MVC and Jersey.
Fixes gh-17912
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
Move management `ErrorPage` registration from the
`WebMvcEndpointChildContextConfiguration` to
`WebMvcEndpointChildContextConfiguration` and only add it when the
error controller is registered.
Fixes gh-17938
Previously, when spying on a scoped bean the creation of the spy
would be performed using the scoped proxy. This would result in
the spy being unable to spy on any of the target bean's methods as
the scoped proxy's implementations of those methods would be final.
This commit updates MockitoPostProcessor so that the creation of the
spy and injection of the @SpyBean-annotated field is performed using
the scoped target. The scoped target has not be proxied so this
allows Mockito to spy on all of its methods.
Closes gh-17817
Previously, the deferred line writing that is used, to print MockMvc
results to the console assumed that each DeferredLinesWriter would
only be used by a single thread at a time. This assumption does not
hold true when using JUnit 5's parallel test exection if the tests
running in parallel share an application context. This resulted in
a concurrent modification exception if one thread was adding lines
to the output while another was iterating over them.
This commit updates DeferredLinesWriter so that it uses thread local
storage for the deferred lines. This ensures that each List of lines
is only ever accessed by a single thread.
Closes gh-16179
The versions of Jackon's bom and the versions of Jackson are often
not the same. For example, at the time of writing, the latest bom
version is 2.9.9.20190807 but the latest version of Jackson's core
is 2.9.9 and the latest version of Jackson's databind is 2.9.9.3.
spring-boot-dependencies using a property, jackson.version, to control
the version of jackson-bom that is imported. To make it clear that the
version property controls the version of Jackson's bom and not of
Jackson itself, this commit deprecates jackson.version in favour of
a new jackson-bom.version property.
An additional benefit of this change is that it addresses a problem
when using Gradle and the dependency management plugin. Jackson's bom
uses a jackson.version property to control the version
of core Jackson modules. This names clashes with the name of the
property used by spring-boot-dependencies. Specifying a custom
jackson.version to control the version of the bom that is imported
would also have the unwanted side-effect of customizing the version of
the core Jackson modules declared in Jackson's bom.
Fixes gh-17808
This commit renames ApplicationHealthIndicator to PingHealthIndicator
and changes the auto-configuration so that it is now always configured
by default.
Closes gh-17926
Update the `HealthEndpoint` to support health groups. The
`HealthEndpointSettings` interface has been replaced with
`HealthEndpointGroups` which provides access to the primary group
as well as an optional set of additional groups.
Groups can be configured via properties and may have custom
`StatusAggregator` and `HttpCodeStatusMapper` settings.
Closes gh-14022
Co-authored-by: Stephane Nicoll <snicoll@pivotal.io>
Overhaul `HealthEndpoint` support to make it easier to support health
groups. Prior to this commit the `HealthIndicator` interface was used
for both regular indicators and composite indicators. In addition the
`Health` result was used to both represent individual, system and
composite health. This design unfortunately means that all health
contributors need to be aware of the `HealthAggregator` and could not
easily support heath groups if per-group aggregation is required.
This commit reworks many aspects of the health support in order to
provide a cleaner separation between a `HealthIndicator`and a
composite. The following changes have been made:
- A `HealthContributor` interface has been introduced to represent
the general concept of something that contributes health information.
A contributor can either be a `HealthIndicator` or a
`CompositeHealthContributor`.
- A `HealthComponent` class has been introduced to mirror the
contributor arrangement. The component can be either
`CompositeHealth` or `Health`.
- The `HealthAggregator` interface has been replaced with a more
focused `StatusAggregator` interface which only deals with `Status`
results.
- `CompositeHealthIndicator` has been replaced with
`CompositeHealthContributor` which only provides access to other
contributors. A composite can no longer directly return `Health`.
- `HealthIndicatorRegistry` has been replaced with
`HealthContributorRegistry` and the default implementation now
uses a copy-on-write strategy.
- `HealthEndpoint`, `HealthEndpointWebExtension` and
`ReactiveHealthEndpointWebExtension` now extend a common
`HealthEndpointSupport` class. They are now driven by a
health contributor registry and `HealthEndpointSettings`.
- The `HealthStatusHttpMapper` class has been replaced by a
`HttpCodeStatusMapper` interface.
- The `HealthWebEndpointResponseMapper` class has been replaced
by a `HealthEndpointSettings` strategy. This allows us to move
role related logic and `ShowDetails` to the auto-configure module.
- `SimpleHttpCodeStatusMapper` and `SimpleStatusAggregator`
implementations have been added which are configured via constructor
arguments rather than setters.
- Endpoint auto-configuration has been reworked and the
`CompositeHealthIndicatorConfiguration` class has been replaced
by `CompositeHealthContributorConfiguration`.
