I use Spring Boot 2.0.4.RELEASE with Flyway 5.1.4. When starting my Spring Boot application I get the warning Flyway.setCallbacks(FlywayCallback) has been deprecated and will be removed in Flyway 6.0. Use Flyway.setCallbacks(Callback) instead.
This seems to be caused by Spring Boot as I don't configure any callbacks myself. Is there any way to disable this warning or prevent its root cause?
The problem is occurring because you are using Flyway 5.1 with Spring Boot 2.0. Spring Boot 2.0 compiles against, and provides dependency management for, Flyway 5.0 where the setCallbacks(FlywayCallback[]) has not been deprecated and does not generate a warning when called.
If you want to continue using Boot's auto-configuration then, at the time of writing, you have a couple of options:
Drop back to Flyway 5.0.x by remove your override of Flyway's version and allowing Spring Boot's dependency management to control the version.
Customise your logging configuration so that the warning isn't logged.
It should be possible to improve the situation in Spring Boot 2.0.x. Currently, setCallbacks(FlywayCallback[]) is called even when the array is empty. That's benign with Flyway 5.0, but unnecessarily generates the warning you are seeing with 5.1. This issue will address that.
Related
Created a new Spring Initializer project in IntelliJ using Spring Boot version 3.0.2.
Included Spring Web and Spring Boot Actuator.
Did the same using Spring Boot version 2.7.8.
Both projects have the following in application.properties
management.endpoints.web.exposure.include=info
management.info.build.enabled=true
spring.jackson.serialization.indent-output=true
When requesting /actuator/info for version 3.0.2 project, the JSON is not indented or pretty printed.
The same request for version 2.7.8 project returns pretty printed and indented JSON.
Everything is left default, no code additions, config changes. etc. Just plain vanilla out of the box project.
Is this a bug in Spring Boot version 3?
Expected the JSON response to be pretty printed and indented as per the Spring documentation for the Application Properties settings.
This change has been introduced in Spring Boot 3 on purpose: changing a JSON configuration in your main application should not change the JSON format used by actuator, as it could confuse clients relying on the format to be the same for all Spring Boot applications.
See the related issuue and also the dedicated section in the migration guide. You can revert to the previous behavior by setting the management.endpoints.jackson.isolated-object-mapper=false configuration property.
For our spring boot project , We are using customized spring boot library and it has been upgraded now.
But during upgrade we have kept older version of hibernate core 5.3.7.Final to support namedNativeQuery functionality.
And this version internally using older vulnerable version of log4j.
However as part of security , the overall log4j version is upgraded to latest and we can see only log4j-2.17.1 when we run the mvn dendency:list.
Is this sufficient to handle the log4j vulnarability ?
Thanks in advance.
Hibernate is not affected:
Hibernate projects are not affected by the vulnerabilities behind
CVE-2021-45046 and CVE-2021-44228: none of the Hibernate projects has
a runtime dependency on Log4j core.
Source: https://in.relation.to/2021/12/16/log4j-cve/
After Anyalysis and stack overflow help come to know that Hibernate core 5.3.7.Final is not vulnerable in spring boot project for log4j vulnerability
I need to disable spring-security in my integration test. I'm using Spring boot 2.2.0 and in this version, I didn't find some methods to do it.
#EnableAutoConfiguration(exclude = {SecurityAutoConfiguration.class, SecurityFilterAutoConfiguration.class}) // not working
#EnableAutoConfiguration(exclude = { SecurityAutoConfiguration.class, ManagementSecurityAutoConfiguration.class }) // not working too.
how can I do it?
You and I must have been banging our heads against the same thing at the same time it seems.
I was able to make #AutoConfigureMockMvc(secure=false) do exactly what I wanted--disable all security for my unit tests. However, it was immediately marked deprecated in my IDE because I was using Spring Boot 2.1.6. I don't like using deprecated things so I tried and tried to get the exclude attribute to work, but it never did.
I was about to give up on it and suffer with the deprecation warning because at least my unit tests worked with it.
On a whim, I tried upgrading Spring Boot in my project from 2.1.6 to 2.2.2. To my horror, the secure attribute was no longer deprecated--it was removed altogether! I gave the unit test a spin with the attribute gone, but with the exclude attribute populated exactly as you show in your question and it worked!
TL;DR? Upgrade to Spring Boot 2.2.2
you could play this game via profile
#ActiveProfiles(value = "IntegrationTest")
public class myTest {
In Spring Boot, for multipart uploads, I see many of the tutorial sites suggests to have one of the below properties:
spring.http.multipart.enabled=false
or
spring.servlet.multipart.enabled=true
Can someone explain why these settings and their use cases? Especially if I set the property spring.http.multipart.enabled=false , then why spring.servlet.multipart.enabled=true
I tried searching through Stack Overflow, but did not find any relevant posts for this one.
spring.http.multipart.enabled has been replaced with spring.servlet.multipart.enabled
If you're using Spring Boot 2.0.0 or later you should use spring.servlet.multipart.enabled
See also:
additional-spring-configuration-metadata.json
Spring Boot Reference of 1.5.19.RELEASE version (the Common application properties section lists spring.http.multipart.enabled).
Spring Boot reference of 2.0.0.RELEASE version (replaced with spring.servlet.multipart.enabled)
Upgrading from an Earlier Version of Spring Boot
MultipartProperties (1.5.19.RELEASE)
MultipartProperties (2.0.0.RELEASE)
I am going to create simple rest service using spring 3 and hibernate 3. There is no chance for me to use higher version of spring due to legacy business component that is based on hibernate 3.
For such purposes I've tried to use SpringApplication.run, bet recieved following exception:
Exception in thread "main" java.lang.IllegalAccessError: tried to access method org.springframework.core.io.support.SpringFactoriesLoader.loadFactoryNames
Is it possible to use spring-boot-maven-plugin with old spring version? Would be good to know any alternative ways in this direction.
Spring Boot (and all the related tools, e.g the maven plugin) expect Spring v4 and above. Please see the official documentation here.
By default, Spring Boot 1.3.2.BUILD-SNAPSHOT requires Java 7 and Spring Framework 4.1.5 or above.