fix(deps): update spring boot to v3.1.5

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.springframework.boot:spring-boot-starter-parent (source)	3.1.2 -> 3.1.5
org.springframework.boot	3.1.2 -> 3.1.5

---

Release Notes

spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-parent)

v3.1.5

Compare Source

🐞 Bug Fixes

• Constructor binding with a custom collection type does not work #​37941
• @Order does not work on (CommandLine|Application)Runner @Bean methods #​37938
• @ComponentScan on a test class is processed when creating a test context but is not included in the context's cache key #​37924
• Restarter creates memory leak in tests #​37920
• AOT processing fails when a @WebServlet found by scanning is annotated with @MultipartConfig #​37883
• Gradle plugin uses to-be-deprecated API for getting and setting file permissions #​37881
• Task executor metrics are not registered when using lazy initialization #​37838
• Gradle AOT processing tasks do not use project's Java toolchain #​37826
• @ServiceConnection is not found when used in an interface implemented by a test class #​37671
• Image building can fail when using GraalVM compilation and a remote Docker daemon #​37665
• NPE from Jetty's WebSocketUpgradeFilter when testing with @SpringBootTest, @AutoConfigureMockMvc, and MockMvc #​37663
• @WebListener does not work in a native image without additional reflection hints #​37635
• AspectJ transaction management with compile-time weaving does not work with spring.main.lazy-initialization=true #​37632
• IPv6 IP addresses cannot be used with RabbitMQ #​37619
• Unwanted Logback status messages are sometimes logged during startup #​37600
• Managed types for Neo4j are not used in Neo4j Data auto configuration #​37594
• fileMode and dirMode are not applied to all entries in an archive produced by BootJar #​37588
• Application fails to start when an optional config import cannot be resolved #​37570
• Contrary to the documentation, setting spring.jms.listener.concurrency alone configures the maximum concurrency #​37553
• Dependency management for kafka-server-common with a test classifier is missing #​37542
• RepackageMojo doesn't support 1 digit numerical values for project.build.outputTimestamp #​37535

📔 Documentation

• Document that 'spring.docker.compose.file' can be used to share Docker Compose configuration between applications #​37886
• Remove link to LiveReload website due to timeout #​37691
• Refer to ActiveMQ as ActiveMQ "Classic" #​37615
• Removal of spring.webflux.multipart.streaming is not documented #​37609
• Default value of spring.jmx.registration-policy is not documented #​37596
• Update documentation to align with Mockito 5 using the inline mock maker by default #​37561
• Add Javadoc since for AbstractAotMojo.getSession() #​37547
• Document support for Java 21 #​37532
• Use more idiomatic Kotlin in example for "Map Health Indicators to Micrometer Metrics" #​37510

🔨 Dependency Upgrades

• Upgrade to Byte Buddy 1.14.9 #​37853
• Upgrade to Couchbase Client 3.4.11 #​37759
• Upgrade to Dropwizard Metrics 4.2.21 #​37897
• Upgrade to Hibernate 6.2.13.Final #​37854
• Upgrade to HttpCore5 5.2.3 #​37762
• Upgrade to Infinispan 14.0.19.Final #​37855
• Upgrade to Jackson Bom 2.15.3 #​37898
• Upgrade to Jetty 11.0.17 #​37856
• Upgrade to Jetty Reactive HTTPClient 3.0.9 #​37932
• Upgrade to jOOQ 3.18.7 #​37857
• Upgrade to Micrometer 1.11.5 #​37693
• Upgrade to Micrometer Tracing 1.1.6 #​37694
• Upgrade to Neo4j Java Driver 5.13.0 #​37793
• Upgrade to Netty 4.1.100.Final #​37858
• Upgrade to Pooled JMS 3.1.4 #​37764
• Upgrade to R2DBC MySQL 1.0.5 #​37859
• Upgrade to Reactor Bom 2022.0.12 #​37695
• Upgrade to RxJava3 3.1.8 #​37766
• Upgrade to Spring AMQP 3.0.10 #​37696
• Upgrade to Spring Authorization Server 1.1.3 #​37697
• Upgrade to Spring Data Bom 2023.0.5 #​37698
• Upgrade to Spring Framework 6.0.13 #​37816
• Upgrade to Spring Integration 6.1.4 #​37914
• Upgrade to Spring Kafka 3.0.12 #​37797
• Upgrade to Spring LDAP 3.1.2 #​37699
• Upgrade to Spring Retry 2.0.4 #​37700
• Upgrade to Spring Security 6.1.5 #​37701
• Upgrade to Spring Session 3.1.3 #​37702
• Upgrade to Tomcat 10.1.15 #​37902
• Upgrade to UnboundID LDAPSDK 6.0.10 #​37767
• Upgrade to Undertow 2.3.10.Final #​37933

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​JinseongHwang, @​bottlerocketjonny, @​dependabot[bot], @​erichaagdev, @​esperar, @​izeye, @​jbertram, @​jonasfugedi, @​michael-simons, @​nielsbasjes, @​onobc, @​sushant1987, @​ttddyy, and @​vpavic

v3.1.4

Compare Source

⭐ New Features

• Add TWENTY_ONE to JavaVersion enum #​37364

🐞 Bug Fixes

• When SLF4J and Logback are initialized on multiple threads in parallel, startup may fail due to SubstituteLoggerFactory being considered to be a competing LoggerFactory implementation #​37484
• Saml2RelyingPartyAutoConfiguration ignores sign-request when metadata-url is used #​37482
• Leaking file descriptor / socket within DomainSocket tooling #​37460
• Invalid Accept header produces HTTP 500 in WelcomePageHandlerMapping #​37457
• PrivateKeyParser doesn't support ed448, XDH and RSA-PSS keys #​37422
• "languageVersion is final and cannot be changed" when using Gradle 8.3 and configuring the Java toolchain's language version #​37380
• AOT processing fails when a @ConfigurationProperties-annotated record has multiple constructors #​37336
• Spring Boot dependency management not working for ehcache when using Gradle and the dependency management plugin #​37270
• SslStoreBundle implementations aren't immutable #​37222
• Parsing OCI image names that are invalid due to the use of upper case letters is very slow #​37183
• Producing and consuming different tracing propagation formats doesn't work #​37178
• Using https with elliptic curves other than secp384r1 fails #​37169
• In 3.0.x and later, Spring Security cannot be used to secure a WebSocket upgrade request when using Jetty #​37158
• Local baggage is propagated when using Brave and W3C #​37156
• ServiceConnectionContextCustomizer can trigger docker usage during AOT processing #​37097
• java.lang.OutOfMemoryError: Metaspace when repeatedly deploying and undeploying a Spring Boot web application multiple times in Tomcat #​37096
• Property 'logging.threshold.console' not working #​36741

📔 Documentation

• Document that PKCS8 PEM files should be used whenever possible #​37443
• Add reference to Oracle Spring Boot Starters #​37411
• Correct the description of spring.artemis.broker-url #​37309
• Add default value metadata for management.metrics.export.signalfx.published-histogram-type #​37253
• Polish javadoc #​37143

