OWASP / SecurityShepherd

Web and mobile application security training platform
https://owasp.org/www-project-security-shepherd/
GNU General Public License v3.0
1.35k stars 460 forks source link

Bump spring-test from 5.3.23 to 6.0.7 #756

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps spring-test from 5.3.23 to 6.0.7.

Release notes

Sourced from spring-test's releases.

v6.0.7

:star: New Features

  • Improve diagnostics in SpEL for matches operator #30144
  • Improve diagnostics in SpEL for repeated text #30142
  • Increase scope of regex pattern cache for the SpEL matches operator #30140
  • Minor updates in HandlerMappingIntrospector #30127
  • Skip parameter name resolution when not needed in AbstractAutowireCapableBeanFactory #30103
  • Remove extra copy of headers/cookies in WebClient #30092
  • Assert non-null arguments in DefaultServerRequestBuilder methods #30046
  • Jetty 12 support in WebFlux #29575

:lady_beetle: Bug Fixes

  • Gradle task processAot fails when Bean Validation API present but no provider found #30130
  • ContentDisposition::parse does not support Windows paths #30111
  • BindException raised instead of MethodArgumentNotValidException subclass #30100
  • Ensure reactive transaction rollback on commit error #30096
  • CaffeineCacheManager getCache method cause thread block #30066
  • RequestedContentTypeResolver does not ignore quality factor when filtering */* media types #29915
  • @Autowired/@Value does not work on inner bean in native #29803
  • Avoid rollback after a commit failure in TransactionalOperator #27572
  • SpEL: cannot call methods declared in java.lang.Object on a JDK proxy #25316

:notebook_with_decorative_cover: Documentation

  • Add anchor rewrites in the reference documentation #30132
  • Fix minor spacings in webflux docs #30078
  • Add a list of observations produced by Spring Framework #30060

:hammer: Dependency Upgrades

  • Upgrade to Reactor 2022.0.5 #30133

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​EnricSala, @​MrCoffee77, @​abelsromero, @​edyda99, @​liupeng12345, @​srivatsa-cfp, and @​yuzawa-san

v6.0.6

:star: New Features

  • Prefer request hostName and hostPort in ReactorServerHttpRequest #30062
  • Use readNBytes in ByteArrayHttpMessageConverter when contentLength is available #30010
  • Add missing @Nullable annotations to LogMessage.format methods #30006
  • Refine CoroutinesUtils#invokeSuspendingFunction contract #30005
  • @SubscribeMapping method not called when built as native image #30002
  • Provide method with ContextView instead of Context in ServerWebExchangeContextFilter #29691
  • Support @Value for record injection #28774

... (truncated)

Commits
  • da19cb3 Release v6.0.7
  • 202fa5c Polishing and minor refactoring in HandlerMappingIntrospector
  • 8010de8 Improve diagnostics in SpEL for matches operator
  • 5529294 Improve diagnostics in SpEL for repeated text
  • 935c29e Increase scope of regex pattern cache for the SpEL matches operator
  • 4a3518b Polishing
  • dd4a347 Stop printing to System.out in SpEL tests
  • 46bd6ad Mention JAR signing key in SECURITY.md
  • 19384ac Polishing
  • a0358a4 Upgrade to Reactor 2022.0.5 and Netty 4.1.90
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #758.