Sourced from org.springframework:spring-web's releases.

v6.2.9

:star: New Features

• OncePerRequestFilter cannot be CGLib-proxied #35198
• Consistently catch InaccessibleObjectException next to IllegalAccessException #35190
• Introduce Date-to-Instant and Instant-to-Date converters #35175
• Consistent nullability and exception declarations in AbstractMessagingTemplate hierarchy #35159
• Register runtime hints for Instant-to-Timestamp conversion #35156
• Improve handling of ResponseEntity<?> in Spring MVC #35153
• Support @CacheConfig("myCacheName") declarations for simplified configuration #35152
• Declare messageSelector parameters in JmsOperations as @Nullable #35151
• Add getter for OverflowStrategy in ConcurrentWebSocketSessionDecorator #35132
• Use preset Content-Type for streaming and reactive responses in Spring MVC #35130
• Leniently tolerate null @Aspect bean #35074
• DataAccessResourceFailureException thrown when transaction times out on PostgreSQL #35073
• MethodInvokingFactoryBean fails to invoke publicly exported methods overridden by internal classes when using JPMS #34028

:lady_beetle: Bug Fixes

• Restore preference for interface (most abstract) method in getPubliclyAccessibleMethodIfPossible #35189
• Make targetBeanName field in AbstractBeanFactoryBasedTargetSource protected to avoid exceptions in logging and toString() #35172
• Fix inconsistencies in StaticListableBeanFactory #35119
• Support StreamingHttpOutputMessage in RestClient #35102
• When building DELETE requests, the request body is not used in JdkClientHttpRequest.buildRequest #35068
• AOT-generated bean registration file contains "too many constants" when building with many beans #35044
• Prevent cache pollution by storing only the factories #34732
• WebFlux decodes wildcard content-types as form-data/multipart #34660
• AOT-generated CGLib proxies do not contain method overrides #34642
• 500 response for ResourceHttpRequestHandler when requested range is not satisfied #34490

:notebook_with_decorative_cover: Documentation

• Document how to register runtime hints for convention-based conversion #35178
• Link to @ContextConfiguration Javadoc from reference manual #35088

:hammer: Dependency Upgrades

• Upgrade to JUnit 5.13.3 #35103
• Upgrade to Micrometer 1.14.9 #35202
• Upgrade to Reactor 2024.0.8 #35201

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​Meijuh, @​RazorNd, @​chenggwang, @​izeye, @​mjd507, @​ngocnhan-tran1996, and @​philwebb

• 09a5ca3 Release v6.2.9
• a4ec25d Upgrade to MockK 1.13.17
• 0fc043f Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3
• 5473260 Backport nullability refinements for Micrometer
• 12a6098 Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9
• f86034b Drop final declaration from doFilter entry point (for CGLIB proxying)
• 2180783 Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1
• 2434bb1 Polishing
• 4063cb5 Publish releases using Central Portal
• 4277682 Catch InaccessibleObjectException next to IllegalAccessException
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)