🔨 Dependency Upgrades

• Upgrade to Byte Buddy 1.14.8 #​37419
• Upgrade to Couchbase Client 3.4.10 #​37297
• Upgrade to Groovy 4.0.15 #​37386
• Upgrade to Hibernate 6.2.9.Final #​37465
• Upgrade to Infinispan 14.0.17.Final #​37299
• Upgrade to Jakarta XML Bind 4.0.1 #​37387
• Upgrade to Jetty 11.0.16 #​37300
• Upgrade to Lombok 1.18.30 #​37488
• Upgrade to Micrometer 1.11.4 #​37261
• Upgrade to Micrometer Tracing 1.1.5 #​37262
• Upgrade to Native Build Tools Plugin 0.9.27 #​37420
• Upgrade to Neo4j Java Driver 5.12.0 #​37353
• Upgrade to Pooled JMS 3.1.3 #​37421
• Upgrade to R2DBC MySQL 1.0.3 #​37466
• Upgrade to Reactor Bom 2022.0.11 #​37263
• Upgrade to REST Assured 5.3.2 #​37303
• Upgrade to SLF4J 2.0.9 #​37304
• Upgrade to Spring AMQP 3.0.9 #​37264
• Upgrade to Spring Data Bom 2023.0.4 #​37350
• Upgrade to Spring Framework 6.0.12 #​37265
• Upgrade to Spring GraphQL 1.2.3 #​37266
• Upgrade to Spring Integration 6.1.3 #​37267
• Upgrade to Spring Kafka 3.0.11 #​37305
• Upgrade to Spring Retry 2.0.3 #​37280
• Upgrade to Spring Security 6.1.4 #​37424
• Upgrade to Spring WS 4.0.6 #​37425
• Upgrade to Tomcat 10.1.13 #​37306

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Eng-Fouad, @​dependabot[bot], @​izeye, @​markxnelson, @​mdeinum, and @​quaff

v3.1.3

Compare Source

🐞 Bug Fixes

• Logging config URLs with query parameters are not detected as XML #​37062
• Changed environment variable name APP_PASSWORD to APP_USER_PASSWORD i? #​37044
• BindableRuntimeHintsRegistrar does not generate hints for all nested types of a ConfigurationProperties type #​37022
• server.max-http-request-header-size doesn't affect Netty server with http2 enabled #​37015
• AbstractAotMojo should not add source or target if they are null #​36972
• Exception message in ProcessTestAotMojo has a typo #​36966
• Docker Compose start fails with "unknown flag: --no-color" #​36908
• Script-based database initialization fails with an unhelpful error message when configured with a resource that points to a directory #​36786
• Artemis ConnectionFactory is not configured when CachingConnectionFactory is missing and enabled properties are false #​36772
• DatabaseDriver swallows real exception #​36759
• Defining a custom ElasticsearchTransport causes the auto-configured JsonpMapper to back off #​36700
• Auto-configuration's session repository customization may override that of SessionRepositoryCustomizer beans #​36696
• RabbitMQ smoke test is missing a test #​36612
• Tomcat warns about a missing +/- prefix when enabling multiple protocols through server.ssl.enabled-protocols #​36584
• management.metrics.export.stackdriver properties are incomplete #​36559
• management.wavefront.metrics.export properties are incomplete #​36556
• management.metrics.export.signalfx properties are incomplete #​36553
• JobLauncherApplicationRunner returns a success exit code even when no jobs have been run #​36532
• Remove use of jakarta.annotation.PostConstruct #​36529
• management.metrics.export.atlas properties are incomplete #​36526
• Descriptions of started and ready time metrics contain time units but the unit may change when the metrics are exported #​36516
• Unlike other Spring Boot goals, process-aot and process-test-aot run on Maven reactor projects #​36494
• @ServiceConnection on a @Bean method does not work in sliced tests #​36037

