Closes gh-10294

This commit also removes `security.basic.enabled` as this property is
no longer required.

Closes gh-10296

* pr/10282:
  Polish

Closes gh-10282

Closes gh-10263

See gh-10263

See gh-10263

See gh-10263

See gh-10263

This commit only provides dependency management for JUnit Jupiter,
excluding experimental and migration support artifacts. It also removes
dependency management for the platform as it is used by IDEs and build
tools). The `junit-platform.version` is still available though to allow
users to configure their plugin with a supported placeholder for the
version.

Also, given that `junit-vintage-engine`'s version does not match the
JUnit 4 version it supports, we will not add dependency management for
it.

Closes gh-10240

Release allocated `DataBuffer` if an error happens during template
processing. Otherwise, this buffer will be automatically released when
written to the exchange.

Closes gh-10126

Closes gh-10125

This commit removes the Servlet root context from the default values for
the `spring.resources.static-locations` configuration property. Servlet
and non-Servlet applications are sharing this property.

The Servlet root context is automatically configured as a resource
location for Spring MVC based applications.

Closes gh-9240

Closes gh-10259

Closes gh-10258

This commit makes the "spring.session.store-type" property optional,
adding an additional check when it is not present that validates only
one supported implementation is available on the classpath.

As Spring Session has been modularized, the chance that multiple
implementations are available on the classpath are lower. When only
one implementation is present, we attempt to auto-configure it. When
more than one implementation is present and no session store is
configured, a NonUniqueSessionRepositoryException is thrown.

Closes gh-9863

* pr/10276:
  Use Java 8 Javadoc URL

Closes gh-10276

Closes gh-10161

This commit introduces a DefaultEnablement enum that replaces the
"enabledByDefault" boolean flag of Endpoint. This allows to better
control what indicates the default enablement of an endpoint.

With DefaultEnablement#ENABLED, the endpoint is enabled unless an
endpoint specific property says otherwise. With DefaultEnabled#DISABLED,
the endpoint is disabled unless an endpoint specific property says
otherwise. DefaultEnablement#NEUTRAL provides a dedicated option to
indicate that we should resort to the default settings in absence of
a specific property.

See gh-10161

Closes gh-9538

Closes gh-10267

Closes gh-10266

Closes gh-10265

Update the security request matchers so that a bean is no longer needed
when the matcher is used. Matchers can now be build by starting from
the `EndpointRequest` or `StaticResourceRequest` classes. For example:

http.authorizeRequests()
  .requestMatchers(EndpointRequest.to("status", "info")).permitAll()
  .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR")
  .requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()

Closes gh-7958

Restructure actuator packages to improve structure. The following
changes have been made:

 - Separate actuator and actuator auto-configuration into different
   modules.
 - Move endpoint code into `spring-boot-actuator`.
 - Move `Endpoint` implementations from a single package into
   technology specific packages.
 - Move `HealthIndicator` implementations from a single package into
   technology specific packages.
 - As much as possible attempt to mirror the `spring-boot` package
   structure and class naming in `spring-boot-actuator` and
   `spring-boot-actuator-autoconfigure`.
 - Move `DataSourceBuilder` and DataSource meta-data support from
   `spring-boot-actuator` to `spring-boot`.

Fixes gh-10261