SpringBoot CloudFoundryActuatorAutoConfiguration produces a Warning

Hi

We are using spring-boot-actuator-autoconfigure:3.2.4 in a CloudFoundry environment having:
spring.main.cloud-platform=cloud_foundry

During Startup of the application we get the following warning:

 WARN [,,] 22320 --- [           main] o.s.s.c.a.web.builders.WebSecurity       : You are asking Spring Security to ignore Or [Ant [pattern='/cloudfoundryapplication/beans/**'], Ant [pattern='/cloudfoundryapplication/caches/**'], Ant [pattern='/cloudfoundryapplication/health/**'], Ant [pattern='/cloudfoundryapplication/info/**'], Ant [pattern='/cloudfoundryapplication/conditions/**'], Ant [pattern='/cloudfoundryapplication/configprops/**'], Ant [pattern='/cloudfoundryapplication/env/**'], Ant [pattern='/cloudfoundryapplication/loggers/**'], Ant [pattern='/cloudfoundryapplication/heapdump/**'], Ant [pattern='/cloudfoundryapplication/threaddump/**'], Ant [pattern='/cloudfoundryapplication/metrics/**'], Ant [pattern='/cloudfoundryapplication/scheduledtasks/**'], Ant [pattern='/cloudfoundryapplication/mappings/**'], Ant [pattern='/cloudfoundryapplication'], Ant [pattern='/cloudfoundryapplication/']]. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.

It seems that the problem lies in the following class that uses web.ignoring().requestMatchers(...) org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundryActuatorAutoConfiguration#IgnoredCloudFoundryPathsWebSecurityCustomizer

I guess the solution would be as you proposed it yourselves: This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.

Thanks for all the great work.

Comment From: mhalbritter

Duplicates https://github.com/spring-projects/spring-boot/issues/32622.