A side effect is that spring-boot-starter-data-jpa needs
to include an aspectjweaver depdendency. Hope that doesn't
hurt anything else.
[Fixes#56780004]
If the user sets security.basic.enabled=false we should just
back away from the non-management endpoints completely.
Previously the Spring Security filter was still added but with
no authentication, creating complications when unexpected
headers etc. are added by Spring Security.
Refine the loading order of LaunchedURLClassLoader to consider the
root loader before locally bundled classes.
The prevents classes from locally bundled JARs from replacing system
classes.
Issue: #56232870
Update spring-boot-loader to allow `-javaagent` instrumentation when
running from executable jars.
Prior to this commit the `Launcher` skipped the application classloader
and instead used the system classloader as a parent. This was to ensure
that locally packaged classes were always loaded by the classloader
that had access to nested jars. Unfortunately when using the
`-javaagent` option, it is the application classloader that is modified.
The `Launcher` class now uses the application classloader as parent
and `LaunchedURLClassLoader` has been updated to always search local
URLs before delegating to the parent. This is very similar to the way
that most application servers handle the loading of war files.
Issue: #56232870
Provide accurate InputStream.available() results by using the size
attribute of the ZipEntry. This helps improve performance with
CGLib and also fixes issues where libraries expect that a non-zero
result from available() indicates that read() will not return -1.
Update RunMojo to include an @Execute annotation. Allows the use of
`mvn spring-boot:run` without having to compile/package first. Now a
command like `mvn clean spring-boot:run` works.
The phase for @Execute annotation is along the lines of what is used
for the `jetty:run` plugin.
Dave Syer
Phillip Webb
Spring Buildmaster
Biju Kunjummen