In 1.4.0 we used Elasticsearch 2.3.5 and Jackson 2.8. This
combination was incompatible in some circumstances due to a change
in Jackson (gh-6508). With Elasticsearch 2.4 yet to be released at the
time, the only way to restore compatibility was to downgrade Jackson.
With the release of Elasticsearch 2.4 we have another option: revert
the Jackson downgrade and upgrade Elasticsearch instead. While we
normally wouldn't consider upgrading to a new minor version of a
dependency in a maintenance release we have to do something to restore
compatibility. The alternative is to downgrade Jackson but that will
affect more people (Jackson is more widely used than Elasticsearch)
and will lose some functionality that was new in Jackson 2.8 that
people may already be relying upon.
This commit restores the use of Jackson 2.8 – including the
2.8-specific dependency management – and upgrades to Elasticsearch 2.4
Closes gh-6868
As part of the upgrade, Tomcat now requires a keystore to contain
an X.509 certificate. The two stores used in our tests have been
updated by exporting their private keys and adding them as
certificates. For example:
$ keytool -exportcert -keystore test.jks -alias tomcat > exported
$ keytool -importcert -keystore test.jks -file exported
Closes gh-6703
Closes gh-6657
Previously, Spring Data Cassandra excluded Netty from the Cassandra
Driver's dependencies. This was an error that we replicated in
our dependency management. The exclusion has been removed from
Spring Data Cassandra's pom. This commit makes the equivalent update
to our dependency management.
Fixes gh-6616
Closes gh-6721
We've downgraded to 2.7.x so we need to remove the dependency
management for jackson-datatype-jaxrs which is new in Jackson 2.8
Closes gh-6508
See gh-6369
This commit downgrades the maven failsafe plugin version. As of 2.19, the
generated jar is used for integration tests rather than the
`target/classes` directory. The fat jar in 1.4 has changed to move
classes to `BOOT-INF/classes` and therefore these are not found anymore.
There isn't a way to configure the jar file to use in the plugin. Users
willing to use the latest version should configure a `classifier` for the
repackaged jar so that the original jar is used by failsafe.
Closes gh-6254
The upgrade to Hibernate 5.2.0.Final has provide to be too
problematic to live with. It requires Java 8, is incompatible with
a number of other projects in the Hibernate ecosystem, and it's
unclear for how long it will be maintained. We'd previously used
Hibernate 5.1.0.Final but its maintenance is also unclear with
Hibernate 5.1.1.Final being more than 3 months overdue.
This commit drops back to Hibernate 5.0.9.Final. This has a few
advantages:
- It's Java 7 compatible
- It's had some time to mature and should be reasonably free of
regressions for those moving from 4.3.x
- It's used in both Wildfly and JBoss EAP so there's a fair chance
that it will continue to be maintained.
Closes gh-6198
This commit changes the default version of Tomcat to 8.5.3 while
also retaining support for Tomcat 8.0 and 7.0. The main difference
in 8.5 is that the ServerSocketFactory abstraction that allowed the
TrustStore and KeyStore to be configured programatically no longer
exists. This logic has been replaced with the use of a custom URL
protocol (springbootssl) that provides access to the key store and
trust store of an SslStoreProvider. In addition to working with 8.5,
this approach has the advantage of also working with 8.0 and 7.0.
Closes gh-6164
Jetty 9.3 no longer has a jetty-jsap artifact and dependency
management for it was removed in ff602e6. It was inadvertently
reintroducved in b303b3f. This commit removes it again.
See gh-5290
See gh-5825
This commit adds auto-configuration support for Jest, an HTTP client for
Elasticsearch. If Jest is present, a `JestClient` targeting a local
elasticsearch instance is auto-configured. Several properties from the
`spring.jest.*` namespace allows to tune the client.
Closes gh-6032
Previously, Maven repositories definition was specified in a profile that
is active by default. It means that as soon as any profile is enabled by
the user, said profile is no longer enabled. This has the nasty
consequences of having copy/paste in several places to make sure our own
profiles still have the proper repositories definition.
This commit creates a single "repositories" profile that is always active
unless a given property is explicitely specified. This allows to remove
the duplication and make things more consistent.
Some Gradle-specific repositories were also hard-coded in two modules
without any profile at all, meaning they were polluting the build of
anybody using it. While the impacted modules are gradle specific, that
repository has been shared in the new "repositories" profile as well.
Closes gh-6031
Andy Wilkinson
Stephane Nicoll
Phillip Webb
Vedran Pavic
Eddú Meléndez
Mark Paluch
Raja Dilip Kolli
Spring Buildmaster
Kazuki Shimizu
Artem Bilan
Dave Syer
Jerome Loisel
Vladimir Tsanev