spring-projects / spring-security-samples

1.45k stars 703 forks source link

Bump org.springframework:spring-framework-bom from 6.1.5 to 6.1.6 #237

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 6 months ago

Bumps org.springframework:spring-framework-bom from 6.1.5 to 6.1.6.

Release notes

Sourced from org.springframework:spring-framework-bom's releases.

v6.1.6

:star: New Features

  • Log column type for limited support message in JdbcUtils.getResultSetValue #32601
  • Consistent support for generic FactoryBean type matching when using getBeanProvider #32590
  • @RequestParam binding does not support params with an empty array "[]" suffix #32577
  • Maximum Request Size handling support for Undertow in StandardMultipartHttpServletRequest #32549
  • Introduce common support for is-null-safe checks in SpEL nodes #32516
  • Avoid additional unnecessary Annotation array cloning in TypeDescriptor #32476
  • Avoid cloning empty Annotation array in TypeDescriptor #32405

:lady_beetle: Bug Fixes

  • Refine scheme, userinfo, host and port parsing in UriComponentsBuilder #32616
  • "GET must not have a request body" exception with OkhttpClient and BufferingClientHttpRequestFactory #32612
  • JMSTemplate.sendAndReceive does not propagate tracer over the wire #32606
  • Calling Kotlin suspend functions in non-reactive application crashes due to unresolvable class #32599
  • MethodIntrospector.selectMethods() fails to detect bridge methods across ApplicationContexts #32586
  • Fix handling value class with private constructor on proxy #32536
  • ReactorNettyClientResponse should not dispose connection #32528
  • CompoundExpression omits null-safe syntax in AST string representation of null-safe selection/projection in SpEL #32515
  • Generic Kotlin controllers got broken in 6.1.5 #32510
  • WebFlux Blocking controller runs on non-blocking thread when request input data present #32502
  • Generic interface on FactoryBean class not autowired in case of targetType mismatch #32489
  • HeaderContentNegotiationStrategy.resolveMediaTypes() throws unexpected InvalidMimeTypeException #32483
  • JmsUtils.commitIfNecessary catches and ignores JMS IllegalStateException, losing message with ActiveMQ Artemis #32473
  • Missing bean class in native image with a Kotlin nested class #32472
  • Spring MVC re-creates form data from request params and re-encoding can change the content-length #32471
  • Unhandled JMS exceptions are not always recorded as observation errors #32458
  • Consistently apply TaskDecorator to ManagedExecutorService as well #32455

:notebook_with_decorative_cover: Documentation

  • SimpleAsyncTaskScheduler: Returned ScheduledFuture does not track provided task execution #32589
  • Remove link to unrelated method in javadoc of AnnotatedBeanDefinitionReader #32560
  • Fix typos and improve wording in reference documentation #32557
  • Document that active profiles are set at build time with AOT #32543
  • Fix broken link to vavr in the reference guide #32494
  • Document AOT limitations related to Kotlin identifiers with backticks #32487
  • Add Javadoc since to AbstractClientHttpRequestFactoryWrapper.getDelegate() #32474
  • Default strategy for ProblemDetail error codes wrongly document how "detail" is supported #32446

:hammer: Dependency Upgrades

  • Upgrade to Micrometer 1.12.5 #32596
  • Upgrade to Reactor 2023.0.5 #32592

:heart: Contributors

Thank you to all the contributors who worked on this release:

... (truncated)

Commits
  • b932df6 Release v6.1.6
  • 494ed4e Refine UriComponentsBuilder parsing
  • 39cd316 Polishing
  • ca2b3c1 Add Kotlin hints for enclosing class
  • 019ce44 BufferingClientHttpRequestWrapper should not write empty body
  • a0136a2 Upgrade to Reactor 2023.0.5
  • 8d05028 RequestParam resolver supports empty array suffix
  • 4a68c44 Update content-length when reconstructing body
  • e702733 Detect bridge methods across ApplicationContexts in MethodIntrospector
  • 187f641 Polishing
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 5 months ago

Superseded by #254.