spring-security icon indicating copy to clipboard operation
spring-security copied to clipboard
verified publisher icon spring-projects

Bump org.springframework:spring-framework-bom from 6.2.14 to 6.2.15

Open dependabot[bot] opened this issue 1 month ago • 0 comments

Bumps org.springframework:spring-framework-bom from 6.2.14 to 6.2.15.

Release notes

Sourced from org.springframework:spring-framework-bom's releases.

v6.2.15

:star: New Features

  • Avoid package cycle caused by use of UriComponentsBuilder in ServletServerHttpRequest #35954
  • DefaultHandshakeHandler should not log client faults on error level #35948
  • Use concurrent set behind reactive TransactionSynchronizationManager#registerSynchronization #35922
  • Expose Collection on FragmentsRendering to facilitate Unit Tests #35912
  • Different ReactorNettyWebSocketSession call getId() may return the same value #35911
  • Enhance handleTypeMismatch error message in ResponseEntityExceptionHandler #35878

:lady_beetle: Bug Fixes

  • NullPointerException thrown from JdkClientHttpRequestFactory for null request header value #35998
  • State inconsistency in LazyConnectionDataSourceProxy when connection settings fail #35981
  • SubscriberInputStream#resume misuses parked thread reference #35979
  • PathMatchingResourcePatternResolver fails with URI in JAR manifest Class-Path entries #35967
  • Strong locking in ConcurrentReferenceHashMap#computeIfAbsent may cause context initialisation deadlock #35945
  • BridgeMethodResolver change in 6.2.13 breaks Spring Data entity introspection #35941
  • DefaultMessageListenerContainer does not clear Session and MessageConsumer for paused invokers #35935
  • Tighten cacheable decision behind @Lazy injection point #35918
  • Use provided ReactiveAdapterRegistry in BindingContext constructor #35914
  • Accidental fallback match for Collection-type beans due to @Bean-level qualifier annotation #35909
  • SortedResourcesFactoryBean does not accept non-existent resources anymore #35896

:notebook_with_decorative_cover: Documentation

  • Document that annotations are ignored if attributes reference types not present in the classpath #35973
  • Fix broken Javadoc links to methods #35904
  • Refer to "Spring Tools" instead of "Spring Tools for Eclipse" in reference manual #35902
  • Clarify JMS sessionTransacted flag for local versus global transaction #35898
  • Reference docs should not use obsolete "junit5" links #35893
  • Testing chapter references nonexistent Dependency Management documentation #35891

:hammer: Dependency Upgrades

  • Upgrade to json-path 2.10.0 #35937
  • Upgrade to Micrometer 1.14.14 #35986
  • Upgrade to Reactor 2024.0.13 #35987
Commits
  • cf74ce0 Release v6.2.15
  • 23625ee Do not send null HTTP header value in JdkClientHttpRequest
  • c89c4ac Upgrade to Reactor 2024.0.13
  • 2155e9f Upgrade to Micrometer 1.14.14
  • 24df35c Do not keep target connection after failed settings
  • 3b1fa36 Polishing contribution
  • 221adf1 Fix SubscriberInputStream.resume()
  • ad849fb Accept assignable match for covariant return type
  • 8041a09 Polishing
  • 97b9517 Handle absolute file URLs in getClassPathManifestEntriesFromJar
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Dec 16 '25 03:12 dependabot[bot]