The previous wording suggested that customizations always retain
default auto-configuration. Rephrased to indicate that configuration
can be fine-tuned, which more accurately reflects that some builder
methods may override or replace defaults.
See gh-46938
Signed-off-by: Seokjae Lee <seok9211@naver.com>
Prior to this commit, SpringLiquibaseCustomizer had a private modifier,
which breaks Spring AOT.
See gh-46752
Signed-off-by: Dmytro Nosan <dimanosan@gmail.com>
This commits registers LazyInitializationExcludeFilter to exclude
NettyAutoConfiguration from global lazy init.
See gh-46164
Signed-off-by: Dmytro Nosan <dimanosan@gmail.com>
To address CVE-2025-48976 and CVE-2025-48988, Tomcat 10.1.42 has
introduced two new configuration settings – maxPartCount and
maxPartHeaderSize. The default values for these configuration
settings have proven hard to get right and some applications have
had to increase the default limits. To ease their configuration in
Spring Boot, this commit introduces configuration properties for
the new settings:
- server.tomcat.max-part-count (maxPartCount)
- server.tomcat.max-part-header-size (maxPartHeaderSize)
The defaults are aligned with those of Tomcat 10.1.42
(10 and 512 bytes respectively).
Closes gh-45869
This commit updates the conditions in Neo4jReactiveDataAutoConfiguration
so that it gracefully backs off if certain beans are not present, rather
than assuming its sibling Neo4jDataAutoConfiguration has run.
Closes gh-44930
Prior to this commit, certain rules, like BeanPostProcessor,
did not work with external classes. This commit ensures that
ArchRules are executed within a context ClassLoader that includes
all classes from the compile classpath.
See gh-45202
Signed-off-by: Dmytro Nosan <dimanosan@gmail.com>
This commit updates jOOQ's DefaultExceptionTranslatorExecuteListener to
fallback on Spring Framework's default if no dbName is available.
See gh-44954
Signed-off-by: Dennis Melzer <dennis.melzer@de.bosch.com>
Update auto-configured `IntegrationMBeanExporter` to be created from
a static method since it's a post-processor. Relevant injection now
occurs by overriding the `afterSingletonsInstantiated()` method.
Closes gh-45186
Prior to this change, introspection of the auto-configuration could
fail due to insufficient protection against missing classes.
This commit introduces an extra class-level check for Nimbus's
JWKSource which ensures that the auto-configuration backs off if
nimbus-jose-jwt has been excluded. It also introduces an inner-class
for the case where spring-security-oauth2-jose is not on the
classpath. This ensures that the method defining the jwtDecoder bean
does not cause an introspection failure when JwtDecoder is missing.
Closes gh-45177
Stéphane Nicoll
Phillip Webb
Andy Wilkinson
Chanwon-Seo
Seokjae Lee
Dmytro Nosan
Yanming Zhou
Johnny Lim
Sanghyuk Jung
Moritz Halbritter
wonyongg
Tran Ngoc Nhan
Dennis Melzer