Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump org.springframework:spring-web from 5.3.31 to 5.3.37 #305

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 13, 2024

Bumps org.springframework:spring-web from 5.3.31 to 5.3.37.

Release notes

Sourced from org.springframework:spring-web's releases.

v5.3.37

⭐ New Features

  • AnnotationUtils performance degrades with deep stacks #32923

🐞 Bug Fixes

  • AspectJ CTW aspects executed twice #32974
  • SpEL compilation fails when indexing into a Map with a primitive #32911
  • SpEL compilation fails when indexing into an array or list with an Integer #32909
  • Application not starting with @EnableTransactionManagement(mode = AdviceMode.ASPECTJ) #32885

🔨 Dependency Upgrades

  • Upgrade to Reactor 2020.0.45 #33010

v5.3.36

🐞 Bug Fixes

  • Overridden aspect method runs twice #32868
  • @DateTimeFormat(iso = DateTimeFormat.ISO.DATE\_TIME) cannot convert UTC without milliseconds to java.util.Date #32860
  • Spring AOP fails against registered @Configurable aspect #32840

v5.3.35

⭐ New Features

  • Accept ajc-compiled @Aspect classes for Spring AOP proxy usage #32818

🐞 Bug Fixes

  • DeferredQueryInvocationHandler fails to unwrap QuerySqmImpl class outside of transaction #32770
  • MergedAnnotations search does not find container for repeatable annotation #32751
  • AnnotationConfigWebApplicationContext should propagate ApplicationStartup to BeanFactory #32749
  • Ignore non-String keys in PropertiesPropertySource.getPropertyNames() #32744
  • "multiple subscribers not supported" when using WebClient exchange #32728
  • Deadlock/Stall in ConcurrentWebSocketSessionDecorator with Undertow 2.3.10 #32698

📔 Documentation

  • Correct documentation on streaming with MockMvcWebTestClient #32723
  • Update links to HttpOnly documentation at OWASP in ResponseCookie #32668

🔨 Dependency Upgrades

  • Upgrade to Reactor 2020.0.44 #32788

v5.3.34

⭐ New Features

  • Log column type for limited support message in JdbcUtils.getResultSetValue #32603

... (truncated)

Commits
  • aca8b5d Release v5.3.37
  • 0ce1ef9 Polishing (aligned with 6.0.x)
  • e26ea00 Upgrade to spring-javaformat-checkstyle 0.0.42 and Netty 4.1.111
  • c10b6c2 Upgrade to Reactor 2020.0.45
  • 63568e6 Skip ajc-compiled aspects for ajc-compiled target classes
  • d410485 Avoid NoSuchMethodException for annotation attribute checks
  • 2384474 Support compilation of map indexing with primitive in SpEL
  • 0f04052 Support compilation of array and list indexing with Integer in SpEL
  • 98aa03c Test detection of original generic method for CGLIB bridge method
  • 3e45b76 Polishing
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
org.springframework:spring-web [>= 6.a, < 7]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) from 5.3.31 to 5.3.37.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v5.3.31...v5.3.37)

---
updated-dependencies:
- dependency-name: org.springframework:spring-web
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 13, 2024
@inponomarev inponomarev merged commit f996b6b into master Jul 12, 2024
1 check passed
@dependabot dependabot bot deleted the dependabot/maven/org.springframework-spring-web-5.3.37 branch July 12, 2024 10:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant