Commit 3de25164 inadvertently caused early debug logging from the
ClasspathLoggingApplicationListener. We now set its order relative
to the LoggingApplicationListener.

See gh-2543

server.tomcat.compression has been removed in 00d594dc so the hint for it
is no longer relevant.

When writing a jar, once an entry has been written it will never be
overwritten, i.e. the first write of a given entry will win. Previously,
when repackaging a jar, the existing contents were written followed by
any libraries. This caused a problem when repackaged a WAR file and
a library needed to be unpacked as the existing entry in WEB-INF/lib
would prevent the library with the UNPACK comment from being written.
This was addressed in f761916b by inverting the order so libraries
would take precedence over entries in the source jar.

It’s now become apparent that this change in the order causes a problem
for users who are obfuscating their code. The obfuscated code exists in
the source jar but is also provided to the repackager in its original
form as a library. When libraries take precedence, this means that the
code in its original form ends up in the repackaged war and the
obfuscation is lost.

This commit updates the repackager to write libraries that require
unpacking first. This allows the UNPACK comment to be written even if
there’s also a source entry for the library. Next, source entries are
written. This allows obfuscated source entries to take precedence over
any unobfuscated library equivalents. Lastly, standard libraries that
do not require unpacking are written into the repackaged archive.

Closes gh-3444

The `spring.metrics.export.redis.aggregate-key-pattern` is no longer
defined but was still referenced in the documentation.

The `strategy` group is not detected in the meta-data because the
Strategy inner class is not defined at the "right" level in the
hierarchy.

For now, `@NestedConfigurationProperty` was added to workaround the
issue. Once gh-3454 is solved, we should remove them.

Fix `CacheManagerValidatorPostProcessor` that could lead to early bean
initialization.

Fixes gh-3440

See  gh-3372

Add documentation for server.session.cookie keys

See gh-3240

Add `spring.resources.static-locations` to the reference documentation
appendix.

Fixes gh-3372

Add ApplicationArguments interface which allows SpringApplication.run
arguments to be injected into any bean. The interface provides access
to both the raw String[] arguments and also provides some convenience
methods to access the parsed 'option' and 'non-option' arguments.

A new ApplicationRunner interface has also been added which is
similar to the existing CommandLineRunner.

Fixes gh-1990

Provide additional space between the ConfigFileApplicationListener order
and the LoggingApplicationListener order.

Fixes gh-2543

Add support for the following server properties which can be used to
configure the session:

	server.session.tracking-modes
	server.session.cookie.name
	server.session.cookie.domain
	server.session.cookie.path
	server.session.cookie.comment
	server.session.cookie.http-only
	server.session.cookie.secure
	server.session.cookie.max-age

In addition `server.session-timeout` is now deprecated and has been
replaced with `server.session.timeout`.

Fixes gh-3240

When using Tomcat, Azure automatically configures an environment
variable called LOGGING_CONFIG that configures the
java.util.logging.config.file system property.
LoggingApplicationListener finds this configuration via the Spring
environment (it looks for logging.config) and attempts to use it as the
name of the logging configuration file. Since c3d93f70 this failure
causes the app to fail to start, rather than the previous behaviour of
silently falling back to the default configuration.

This commit updates LoggingApplicationListener to only consider
configuration that is a non-empty string and that does not start with
-Djava.util.logging.config.file=, which is the beginning of the default
configuration on Azure, and is very unlikely to be part of the name of a
logging configuration file.

Closes gh-3366

Closes gh-3264

Unfortunately, we have no other choice to flip the ignoreUnknownFields
attribute of `SecurityProperties` has many different target are now set
for that namespace outside the class. See gh-3445 for a potential way
to improve that.

Closes gh-3327

Fixed gh-3364

Fixes gh-3360

This might just be me but when I read the original javadoc it made me
think that caching worked only if the endpoint is accessed anonymously.

Update DataSourceHealthIndicator to support pattern based matching for
DB2 products. Prior to this commit product identifiers of the form
`DB2/LINUXX8664` were not supported.

Fixes gh-3377

* pr/3435:
  Add flyway and liquibase endpoint documentation
  Add 'flyway' and 'liquibase' actuator endpoints
  Add serialization endpoint tests

See gh-3434

Add `/flyway` and `/liquibase` actuator endpoints to provide details of
any database migrations that have been applied.

Fixes gh-3434
Closes gh-3435

Test basic serialization in Endpoint tests to ensure that JSON
can always be produced.

Ensure that FlywayAutoConfiguration and LiquibaseAutoConfiguration occur
after HibernateJpaAutoConfiguration so that the DependsOnPostProcessor
condition can correctly check for a LocalContainerEntityManagerFactory
bean.

Fixes gh-3437