spring-projects / spring-security-samples

1.46k stars 709 forks source link

Bump org.springframework:spring-framework-bom from 6.1.11 to 6.1.12 #310

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 3 months ago

Bumps org.springframework:spring-framework-bom from 6.1.11 to 6.1.12.

Release notes

Sourced from org.springframework:spring-framework-bom's releases.

v6.1.12

:star: New Features

  • Efficient handling of conditional HTTP requests #33372
  • LocaleEditor cannot parse language tag with script like zh-Hans #33348
  • Reinstate qualifier support for legacy JSR-330 @javax.inject.Named annotation #33345
  • SimpleAsyncTaskScheduler stops accepting new tasks when isShutdown #33336

:lady_beetle: Bug Fixes

  • Fix incorrect weak ETag validation #33374
  • Avoid CacheAspectSupport#findInCaches falling through to the reactiveCachingHandler #33371
  • ScheduledAnnotationReactiveSupport starts the observation before it is opened #33349
  • RestClient observation flags error for UnknownContentTypeException twice #33347
  • RestClient instrumentation unnecessarily calls stop on a closed observation #33346
  • SimpleEvaluationContext does not enforce read-only semantics #33319
  • SpEL wraps primitive array in Object[] when invoking varargs method #33317
  • SpEL no longer supports lists for varargs invocations #33315
  • SpEL Indexer silently ignores failure to set property as index #33310
  • AOT-generated code produces deprecation warnings when using a deprecated class for autowiring #33295
  • @Scheduled method in test class not supported anymore #33286
  • AOT-generated code produces deprecation warnings when referencing a nested class of a deprecated class #33273
  • Jaxb2XmlEncoder does not support JAXBElement subtypes #33258
  • ShallowEtagHeaderFilter throws a NumberFormatException for responses bigger than 2Gb #33256
  • RequestPredicates fail with UnsupportedOperationException with a custom servlet path #33251
  • Missing observation for @JmsListener response messages #33221
  • ConversionService cannot convert primitive array to Object[] #33212
  • Spring coroutines AOP is not compatible with @Cacheable #33210
  • PathMatchingResourcePatternResolver#convertClassLoaderURL drops URLStreamHandler in version 6.1.x #33199
  • SpEL cannot invoke varargs MethodHandle function with a primitive array #33198
  • Trim last allowed origin when parsing comma-delimited string #33181
  • Multipart files not deleted after upload is finished with async request #33161
  • JaxbContextContainer does not define the ClassLoader to use to retrieve the JAXBContext to use #33158
  • Memory Leak in WebFlux application handling HTTP Multipart #33094
  • Support invoking bridged suspending functions in AopUtils #33045

:notebook_with_decorative_cover: Documentation

  • Fix typo in the bean validation section of the reference manual #33354
  • Fix syntax error in RestClient documentation #33350
  • Add Kotlin example for expectAll() #33341
  • Javadoc of ReactorResourceFactory#setConnectionProviderSupplier wrongly states it can be ignored #33338
  • Improve EnableCaching & CachingConfigurer Javadoc #33288
  • Code sample has wrong reference to configurePathMatching #33277
  • Document that NoOpResponseErrorHandler is to be used with the RestTemplate #33276
  • Stop referring to Oracle STRUCT and ARRAY as they are deprecated #33248
  • Update links in reference manual #33245

:hammer: Dependency Upgrades

... (truncated)

Commits
  • 3476425 Release v6.1.12
  • bb17ad8 Efficient ETag parsing
  • 63486bf Upgrade to Tomcat 10.1.28, Jetty 12.0.12, Netty 4.1.112, Undertow 2.3.15
  • d0bff58 Polishing
  • 8be5010 LocaleEditor supports BCP 47 language tags as well
  • 86761cd Upgrade to Reactor 2023.0.9
  • 07cdef4 Upgrade to Micrometer 1.12.9
  • e74406a Introduce withAssignmentDisabled() option for SimpleEvaluationContext
  • fe4fd00 Polishing contribution
  • 1703b71 Fix incorrect weak ETag assertion
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 months ago

Superseded by #320.