Prior to this commit, default error responses included the message
from a handled exception. When the exception was a BindException, the
error responses could also include an errors attribute containing the
details of the binding failure. These details could leak information
about the application.
This commit removes the exception message and binding errors detail
from error responses by default, and introduces a
`server.error.include-details` property that can be used to cause
these details to be included in the response.
Fixes gh-20505
Rename the SAML `singleSignOn` nested property to `singleSignOn` so
that we don't get problems when using uppercase environment variable
names.
See gh-20584
This commit adds a section to the reference guide on how to initialize
a database using R2DBC. 2 smoke tests are also added to validate this
behaviour with Flyway and Liquibase.
Closes gh-20742
The upgrade to the Couchbase SDK v3 changed how errors are reported
when the cluster is not available. This commit updates the check to
look for the new exception in the hope a more solid check can be found
shortly.
This commit upgrades to the Couchbase SDK v3 which brings the following
breaking changes:
* Bootstrap hosts have been replaced by a connection string and the
authentication is now mandatory.
* A `Bucket` is no longer auto-configured. The
`spring.couchbase.bucket.*` properties have been removed
* `ClusterInfo` no longer exists and has been replaced by a dedicated
API on `Cluster`.
* `CouchbaseEnvironment` no longer exist in favour of
`ClusterEnvironment`, the customizer has been renamed accordingly.
* The bootstrap-related properties have been removed. Users requiring
custom ports should supply the seed nodes and initialize a Cluster
themselves.
* The endpoints-related configuration has been consolidated in a
single IO configuration.
The Spring Data Couchbase provides an integration with the new SDK. This
leads to the following changes:
* A convenient `CouchbaseClientFactory` is auto-configured.
* Repositories are configured against a bucket and a scope. Those can
be set via configuration in `spring.data.couchbase.*`.
* The default consistency property has been removed in favour of a more
flexible annotation on the repository query methods instead. You can now
specify different query consistency on a per method basis.
* The `CacheManager` implementation is provided, as do other stores for
consistency so a dependency on `couchbase-spring-cache` is no longer
required.
See gh-19893
Co-authored-by: Michael Nitschinger <michael@nitschinger.at>
Unfortunately, while redundant for new applications, removing the
leading slash adversely affected existing application upon upgrades as
it caused Liquibase to re-apply every change log.
Closes gh-20177
Update all dependencies declarations to use the form `scope(reference)`
rather than `scope reference`.
Prior to this commit we declared dependencies without parentheses unless
we were forced to add them due to an `exclude`.
Replace Gradle single quote strings with the double quote form
whenever possible. The change helps to being consistency to the
dependencies section where mostly single quotes were used, but
occasionally double quotes were required due to `${}` references.
Previously, we were adding dependencies to Ant's ClassLoader within
Gradle. It is suspected that this was causing sporadic loader
contraint violations as types that Gradle itself uses (from Commons
Compress) were then available from two different ClassLoaders.
This commit reworks the Ant smoke test to use JavaExec and Ant's
launcher to run the build. This allows us to make the necessary
dependencies available to Ant in an isolated manner. The javac
invocation within Ant is now forked to allow it to find the tools jar
even when the build itself is running on a JRE.
Closes gh-19839
This paves the way for publishing Gradle module metadata once the
problem caused by snapshot versions and our two-step publication
process has been addressed.
See gh-19609
This reverts commit b34a311d02 as,
having disabled the publishing of Gradle's module metadata (4f75ab5),
the changes are no longer needed.
See gh-19609
Previously, enforcedPlatform dependencies were using to pull in the
constraints defined in spring-boot-dependencies and
spring-boot-parent and applied them strictly so that the constrained
version had to be used. This worked as intended in Spring Boot's own
build but incorrectly enforced those same strict version requirements
on external consumers of Spring Boot's modules.
This commit reworks how Spring Boot defines its internal dependency
management so that platform dependencies are exposed to external
consumers while enforced platform dependencies are using internally.
See gh-19609
This commit removes the validation starter from the web and
webflux starters - we've reconsidered that choice since many were
not using this feature as part of their default web experience.
Thit commit also changes the default EL implementation for the
Jakarta implementation, aligning all servers on it and simplifying
dependency management (especially exclusions that were required
previously).
Closes gh-19550
If the bean definition type contains a placeholder value, beanFactory.getType
can throw a CannotLoadBeanClassException. We can ignore this exception while
validating the bean definitions for constructor binding beans.
Fixes gh-19207
Phillip Webb
Stephane Nicoll
Scott Frederick
Madhura Bhave
Andy Wilkinson
dreis2211
Brian Clozel