- The endpoint JSON has been changed make `details` distinct from
`components`.
See gh-17926
This commit improves InvalidConfigurationPropertiesException failure
analysis by adding a dedicated description when a single autowiring
constructor is found. When @Component is removed, such constructor is
used for properties binding and will not apply the same semantics as
before.
Closes gh-17750
The userDn and password in LdapContextSource are not nullable. The
default values for userDn and password in LdapProperties are null. When
the values are set to null there will eventually be a
NullPointerException during
AbstractContextSource#setupAuthenticatedEnvironment since HashTable
doesn't allow null for values.
See gh-17861
This commit prevents a potential NPE if the startTime of the
MavenSession is not available and fallbacks to the current time. This
can happen when invoking the plugin with Maven embedded in an IDE.
Closes gh-17810
Refine the `IllegalStateException` thrown from `PropertySourceLoader`
for unknown extensions to also indicated that folder references must end
in '/'.
Closes gh-17241
Missing change logs would lead to an exception even
if the checkChangeLogLocation was set to false. Spring Boot's check
would pass but Liquibase would fail later making this property redundant.
Fixes gh-16232
This commit separates the auto-configuration of the `SessionFactory` in
an isolated class so that the rest of the auto-configuration is still
applied if the user provides a custom `SessionFactory` bean.
See gh-17662
This significantly rework the auto-configuration to reflect the order
in which things are expected. Rather than keeping a conceptual cycle
between the builder and the two inner classes that are processed first,
the configuration is now split in three parts:
* The builder that is required and common
* The configuration when the HighLevelClient is available
* The RestClient configuration when that's not the case
See gh-17488
Update `@Selector` with a `match` attribute that can be used to select
all remaining path segments. An endpoint method like this:
select(@Selector(match = Match.ALL_REMAINING) String... selection)
Will now have all reaming path segments injected into the `selection`
parameter.
Closes gh-17743
* pr/17646:
Polish "Default password shouldn't be generated for resource server"
Default password should not be generated when using resource server
Closes gh-17646
Update `UndertowServletWebServerFactory` so that only our own mime type
mappings are included. Prior to this commit both our mime mappings and
Undertow's default mime mappings would always be included.
Fixes gh-17687
This commit adds an extra condition to JdbcRepositoriesAutoConfiguration
so that it doesn't scan for repositories if a transaction manager is not
available as this dependency is now mandatory.
Closes gh-17654
Since spring-projects/spring-framework#23314 and the following commit
spring-projects/spring-framework@be4facef1b, the RSocket codec selection
is relaxed and the order of configured commits matters again.
This commit ensures that the CBOR codec is configured ahead of the JSON
codec so that it can be chosen first if no data mime type is specified
when a connection is established with a client requester.
Since spring-projects/spring-framework#23314, the `RSocketStrategies`
provide more codecs by default, and there is no need to order them to
avoid conflicts during mime type selection.
This commit also ensures that the `PayloadDecoder.ZERO_COPY` is
configured on the RSocket server if the configured `DataBufferFactory`
is compatible with that strategy.
Extend `JsonContentAssert` with `hasJsonPath` and `doesNotHaveJsonPath`
methods which can be used to check the path regardless of the value it
may or may not contain.
Prior to this commit there wasn't an easy way to assert that the
Jackson `@JsonInclude(JsonInclude.Include.NON_NULL)` annotation was
applied since `assertDoesNotHavePathValue` would pass for both
`{"name" : null}` and `{}`.
Closes gh-17608
This commit updates the `RouteMatcher` configuration after the latest
Spring Framework changes. The default route matcher implementation based
on the `PathPattern` infrastructure is now tailored for the messaging
use case (path separator, path encoding options and trailing separator).
See spring-projects/spring-framework#23310
Previously, the sourceDocumentExtension used for the single-page
documentation was htmlsingleadoc and for the multi-page docs they
were adoc and htmladoc. When finding source files to render, the
Asciidoctor Maven Plugin looks for files with a name that ends with
one of the configured extensions. This resulted in the
index.htmlsingleadoc file matching the adoc extention in the
multi-page configuration in addition to the intended match for the
index.htmladoc. As a result both the single-page and multi-page
indexes were rendered when rendering the multi-page documentation.
In addition to this unwanted rendering, if the single-page index was
rendered after the multi-page index, the multi-page index would be
overwritten by the single-page index, leaving the multi-page docs with
the wrong index file. Asciidoctor uses File.listFiles() during its
source file discovery which is documented as having no guarantee
that the resulting array will be in any specific order. As a result,
there was also no guarantee about which index we'd end up with.
Closes gh-17263
Previously, Jackson2ObjectMapperBuilder was a singleton bean. This
meant that if it was injected and mutated in one injection point,
usage in a subsequent injection point would see the previous
injection point's mutation which can lead to unexpected failures.
