This commit reverts the upgrade from HTMLUnit 2.11 to 2.23. As of HTMLUnit
2.22, `websocket-client` is no longer provided and triggers the following
issue:
https://github.com/SeleniumHQ/htmlunit-driver/issues/22
See gh-7232
See gh-7895
Most of the config keys defined by the `spring-boot-test-autoconfigure`
module can't be overridden because they are mapped with `@PropertyMapping`
on an annotation. It is confusing that such keys are exposed in content
assistance as using them will have no effect.
This commit removes the annotation processor from the build so that the
`@ConfigurationProperties` beans aren't processed anymore. Instead, manual
metadata is written for the two only keys that are effectively used in
regular configuration.
As a result, the `additional-spring-configuration-metadata` file has been
renamed to `spring-configuration-metadata` since nothing is processing it
anymore.
Closes gh-7887
Update `ManagementWebSecurityAutoConfiguration` to match nested path
for insensitive actuators.
Prior to this commit, when Spring Security was on the classpath
nested paths were considered sensitive (even if the actuator
endpoint was not sensitive). i.e. when setting
`endpoints.env.sensitive=false` `/env` could be accessed without
authentication but `/env/user` could not.
Fixes gh-7868
Closes gh-7881
The default is now SecurityProperties.ACCESS_OVERRIDE_ORDER-1
(instead of 3), and the user can set it with
security.oauth2.resource.filter-order (as opposed to being hard
coded). The filter is provided by Spring OAuth2 so this change is
a BeanPostProcessor to call a setter on that object.
Fixes gh-5072
Upgrade to `hibernate-validator` 5.3.4 and introduce a new
`MessageInterpolatorFactory` that creates a suitable
`MessageInterpolator` (taking into account missing EL dependencies).
Rework `ConfigurationPropertiesBindingPostProcessor` and
`ValidationAutoConfiguration` to make use of the new factory.
Fixes gh-7598
Stephane Nicoll
drumonii
Andy Wilkinson
Michael J. Simons
Kazuki Shimizu
Eddú Meléndez
Phillip Webb
Madhura Bhave
Dave Syer
Vedran Pavic