google / fhir-gateway

A generic proxy server for applying access-control policies for a FHIR-store.
https://google.github.io/fhir-gateway/
Other
75 stars 29 forks source link

Bump spring.version from 5.3.23 to 6.1.7 #268

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps spring.version from 5.3.23 to 6.1.7. Updates org.springframework:spring-web from 5.3.23 to 6.1.7

Release notes

Sourced from org.springframework:spring-web's releases.

v6.1.7

:star: New Features

  • ResponseEntity is not reliably closed with InputStreamResource #32802
  • Accept ajc-compiled @Aspect classes for Spring AOP proxy usage #32793
  • Failure to process a bean definition ahead-of-time with an instance supplier should provide more contextual information #32775
  • Provide methods to unambiguously send form data with MockMvc #32757
  • Introduce NoOp implementation for ResponseErrorHandler #32750
  • Support varargs invocations in SpEL for varargs array subtype #32704
  • StreamUtils.copyRange overreads source stream in some cases #32695
  • Modify error message when timeout is less than TIMEOUT_DEFAULT #32635
  • Jetty HttpConnections not closed with SSE on Jetty 12.0.7+ when clients close the connection #32629
  • Prevent duplicate subscription ID's in destinationCache of DefaultSubscriptionRegistry #32625
  • When retrieval of a LoadTimeWeaverAware bean fails the resulting exception message may not indicate why it was being created #32470

:lady_beetle: Bug Fixes

  • Do not send Cookie header in reactive JdkClientHttpRequest if no cookies added #32799
  • Inconsistent use of cleaned URLs in PathMatchingResourcePatternResolver #32828
  • DeferredQueryInvocationHandler fails to unwrap QuerySqmImpl class outside of transaction #32766
  • BindingReflectionHintsRegistrar#registerReflectionHints can be invoked with a null type #32753
  • AnnotationConfigWebApplicationContext should propagate ApplicationStartup to BeanFactory #32747
  • Ignore non-String keys in PropertiesPropertySource.getPropertyNames() #32742
  • MergedAnnotations search does not find container for repeatable annotation #32731
  • "multiple subscribers not supported" when using WebClient exchange #32727
  • ConfigurationClassEnhancer should consistently trigger FastClass creation at build-time #32682
  • HttpComponentsClientHttpRequestFactory does not set Content-Length: 0 #32678
  • Wrong proxy generation order during AOT for classes with ScopedProxyMode.TARGET\_CLASS and advisors #32669
  • Unhandled JMS listener exceptions are not propagated #32666
  • beanFactory#getBean with arguments ignore them if an Instance supplier is defined #32657
  • Incorrect AsyncRequestTimeoutException handling in ResponseEntityExceptionHandler #32644
  • Include actual cause's message in various parsing exception messages #32636
  • Configuration class with Bean factory method on an interface generates wrong target with AOT #32609
  • RestClient observations are stopped before ResponseSpec calls #32575
  • MvcUriComponentsBuilder.fromMethodName does not pick the annotated method transparently #32553
  • Deadlock/Stall in ConcurrentWebSocketSessionDecorator with Undertow 2.3.10 #32445
  • RSocket setup payload can cause Netty ByteBuf leak #32424
  • WebFlux temporary file not always deleted with parallel uploads. #31217

:notebook_with_decorative_cover: Documentation

  • Replace RFC 7807 by RFC 9457 in documentation #32806
  • Links to Framework and Servlet Javadoc from Framework's Kotlin API documentation are broken #32797
  • Fix incorrect class reference syntax in Kotlin code sample #32733
  • Improve documentation advising against use of HandlerInterceptor for security #32729
  • Inconsistent behaviour on transactional async method #32709
  • Document that getBean with arguments is not recommended with AOT #32690
  • Provide an example of custom request URL with RestClient in the reference guide #32685
  • Correct documentation on streaming with MockMvcWebTestClient #32687
  • Document limitations of CGLIB proxy class generation in JPMS module setups #32671

... (truncated)

Commits
  • 5d6f2c8 Release v6.1.7
  • 010e8a3 Polishing contribution
  • 78549d4 Fix cookie management in reactive JdkClientHttpRequest
  • e4e6910 Polishing
  • 2270df5 Enforce cleaned URL for root resource from ClassLoader
  • 70886e3 Upgrade to Reactor 2023.0.6
  • e509385 Add InputStreamResource(InputStreamSource) constructor for lambda expressions
  • b7aafda Polishing
  • a89a88d Upgrade to Micrometer 1.12.6
  • c6b6ccd Close ResponseBodyEmitter in case of write errors
  • Additional commits viewable in compare view


