Skip to content

Bump spring-framework-bom from 5.3.27 to 5.3.28#3834

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/org.springframework-spring-framework-bom-5.3.28
Closed

Bump spring-framework-bom from 5.3.27 to 5.3.28#3834
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/org.springframework-spring-framework-bom-5.3.28

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 19, 2023

Copy link
Copy Markdown
Contributor

Bumps spring-framework-bom from 5.3.27 to 5.3.28.

Release notes

Sourced from spring-framework-bom's releases.

v5.3.28

⭐ New Features

  • ClassLoader can be null in DeserializingConverter and should be annotated with @Nullable #30672
  • Performance optimization in AbstractBeanFactoryBasedTargetSource.hashCode() #30585
  • Consistent support for MultiValueMap and common Map implementations in CollectionFactory #30441
  • Reject null and empty SpEL expressions #30373
  • Introduce Environment.matchesProfiles() for profile expressions #30226

🐞 Bug Fixes

  • Change of behaviour for UUID in bean validation output in v5.3.27 #30662
  • Spring Framework 5.3.27 appears to cause issues in OSGi environment #30637
  • Inconsistent ProxyCallbackFilter#equals/hashCode methods in CglibAopProxy #30616
  • EclipseLinkJpaDialect: Unexpected default isolation levels #30589
  • ThreadLocalTargetSource does not include actual target bean name in NamedThreadLocal #30586
  • ApplicationListenerMethodAdapter inconsistently publishes events from CompletableFuture #30584
  • For @Bean method that returns null, @Autowired injects NullBean instead of null for cached arguments #30551
  • Make maximum SpEL expression length configurable #30446
  • Respect TaskDecorator configuration on DefaultManagedTaskExecutor #30443

📔 Documentation

  • Document which @Scheduled attributes support SpEL expressions #30642
  • FileSystemUtils::deleteRecursively Javadoc refers to File instead of Path #30555

🔨 Dependency Upgrades

  • Upgrade to Reactor 2020.0.33 #30656
Commits
  • b02f4a0 Release v5.3.28
  • 99ae6e7 Declare ClassLoader for DeserializingConverter constructor as nullable
  • c2cc55e Consider UUID as simple value type with concise toString output
  • 9cff2ac Upgrade to Reactor 2020.0.33
  • 3c2590d Document limited isolation level support for concurrent transactions
  • 4b55333 Document which @​Scheduled attributes support SpEL expressions
  • c27acad Specific check for parent of MethodInvocationInfo ClassLoader
  • 70be9af Reuse method cache from original proxy factory (aligned with 6.0.x)
  • d4450a8 Specific check for parent of spring-aop ClassLoader
  • 210e47d Polishing
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.27 to 5.3.28.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v5.3.27...v5.3.28)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 19, 2023
@codecov-commenter

Copy link
Copy Markdown

Codecov Report

Merging #3834 (a97e3ee) into master (6e8e8dd) will decrease coverage by 0.01%.
The diff coverage is 100.00%.

❗ Current head a97e3ee differs from pull request most recent head 0cf2d4e. Consider uploading reports for the commit 0cf2d4e to get more accurate results

@@             Coverage Diff              @@
##             master    #3834      +/-   ##
============================================
- Coverage     43.97%   43.97%   -0.01%     
  Complexity     6087     6087              
============================================
  Files          1557     1557              
  Lines         38278    38278              
  Branches       3512     3512              
============================================
- Hits          16834    16833       -1     
  Misses        20134    20134              
- Partials       1310     1311       +1     
Impacted Files Coverage Δ
...che/servicecomb/loadbalance/ServiceCombServer.java 51.72% <100.00%> (ø)

... and 5 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@dependabot @github

dependabot Bot commented on behalf of github Jul 15, 2023

Copy link
Copy Markdown
Contributor Author

Superseded by #3858.

@dependabot dependabot Bot closed this Jul 15, 2023
@dependabot dependabot Bot deleted the dependabot/maven/org.springframework-spring-framework-bom-5.3.28 branch July 15, 2023 05:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant