Merge branch '2.4.x'

Closes spring-projectsgh-24607

spring-boot-project/spring-boot-docs/src/docs/asciidoc/appendix-executable-jar-format.adoc

@@ -90,8 +90,8 @@ Any dependencies that are required when running embedded but are not required wh
 [[executable-jar-war-index-files]]
 === Index Files
 Spring Boot Loader-compatible jar and war archives can include additional index files under the `BOOT-INF/` directory.
-A `classpath.idx` file can be provided for both jars and wars, it provides the ordering that jars should be added to the classpath.
-The `layers.idx` file can be used only for jars, it allows a jar to be split into logical layers for Docker/OCI image creation.
+A `classpath.idx` file can be provided for both jars and wars, and it provides the ordering that jars should be added to the classpath.
+The `layers.idx` file can be used only for jars, and it allows a jar to be split into logical layers for Docker/OCI image creation.
 
 Index files follow a YAML compatible syntax so that they can be easily parsed by third-party tools.
 These files, however, are _not_ parsed internally as YAML and they must be written in exactly the formats described below in order to be used.

spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto.adoc

@@ -2439,10 +2439,10 @@ To configure Spring Security to require a secure channel for all (or some) reque
 [source,java,indent=0,subs="verbatim,quotes,attributes"]
 ----
 	@Bean
-    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-        // Customize the application security
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+		// Customize the application security
 		http.requiresChannel().anyRequest().requiresSecure();
-        return http.build();
+		return http.build();
 	}
 ----
 

spring-boot-project/spring-boot-docs/src/docs/asciidoc/production-ready-features.adoc

@@ -359,12 +359,12 @@ A typical Spring Security configuration might look something like the following
 
 [source,java,indent=0]
 ----
-    @Bean
-    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-        http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
-                requests.anyRequest().hasRole("ENDPOINT_ADMIN"));
-        http.httpBasic();
-        return http.build();
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+		http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
+			requests.anyRequest().hasRole("ENDPOINT_ADMIN"));
+		http.httpBasic();
+		return http.build();
 	}
 ----
 
@@ -388,12 +388,12 @@ Additionally, if Spring Security is present, you would need to add custom securi
 
 [source,java,indent=0]
 ----
-    @Bean
-    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-        http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+		http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
 				requests.anyRequest().permitAll());
-        return http.build();
-    }
+		return http.build();
+	}
 ----
 
 NOTE: In both the examples above, the configuration applies only to the actuator endpoints.

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/context/config/ProfilesTests.java

@@ -360,7 +360,7 @@ void isAcceptedWhenNoActiveAndDefaultWithGroupsContainsProfileReturnsTrue() {
 	}
 
 	@Test
-	void simpleRecursiveReferenceInProfileGroupThrowsException() {
+	void simpleRecursiveReferenceInProfileGroupIgnoresDuplicates() {
 		MockEnvironment environment = new MockEnvironment();
 		environment.setProperty("spring.profiles.active", "a,b,c");
 		environment.setProperty("spring.profiles.group.a", "a,e,f");

spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator-custom-security/src/test/java/smoketest/actuator/customsecurity/CorsSampleActuatorApplicationTests.java

@@ -66,9 +66,9 @@ void endpointShouldReturnUnauthorized() {
 
 	@Test
 	void preflightRequestToEndpointShouldReturnOk() throws Exception {
-		RequestEntity<?> healthRequest = RequestEntity.options(new URI("/actuator/env"))
+		RequestEntity<?> envRequest = RequestEntity.options(new URI("/actuator/env"))
 				.header("Origin", "http://localhost:8080").header("Access-Control-Request-Method", "GET").build();
-		ResponseEntity<?> exchange = this.testRestTemplate.exchange(healthRequest, Map.class);
+		ResponseEntity<?> exchange = this.testRestTemplate.exchange(envRequest, Map.class);
 		assertThat(exchange.getStatusCode()).isEqualTo(HttpStatus.OK);
 	}
 

spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator/src/test/java/smoketest/actuator/CorsSampleActuatorApplicationTests.java

@@ -66,9 +66,9 @@ void endpointShouldReturnUnauthorized() {
 
 	@Test
 	void preflightRequestToEndpointShouldReturnOk() throws Exception {
-		RequestEntity<?> healthRequest = RequestEntity.options(new URI("/actuator/env"))
+		RequestEntity<?> envRequest = RequestEntity.options(new URI("/actuator/env"))
 				.header("Origin", "http://localhost:8080").header("Access-Control-Request-Method", "GET").build();
-		ResponseEntity<?> exchange = this.testRestTemplate.exchange(healthRequest, Map.class);
+		ResponseEntity<?> exchange = this.testRestTemplate.exchange(envRequest, Map.class);
 		assertThat(exchange.getStatusCode()).isEqualTo(HttpStatus.OK);
 	}