Updates org.springframework:spring-test from 5.3.23 to 6.1.7

Release notes

Sourced from org.springframework:spring-test's releases.

v6.1.7

:star: New Features

  • ResponseEntity is not reliably closed with InputStreamResource #32802
  • Accept ajc-compiled @Aspect classes for Spring AOP proxy usage #32793
  • Failure to process a bean definition ahead-of-time with an instance supplier should provide more contextual information #32775
  • Provide methods to unambiguously send form data with MockMvc #32757
  • Introduce NoOp implementation for ResponseErrorHandler #32750
  • Support varargs invocations in SpEL for varargs array subtype #32704
  • StreamUtils.copyRange overreads source stream in some cases #32695
  • Modify error message when timeout is less than TIMEOUT_DEFAULT #32635
  • Jetty HttpConnections not closed with SSE on Jetty 12.0.7+ when clients close the connection #32629
  • Prevent duplicate subscription ID's in destinationCache of DefaultSubscriptionRegistry #32625
  • When retrieval of a LoadTimeWeaverAware bean fails the resulting exception message may not indicate why it was being created #32470

:lady_beetle: Bug Fixes

  • Do not send Cookie header in reactive JdkClientHttpRequest if no cookies added #32799
  • Inconsistent use of cleaned URLs in PathMatchingResourcePatternResolver #32828
  • DeferredQueryInvocationHandler fails to unwrap QuerySqmImpl class outside of transaction #32766
  • BindingReflectionHintsRegistrar#registerReflectionHints can be invoked with a null type #32753
  • AnnotationConfigWebApplicationContext should propagate ApplicationStartup to BeanFactory #32747
  • Ignore non-String keys in PropertiesPropertySource.getPropertyNames() #32742
  • MergedAnnotations search does not find container for repeatable annotation #32731
  • "multiple subscribers not supported" when using WebClient exchange #32727
  • ConfigurationClassEnhancer should consistently trigger FastClass creation at build-time #32682
  • HttpComponentsClientHttpRequestFactory does not set Content-Length: 0 #32678
  • Wrong proxy generation order during AOT for classes with ScopedProxyMode.TARGET\_CLASS and advisors #32669
  • Unhandled JMS listener exceptions are not propagated #32666
  • beanFactory#getBean with arguments ignore them if an Instance supplier is defined #32657
  • Incorrect AsyncRequestTimeoutException handling in ResponseEntityExceptionHandler #32644
  • Include actual cause's message in various parsing exception messages #32636
  • Configuration class with Bean factory method on an interface generates wrong target with AOT #32609
  • RestClient observations are stopped before ResponseSpec calls #32575
  • MvcUriComponentsBuilder.fromMethodName does not pick the annotated method transparently #32553
  • Deadlock/Stall in ConcurrentWebSocketSessionDecorator with Undertow 2.3.10 #32445
  • RSocket setup payload can cause Netty ByteBuf leak #32424
  • WebFlux temporary file not always deleted with parallel uploads. #31217

:notebook_with_decorative_cover: Documentation

  • Replace RFC 7807 by RFC 9457 in documentation #32806
  • Links to Framework and Servlet Javadoc from Framework's Kotlin API documentation are broken #32797
  • Fix incorrect class reference syntax in Kotlin code sample #32733
  • Improve documentation advising against use of HandlerInterceptor for security #32729
  • Inconsistent behaviour on transactional async method #32709
  • Document that getBean with arguments is not recommended with AOT #32690
  • Provide an example of custom request URL with RestClient in the reference guide #32685
  • Correct documentation on streaming with MockMvcWebTestClient #32687
  • Document limitations of CGLIB proxy class generation in JPMS module setups #32671

... (truncated)

Commits
  • 5d6f2c8 Release v6.1.7
  • 010e8a3 Polishing contribution
  • 78549d4 Fix cookie management in reactive JdkClientHttpRequest
  • e4e6910 Polishing
  • 2270df5 Enforce cleaned URL for root resource from ClassLoader
  • 70886e3 Upgrade to Reactor 2023.0.6
  • e509385 Add InputStreamResource(InputStreamSource) constructor for lambda expressions
  • b7aafda Polishing
  • a89a88d Upgrade to Micrometer 1.12.6
  • c6b6ccd Close ResponseBodyEmitter in case of write errors
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 6 months ago

Superseded by #273.