spring-projects / spring-security-samples

1.46k stars 711 forks source link

Bump org.springframework:spring-framework-bom from 6.0.14 to 6.0.15 #171

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 11 months ago

Bumps org.springframework:spring-framework-bom from 6.0.14 to 6.0.15.

Release notes

Sourced from org.springframework:spring-framework-bom's releases.

v6.0.15

:star: New Features

  • Skip buffer allocation in StreamUtils.copy(String) #31631

:lady_beetle: Bug Fixes

  • <replaced-method /> unnecessarily requires explicit arg-type since 6.0 #31828
  • MergedAnnotations finds duplicate annotations on method in multi-level interface hierarchy #31824
  • Fix condition for "Too many elements" in MimeTypeUtils.sortBySpecificity() #31773
  • Spring unable to decode aggregated JSON content #31772
  • Multipart messages with empty parts are not correctly parsed in WebFlux #31766
  • PathEditor cannot handle absolute Windows paths with forward slashes #31727
  • TraceId is missing in WebFlux controller handlers #31716
  • Wrong observation status tag when a Not Found in a webflux application #31715
  • Fail to register MBean with bean name containing invalid character #31708
  • Include Hibernate's Query.scroll() in SharedEntityManagerCreator's queryTerminatingMethods set #31683
  • TypeDescriptor does not check generics in equals method (for ConversionService caching) #31673
  • SpEL expression on a reloadable type can no longer be resolved #31670
  • Slow SpEL performance due to method sorting in ReflectiveMethodResolver #31664
  • Jackson encoder releases resources in wrong order #31656
  • Current Observation.Context missing from WebClient request #31646
  • WebSocketMessageBrokerStats has null stats for stompSubProtocolHandler since 5.3.2 #31641
  • <jee:local-slsb> no longer works with a business-interface attribute #31630
  • GeneratedFiles#addSourceFile should not allow to add a source in the default package #31629
  • PathResourceResolver.getResource() does not log warning if Resource#getURL() throws exception #31624

:notebook_with_decorative_cover: Documentation

  • Document explicit @ModelAttribute is required for reflection hints inference #31767
  • Documentation needs to be updated with instructions for STOMP Client #31678
  • Improve STOMP WebSocket documentation for input message buffer size #31654

:hammer: Dependency Upgrades

  • Upgrade to Reactor 2022.0.14 #31815
Commits
  • f32e749 Release v6.0.15
  • ccaecab Polishing
  • 67e0310 Introduce test for XML replaced-method element without explicit arg-type
  • 76bc9cf Prepare method overrides when bean class gets resolved
  • db52c77 Minor updates in HandlerMappingIntrospector
  • 1e742aa Scan annotations on method in interface hierarchy only once
  • 20dd585 Polish MergedAnnotation tests
  • 707eb70 Polishing
  • 2c97996 Upgrade to Reactor 2022.0.14
  • 3a068b8 Update link to stompjs library
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 10 months ago

Superseded by #186.