Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.5.4

:lady_beetle: Bug Fixes

• LambdaSafe.withFilter is not public #46474
• Executable JAR application class encounters performance issues when used with Palo Alto Network Cortex XDR agent #46402
• Runtime dependencies are missing from aotCompileClasspath and aotTestCompileClasspath when using Kotlin #46398
• Additional fields for structured JSON logging incompatible with nested ecs logging in 3.5.x #46351
• Change in DefaultErrorAttributes alters the shape of API validation error responses #46260
• jdbc.connections.active and jdbc.connections.idle metrics are not available when using Hikari in a native image #46225
• developmentOnly and testAndDevelopmentOnly dependencies may prevent implementation dependencies from being included in the uber-jar #46205
• Hash calculation for uber archive entries that require unpacking is inefficient #46203
• Permissions are applied inconsistently when building uber archives with Gradle #46194
• Environment variables using legacy dash format can no longer be bound #46184
• EmbeddedWebServerFactoryCustomizerAutoConfiguration fails when undertow-core is on the classpath and undertow-servlet is not #46180
• Executable JAR application class encounters performance issues #46177
• Executable JAR application class encounters performance issues #46176
• Setting spring.reactor.context-propagation has no effect when lazy initialization is enabled #46174
• Setting spring.netty.leak-detection has no effect when lazy initialization is enabled #46170
• SslInfo does not use its Clock when checking certificate validity #46011

:notebook_with_decorative_cover: Documentation

• Fix description of spring.batch.job.enabled #46247
• Fix broken Kotlin examples in reference documentation #46168
• Add Logback Access Reactor Netty to community starters #46060

:hammer: Dependency Upgrades

• Upgrade to ActiveMQ 6.1.7 #46373
• Upgrade to Caffeine 3.2.2 #46432
• Upgrade to Couchbase Client 3.8.2 #46460
• Upgrade to GraphQL Java 24.1 #46395
• Upgrade to Groovy 4.0.28 #46516
• Upgrade to Hibernate 6.6.22.Final #46492
• Upgrade to HikariCP 6.3.1 #46493
• Upgrade to Infinispan 15.2.5.Final #46461
• Upgrade to Jackson Bom 2.19.2 #46494
• Upgrade to Jetty 12.0.23 #46375
• Upgrade to MariaDB 3.5.4 #46376
• Upgrade to Maven Invoker Plugin 3.9.1 #46377
• Upgrade to Micrometer 1.15.2 #46280
• Upgrade to Micrometer Tracing 1.5.2 #46281
• Upgrade to MSSQL JDBC 12.10.1.jre11 #46378
• Upgrade to MySQL 9.3.0 #46371
• Upgrade to Neo4j Java Driver 5.28.9 #46434
• Upgrade to Netty 4.1.123.Final #46435
• Upgrade to Prometheus Client 1.3.10 #46379
• Upgrade to Reactor Bom 2024.0.8 #46282
• Upgrade to RxJava3 3.1.11 #46380
• Upgrade to Spring AMQP 3.2.6 #46283

... (truncated)

• 925f9bc Release v3.5.4
• d82fb35 Merge branch '3.4.x' into 3.5.x
• 4b6064f Next development version (v3.4.9-SNAPSHOT)
• a39c8f0 Merge branch '3.4.x' into 3.5.x
• 99d53de Upgrade to Spring Integration 6.5.1
• 1b4aad5 Upgrade to Groovy 4.0.28
• 3f0f79b Upgrade to Spring Integration 6.4.6
• ff8443c Upgrade to Groovy 4.0.28
• aed8550 Merge branch '3.4.x' into 3.5.x
• 5406976 Apply commercial input consistently
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)