search

smallrye / smallrye-open-api

SmallRye implementation of Eclipse MicroProfile OpenAPI
Apache License 2.0
113 stars 87 forks source link

Bump org.springframework:spring-webmvc from 5.3.31 to 5.3.32 #1749

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps org.springframework:spring-webmvc from 5.3.31 to 5.3.32.

Release notes

Sourced from org.springframework:spring-webmvc's releases.

v5.3.32

:star: New Features

  • Add CORS support for Private Network Access #31974
  • Avoid early getMostSpecificMethod resolution in CommonAnnotationBeanPostProcessor #31969

:lady_beetle: Bug Fixes

  • Consistent parsing of user information in UriComponentsBuilder #32247
  • QualifierAnnotationAutowireCandidateResolver.checkQualifier does identity checks when comparing arrays used as qualifier fields #32108
  • Guard against multiple body subscriptions in Jetty and JDK reactive responses #32101
  • Static resources caching issues with ShallowEtagHeaderFilter and Jetty caching directives #32051
  • ChannelSendOperator.WriteBarrier race condition in request(long) method leads to response being dropped #32021
  • Spring AOP does not propagate arguments for dynamic prototype-scoped advice #31964
  • MergedAnnotation swallows IllegalAccessException for attribute method #31961
  • CronTrigger hard-codes default ZoneId instead of participating in scheduler-wide Clock setup #31950
  • MergedAnnotations finds duplicate annotations on method in multi-level interface hierarchy #31825
  • PathEditor cannot handle absolute Windows paths with forward slashes #31728
  • Include Hibernate's Query.scroll() in SharedEntityManagerCreator's queryTerminatingMethods set #31684
  • TypeDescriptor does not check generics in equals method (for ConversionService caching) #31674
  • Slow SpEL performance due to method sorting in ReflectiveMethodResolver #31665
  • Jackson encoder releases resources in wrong order #31657
  • WebSocketMessageBrokerStats has null stats for stompSubProtocolHandler since 5.3.2 #31642

:notebook_with_decorative_cover: Documentation

  • Document cron-vs-quartz parsing convention for dayOfWeek part in CronExpression #32131

:hammer: Dependency Upgrades

  • Upgrade to Reactor 2020.0.41 #32276
Commits
  • 1827776 Release v5.3.32
  • 8e3ad4a Upgrade to Reactor 2020.0.41
  • 6f4cc40 Document ResourcePropertiesPersister as only intended for internal use
  • 452973f Consistent Lock field declaration (instead of ReentrantLock field type)
  • 7ec5c99 Update user info pattern
  • 60035b5 Polishing
  • 43ecb0b Eagerly initialize ZERO_NANOS constant
  • 0e5edc4 Upgrade to Checkstyle 10.12.7 and spring-javaformat-checkstyle 0.0.41
  • 70e2e89 Explicit documentation note on cron-vs-quartz parsing convention
  • a2af34f Polishing
  • Additional commits viewable in compare view


Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | org.springframework:spring-webmvc | [>= 6.a, < 7] |

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
sonarcloud[bot] commented 4 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud