Sourced from org.springframework:spring-framework-bom's releases.

v6.2.8

:star: New Features

• Nullability @Contract declaration for CodeFlow.isIntegerForNumericOp() is unnecessary #34985
• Serializer hint registration is broken for some Kotlin classes #34979
• Clients created using JdkClientHttpRequestFactory set content-length for GET, DELETE and HEAD requests #34971
• Support registration of non-public BeanDefinitionReader via @ImportResource #34928
• Make max size for pattern cache in PathPatternMatchableHandlerMapping configurable #34918
• Add optimized DataBufferInputStream overrides #34799

:lady_beetle: Bug Fixes

• Encode non-printable character in Content-Disposition parameter #35034
• Allow update of existing WebSession after max sessions limit is reached #35013
• Fix support for collections in AbstractKotlinSerializationHttpMessageConverter #34992
• PathPattern#combine throws StringIndexOutOfBoundsException #34986
• Fix AOT code generation for autowired inner class constructor #34974
• AbstractFileResolvingResource.exists closes JAR resource input streams with v6.2.7 #34955
• Enhanced configuration class fails to call package-visible superclass constructor on WebSphere #34950
• Fix REPLY_CHANNEL header check in MessageHeaderAccessor #34949
• MockEnvironment does not accept Object property values #34947
• PropertySourcesPlaceholderConfigurer no longer uses ConversionService from Environment #34936
• @Contract for StreamUtils.drain() incorrectly declares null results in an exception #34933
• Inconsistent behavior injecting null @Bean factory parameter #34929
• MockHttpServletRequest.addHeader duplicates "Content-Type" header #34913
• BeanUtils.getParameterNames fails for Kotlin data classes #34760
• JAXB message converters ignore Content-Type charset #34745
• Aspect Not Triggered After Restart in Spring Boot 3.4.x (But Works in 3.3.10) #34735
• Add caching headers to unmodified static resources #34614

:notebook_with_decorative_cover: Documentation

• Apply gh-34856 to MockClientHttpRequest in testfixture package #35031
• Fix ResourceHttpRequestHandler#setHeaders JavaDoc #35004
• Remove reference to AspectJ Eclipse Javadoc #35000
• Mention CompletableFuture in Spring MVC "Asynchronous Requests" section of reference manual #34991
• Fix exception name in ModelAttribute docs #34980
• Fix syntax in @SqlGroup example #34972
• Update X-Forwarded-Proto doc to say https / http #34959
• Update Guidance on Best Practices To Test Code That Uses RestClient and RestTemplate #34892
• Add a section for WebAsyncTask in mvc-ann-async.adoc #34885
• Clarify what @RestControllerAdvice vs @ControllerAdvice apply to by default #34866
• Improve Javadoc for @ExceptionHandler #34554

:hammer: Dependency Upgrades

• Upgrade to HttpComponents HttpClient 5.5 #34941
• Upgrade to Micrometer 1.14.8 #35020
• Upgrade to Reactor 2024.0.7 #35021

... (truncated)

• 502b31a Release v6.2.8
• f0e7b42 Encode non-printable character in Content-Disposition parameter
• e86dc9a Apply gh-34856 to MockClientHttpRequest in testfixture package
• 05c3f56 Rely on default retention in @Contract
• dee80ab Upgrade to Reactor 2024.0.7
• 07fd835 Upgrade to Micrometer 1.14.8
• 0d6c6eb Use Micrometer BOM for Context Propagation dependency
• 4d2cc4a Polish contribution
• c04902f Allow update of existing WebSession after max sessions limit is reached
• 3c265e1 Fix InMemoryWebSessionStoreTests.startsSessionImplicitly() test
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)