This commit updates the auto-configuration of the builder to make it
a protoype bean. Mutation of the builder that is intended to apply
globally should be made using a customizer.
Closes gh-17477
Previously, DeferredLinesWriter would collect MockMvc output from
every test that has executed. If a test eventually failed, the
output from every test up to including the one that had failed would
be output, rather than just the output for the test that has just
failed.
This commit clears the deferred lines after each test, thereby
ensuring that when a failure occurs only the lines from the failing
test are output.
Fixes gh-17551
Update `BuildInfoMojo` so that the time property now defaults to
`${session.request.startTime}` rather than the time the Mojo was
created. Also update javadoc to make it clear that any supplied
value will be passed to `Instant.parse`.
See gh-17390
This commit updates ConfigurationPropertiesScanRegistrar to apply the
same component scan filters than the ones applied on standard classpath
scanning.
As a result, configuration properties scanning is automatically disabled
in slice tests and can be included by an explicit import or a dedicated
TypeFilter implementation if necessary.
Closes gh-16659
Meta-annotate `ClassPathExclusions` and `ClassPathOverrides` with
so that the `ModifiedClassPathExtension` no longer needs to be
used directly.
See gh-17491
Replace any direct `junit-platform-launcher` dependencies and instead
rely on the test runner providing it. Launcher related class are not
handled via reflection.
This update allows us to workaround SUREFIRE-1679.
Closes gh-17517
Add a JUnit 5 extension that allows tests to be run with a
modified classpath. Since JUnit 5 does not currently offer a way
to run tests with a different classpath, we instead fake the
original invocation and launch an entirely new run for each
method.
See gh-17491
Using a random value for the logfile name caused
the logfile endpoint to return a 404 as the name
was resolved from the environment on every request.
This commit registers a bean for LogFile which is then
used by the logfile endpoint.
Fixes gh-17434
The `reactor-tools` dependency now brings a new Reactor Debug Agent
which instruments loaded classes for better Reactor stacktraces.
This commit removes the `spring.reactor.stacktrace-mode.enabled`
configuration property since the related Reactor Hook is about to be
removed.
As a replacement, we're introducing `spring.reactor.debug-agent.enabled`
which tells whether the Reactor Debug Agent should be loaded, given that
the `reactor-tools` dependency is available. This option is enabled by
default, since adding the dependency on classpath is a strong signal
already.
Fixes gh-17128
Prior to this commit, having the `spring-boot-starter-rsocket` and the
`jackson-dataformat-xml` dependencies on classpath would result in a
`ClassCastException` when the RSocket auto-configuration tries to
configure Jackson CBOR codecs for RSocket strategies.
This commit disables the Jackson XML support for the CBOR codec in
RSocket.
Fixes gh-17425
Stephane Nicoll
cbono
thelproad
Brian Clozel
Adam Michalik
dreis2211
Mark Bigler
Madhura Bhave
Dave Syer
Guillaume Lours
Johnny Lim
Andy Wilkinson
wonwoo
Phillip Webb
Mark Pollack
Jens Teglhus Møller
wycm
Jaeyeon Kim
larrywest
mattisonchao
wwjay9
Cosmin Humeniuc
Philippe De Neve
Alessandro Falappa
nkjackzhang
Rafiullah Hamedy
Dmytro Nosan
Leo Li
xiaokeliu666
contextshuffling
Sebastien Deleuze
Ted M. Young
clove506
Michael Simons
Kant Leung
Neil Powell
kenneth
Vedran Pavic
Verónica Vásquez
Tadaya Tsuyukubo
Roland Weisleder
Tyler Van Gorder
Yuyan
Eddú Meléndez
Rossen Stoyanchev
Toshiaki Maki
Wagner Macedo
aohana
Harald Brabenetz
Camille Vienot
rajadilipkolli
Andy Clement
Leonard Brünings
Peter Sauer
gaohanghang
ibmmqmet
Peter Jurkovic
Tetsuya Hasegawa
michal
Markus Schuch
Wanderrful
freekry
davinkevin
Semyon Danilov
Ben Hale
HaiTao Zhang
LiangYong
Gang Zhang
lijuny
Filip Hrisafov
Andrii Hrytsiuk
Sergei Petunin
jason
周武栋
zhuzhuman
Andy Chen
SaberXu
Jacques-Etienne Beaudet
陈其苗
Bo Zhang
P.J. Meisch
vivganes
Tomas Aschan
lihongmingming
Artem Bilan
chao.chang
Remko Popma
adavid9
Sam Brannen
Marc Rohlfs
dirkdeyne
ayudovin
EugeneMsv
ielatif
Andreas Gebhardt
Ryan Dunckel