📔 Documentation

• Fix broken links in the documentation #​37071
• Maven plugin docs contain invalid parameter for image building #​37051
• Align javadoc of AbstractFilterRegistrationBean#setDispatcherTypes #​36969
• Improve documentation of spring.cache.type=none #​36962
• Clarify that spring.security.filter properties only apply to servlet-based web apps #​36865
• Improve documentation to describe how @EntityScan and @Enable?Repositories can be used to tune scanning #​36862
• Describe quirks of JUL and Log4j2 in the javadoc of OutputCaptureExtension #​36859
• LogbackLoggingSystem does not report suppressed exception details #​36856
• Clarify table that shows how logging properties are transferred to system properties #​36853
• Review Google AppEngine documentation #​36850
• Rework Working with NoSQL Technologies to clarify which stores are supported by Spring Data #​36813
• Clarify how nested directories are treated for configtree with wildcards #​36810
• Clarify the effect of using @EnableWebMvc #​36797
• Document defaults for spring.mvc.format.* and spring.webflux.format.* properties #​36793
• Documentation describes how to opt in to using the path pattern parser but it's now the default #​36789
• Document that scripts for database initialization are optional by default and how they can be made mandatory #​36783
• Document @DataR2dbcTest support #​36756
• @since is missing from javadoc of values added to JavaVersion since its introduction #​36735
• Update Paketo builder references in documentation #​36690
• Document how to use Docker Compose integration when running tests #​36636
• Update RestTemplateBuilder#defaultHeader javadoc to reference correct client-side HTTP request class #​36630
• Document that server.forward-headers-strategy property defaults to native when running on Kubernetes #​36581
• Documentation of spring.data.redis.url incorrectly states that it does not override spring.data.redis.user #​36492

🔨 Dependency Upgrades

• Upgrade to AspectJ 1.9.20 #​37003
• Upgrade to Byte Buddy 1.14.6 #​36994
• Upgrade to Caffeine 3.1.8 #​36926
• Upgrade to Couchbase Client 3.4.8 #​36979
• Upgrade to Dependency Management Plugin 1.1.3 #​36927
• Upgrade to Groovy 4.0.14 #​37057
• Upgrade to Hibernate 6.2.7.Final #​36928
• Upgrade to Infinispan 14.0.14.Final #​36995
• Upgrade to Jersey 3.1.3 #​36930
• Upgrade to jOOQ 3.18.6 #​36931
• Upgrade to Lettuce 6.2.6.RELEASE #​37004
• Upgrade to Logback 1.4.11 #​36932
• Upgrade to Micrometer 1.11.3 #​36839
• Upgrade to Micrometer Tracing 1.1.4 #​36840
• Upgrade to Native Build Tools Plugin 0.9.24 #​36933
• Upgrade to Neo4j Java Driver 5.11.0 #​36980
• Upgrade to Netty 4.1.97.Final #​37088
• Upgrade to Pooled JMS 3.1.1 #​36935
• Upgrade to R2DBC Pool 1.0.1.RELEASE #​36936
• Upgrade to R2DBC Proxy 1.1.2.RELEASE #​36672
• Upgrade to Reactor Bom 2022.0.10 #​36841
• Upgrade to RxJava3 3.1.7 #​37089
• Upgrade to Spring AMQP 3.0.8 #​36842
• Upgrade to Spring Authorization Server 1.1.2 #​36843
• Upgrade to Spring Batch 5.0.3 #​36844
• Upgrade to Spring Data Bom 2023.0.3 #​36845
• Upgrade to Spring Kafka 3.0.10 #​36846
• Upgrade to Spring LDAP 3.1.1 #​36847
• Upgrade to Spring Security 6.1.3 #​36848
• Upgrade to Spring Session 3.1.2 #​36849
• Upgrade to Thymeleaf 3.1.2.RELEASE #​36937
• Upgrade to Thymeleaf Extras SpringSecurity 3.1.2.RELEASE #​36938
• Upgrade to Tomcat 10.1.12 #​36978
• Upgrade to Undertow 2.3.8.Final #​37031

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​MahatmaFatalError, @​NersesAM, @​OnSuorce, @​chicobento, @​dependabot[bot], @​dreis2211, @​eddumelendez, @​elevne, @​fzyzcjy, @​itsAkshayDubey, @​izeye, @​joesteel2010, @​jongwooo, @​ls-urs-keller, @​michael-simons, @​msobeck, @​normandra, @​omaryaya, @​quaff, @​rob-valor, @​spa-abaudat, and @​vpavic

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

Test Results

5 tests   4 ✔️  7s ⏱️
3 suites  0 💤
3 files    1 ❌

For more details on these failures, see this check.

Results for commit adb39ef.

♻️ This comment has been updated with latest results.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.