Update dependency org.springframework.boot:spring-boot-starter-data-jpa to v2.4.1 - autoclosed

[mend-for-jackfan.us.kg]

This PR contains the following updates:

Package	Update	Change
org.springframework.boot:spring-boot-starter-data-jpa (source)	patch	2.4.0 -> 2.4.1

By merging this PR, the below issues will be automatically resolved and closed:

Severity	CVSS Score	CVE	GitHub Issue
High	9.8	CVE-2022-22965	#504
High	7.4	CVE-2020-25638	#260
Medium	4.3	CVE-2021-22060	#480
Medium	4.3	CVE-2021-22096	#464

---

Release Notes

spring-projects/spring-boot

v2.4.1

🪲 Bug Fixes

• Wildcard config file locations from the working directory override each other #​24428
• Configuration property binding processes JavaBean methods in a non-deterministic order which may result in variable behavior #​24425
• JPA repositories mode should not be deferred by default #​24401
• @Name support for value object binding fails with Kotlin classes #​24379
• Allow recursive profile group references #​24327
• Correct external application properties load order #​24308
• Wrapper types are not displayed in actuator env endpoint #​24307
• OriginTrackedPropertiesLoader#isNewDocument has wrong visibility #​24268
• Redis health indicator requests more information than it needs resulting in unnecessarily large responses from Redis #​24251
• ErrorAttributeOptions.excluding throws IllegalArgumentException if includes is empty #​24234
• Actuator web endpoints cannot respond with custom HTTP status codes when running on MVC or WebFlux #​24223
• Missing Spring Integration metrics due to the MeterRegistry bean being looked for before it has been defined #​24220
• LocaleResolver (MVC) and LocaleContextResolver (WebFlux) beans will back off if a user provides a bean of the same type and a custom name but Framework will then use its own default #​24209
• DevTools still refers to deprecated keys #​24203
• DataSourceUnwrapper calls Wrapper.isWrapperFor with a class rather than an interface causing Oracle UCP warnings #​24200
• WebFluxTags performs unnecessary Pattern compilation when ignoring trailing slashes #​24194
• elasticsearch-rest-client-sniffer is missing from the dependency management for Elasticsearch's REST client modules #​24186
• No converter is found when binding a non-string property via config tree #​24171
• LoggingSystem calls with Log4J throws NullPointerException #​24163
• Any line that is immediately after a line that contains only a # is lost when reading application properties files #​24158
• Ensure the WebClient to be present before enabling the WebTestClientContextCustomizer #​24152
• ConfigDataResourceNotFoundException incorrectly thrown for valid classpath locations #​24143

📔 Documentation

• Document how to use Devtools without an IDE #​24410
• Add link to appendix from error handling documentation #​24408
• Document how to run unit tests #​24301
• Invalid ErrorAttributesOptions#getInclude Javadoc #​24259
• Fix typo in TomcatWebServer Javadoc #​24245
• Security properties appendix contains spring.session and spring.ldap properties that belong elsewhere #​24196
• Rename "sla" to "slo" in reference documentation #​24162
• Document the granularity for property document imports #​22987

🔨 Dependency Upgrades

• Upgrade to Caffeine 2.8.8 #​24443
• Upgrade to DB2 JDBC 11.5.5.0 #​24383
• Upgrade to Dropwizard Metrics 4.1.16 #​24384
• Upgrade to Groovy 2.5.14 #​24385
• Upgrade to Hibernate 5.4.25.Final #​24386
• Upgrade to HttpCore 4.4.14 #​24387
• Upgrade to Infinispan 11.0.8.Final #​24388
• Upgrade to Jetty 9.4.35.v20201120 #​24389
• Upgrade to jOOQ 3.14.4 #​24390
• Upgrade to Kotlin 1.4.21 #​24391
• Upgrade to Kotlin Coroutines 1.4.2 #​24392
• Upgrade to MariaDB 2.7.1 #​24393
• Upgrade to Micrometer 1.6.2 #​24281
• Upgrade to Mockito 3.6.28 #​24394
• Upgrade to Netty 4.1.55.Final #​24444
• Upgrade to Netty tcNative 2.0.35.Final #​24445
• Upgrade to Nimbus JOSE JWT 9.1.3 #​24395
• Upgrade to Reactor 2020.0.2 #​24275
• Upgrade to Spring AMQP 2.3.2 #​24288
• Upgrade to Spring Batch 4.3.1 #​24291
• Upgrade to Spring Data 2020.0.2 #​24284
• Upgrade to Spring Framework 5.3.2 #​24278
• Upgrade to Spring HATEOAS 1.2.2 #​24285
• Upgrade to Spring Integration 5.4.2 #​24442
• Upgrade to Spring Kafka 2.6.4 #​24294
• Upgrade to Spring Security 5.4.2 #​24297
• Upgrade to SQLite JDBC 3.32.3.3 #​24446
• Upgrade to Tomcat 9.0.41 #​24447
• Upgrade to Undertow 2.2.3.Final #​24397

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

• @​joca-bt
• @​izeye
• @​xJoeWoo
• @​gesellix
• @​dreis2211
• @​stokpop
• @​CubeOfCheese
• @​artembilan
• @​wanderleisouza
• @​JimStockwell
• @​SCORE1387

---

• If you want to rebase/retry this PR, click this checkbox.