Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump org.springframework:spring-web from 5.3.5 to 6.0.13 #550

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 8, 2023

Bumps org.springframework:spring-web from 5.3.5 to 6.0.13.

Release notes

Sourced from org.springframework:spring-web's releases.

v6.0.13

⭐ New Features

  • Improve diagnostics for negative repeated text count in SpEL #31342
  • Improve diagnostics when repeated text size calculation results in overflow in SpEL #31341
  • UnknownContentTypeException is not Serializable #31283
  • Reintroduce FastClass in CGLIB class names for @Configuration classes #31272

🐞 Bug Fixes

  • HibernateJpaDialect and HibernateExceptionTranslator throw SQLExceptionTranslator-provided exception instead of returning it #31409
  • AnnotationScanner scanning leads to StackOverflowError with recursive annotation #31400
  • NamedParameterJdbcTemplate throws unexpected exception for null query #31391
  • HTTP server exchange observations have incorrect UNKNOWN status tag if the client disconnected #31388
  • Breaking change from 6.0.11 to 6.0.12 if you expect query parameters in @RequestBody #31327
  • SpEL's CompoundExpression.toStringAST() omits ? for null-safe navigation #31326
  • ConcurrentLruCache no longer supports capacity = 0 #31317
  • Using R2dbc transactional and non transactional on a database connection pool will fail for Oracle. #31268
  • AOT-generated code no longer set bean class for beans created from a @Bean method #31242
  • CGLIB proxy classes are no longer cached properly #31238
  • Illegal reflective access in ContextOverridingClassLoader.isEligibleForOverriding #31232
  • Fix RuntimeHintsPredicates matching rules for public/declared elements #31224
  • MultipartParser should respect read position #31110
  • WebClient reports 'Host is not specified' for URI with hostname and port, but without scheme #31033
  • R2DBC Connection is closed during transaction when using TransactionAwareConnectionFactoryProxy #28133
  • SpEL cannot evaluate or compile expression with null-safe void method invocation #27421
  • LazyResolutionMessage does not implement proper toString #21265

📔 Documentation

  • Document Kotlin declaration site variance subtleties #31370
  • Add missing conversionService field in doc example #31330
  • Clarify documentation on Spring Web MVC pattern comparison #31294
  • Improved documentation for MethodParameter#getAnnotatedElement #30397
  • Javadoc for BeanPropertyRowMapper.getColumnValue(ResultSet, int, Class) is inconsistent with code #29285
  • Referencing a @Bean method in a @Configuration class' @PostConstruct method leads to circular reference #27876
  • Incorrect reference information about CGLIB supported method visibility #25001
  • Clarify documentation for @Transactional on interfaces #23538

🔨 Dependency Upgrades

  • Upgrade to Micrometer 1.10.12 #31404
  • Upgrade to Reactor 2022.0.12 #31405

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​jihuayu and @​wfouche

... (truncated)

Commits
  • dda5250 Release v6.0.13
  • 4bd54df Upgrade to concourse-release-scripts 0.4.0-SNAPSHOT
  • 86650d1 Polishing
  • 87424cd Upgrade to SLF4J 2.0.9 and AspectJ 1.9.20.1
  • 80e82cd Do not close transactional Connection in doReleaseConnection
  • 66ce8c9 Properly return SQLExceptionTranslator-provided exception
  • e9fcb21 Refine status KeyValue for HTTP server observations
  • ee9dff3 Updated Java 17 version in sdkmanrc
  • 2158410 Revert "Support Jackson's DatatypeFeature in Jackson2ObjectMapperBuilder"
  • e0a55c2 Upgrade to Micrometer 1.10.12 and Reactor 2022.0.12
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 8, 2023
Bumps [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) from 5.3.5 to 6.0.13.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v5.3.5...v6.0.13)

---
updated-dependencies:
- dependency-name: org.springframework:spring-web
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/gradle/org.springframework-spring-web-6.0.13 branch from e8701f7 to 215bb95 Compare November 15, 2023 10:06
@viartemev viartemev closed this Nov 16, 2023
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 16, 2023

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/gradle/org.springframework-spring-web-6.0.13 branch November 16, 2023 09:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant