Skip to content

build(deps): bump the spring group across 4 directories with 4 updates#5

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/partition-core/main/spring-1b90302877
Closed

build(deps): bump the spring group across 4 directories with 4 updates#5
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/partition-core/main/spring-1b90302877

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 26, 2026

Copy link
Copy Markdown

Bumps the spring group with 4 updates in the /partition-core directory: org.springdoc:springdoc-openapi-starter-webmvc-ui, org.springframework.boot:spring-boot-dependencies, org.springframework.security:spring-security-bom and org.springframework:spring-framework-bom.
Bumps the spring group with 3 updates in the /partition-core-plus directory: org.springframework.boot:spring-boot-dependencies, org.springframework.security:spring-security-bom and org.springframework:spring-framework-bom.
Bumps the spring group with 4 updates in the / directory: org.springdoc:springdoc-openapi-starter-webmvc-ui, org.springframework.boot:spring-boot-dependencies, org.springframework.security:spring-security-bom and org.springframework:spring-framework-bom.
Bumps the spring group with 3 updates in the /provider/partition-azure directory: org.springframework.boot:spring-boot-dependencies, org.springframework.security:spring-security-bom and org.springframework:spring-framework-bom.

Updates org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.14 to 2.8.15

Release notes

Sourced from org.springdoc:springdoc-openapi-starter-webmvc-ui's releases.

springdoc-openapi v2.8.15 released!

Added

  • #3122 – Add log notifications when SpringDocs / Scalar are enabled by default
  • #3123 – Add support for serving static resources
  • #3151 – Add @Order to ApplicationReadyEvent listener
  • #3158 – Add support for API groups in Scalar
  • #3187 – Add Scalar WebMVC and WebFlux support
  • #3185 – Disable creation of blank GitHub issues (GitHub settings & workflow)
  • #3186 – Decouple Web Server APIs following Spring Boot modularization
  • #3131 - Improve warning messages when documentation is explicitly enabled
  • #3183 - Remove unused operations consumer from route builder methods
  • #3141 - Change handling so useReturnTypeSchema is evaluated at HTTP status code level instead of method level

Changed

  • Upgrade Spring Boot to version 3.5.9
  • Upgrade swagger-core to version 2.2.41
  • Upgrade swagger-ui to version 5.31.0
  • Upgrade Scalar to version 0.4.3

Fixed

  • #3133 – Fix regression where content type from Swagger @RequestBody did not take precedence
  • #3146 – Fix WebJar resource handler mappings for Swagger UI resources
  • #3168 – Support @Schema annotations on Kotlin value classes
  • #3178 – Fix regression when generating documentation for Kotlin LinkedHashSet
  • #3170 – Fix warnings when setting title and description in application.yml
  • #3187 – Add scalar scalar-webmvc and scalar-webflux support

What's Changed

New Contributors

Full Changelog: springdoc/springdoc-openapi@v2.8.14...v2.8.15

Changelog

Sourced from org.springdoc:springdoc-openapi-starter-webmvc-ui's changelog.

[2.8.15] - 2026-01-01

Added

  • #3122 – Add log notifications when SpringDocs / Scalar are enabled by default
  • #3123 – Add support for serving static resources
  • #3151 – Add @Order to ApplicationReadyEvent listener
  • #3158 – Add support for API groups in Scalar
  • #3187 – Add Scalar WebMVC and WebFlux support
  • #3185 – Disable creation of blank GitHub issues (GitHub settings & workflow)
  • #3186 – Decouple Web Server APIs following Spring Boot modularization
  • #3131 - Improve warning messages when documentation is explicitly enabled
  • #3183 - Remove unused operations consumer from route builder methods
  • #3141 - Change handling so useReturnTypeSchema is evaluated at HTTP status code level instead of method level

Changed

  • Upgrade Spring Boot to version 3.5.9
  • Upgrade swagger-core to version 2.2.41
  • Upgrade swagger-ui to version 5.31.0
  • Upgrade Scalar to version 0.4.3

Fixed

  • #3133 – Fix regression where content type from Swagger @RequestBody did not take precedence
  • #3146 – Fix WebJar resource handler mappings for Swagger UI resources
  • #3168 – Support @Schema annotations on Kotlin value classes
  • #3178 – Fix regression when generating documentation for Kotlin LinkedHashSet
  • #3170 – Fix warnings when setting title and description in application.yml
  • #3187 – Add scalar scalar-webmvc and scalar-webflux support
Commits

Updates org.springframework.boot:spring-boot-dependencies from 3.5.9 to 3.5.11

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.5.11

🐞 Bug Fixes

  • Whitespace can be incorrectly removed when spring-boot-configuration-processor runs on multi-line javadoc #49039
  • server.jetty.threads.max is ignored when using virtual threads #48982
  • Docker credential helpers with file extensions cannot be executed on Windows #48965

📔 Documentation

  • Couchbase and Kafka are incorrectly listed as supporting SSL with Docker Compose #49211
  • Document that use of non idiomatic format for '@Value' still apply for environment variables #49054
  • Document naming convention for custom test-scoped starters #49014
  • LICENSE.txt and NOTICE.txt files have the wrong content in the latest releases #48996
  • ApplicationContextAssert documents a non-existent assertion in getFailure() #48973
  • Highlight the importance of the preStop hook when configuring Kubernetes probes #48936

🔨 Dependency Upgrades

  • Upgrade to AssertJ 3.27.7 #49075
  • Upgrade to Groovy 4.0.30 #49076
  • Upgrade to Hibernate 6.6.42.Final #49077
  • Upgrade to Jaybird 6.0.4 #49078
  • Upgrade to JBoss Logging 3.6.2.Final #49079
  • Upgrade to Jetty 12.0.32 #49080
  • Upgrade to jOOQ 3.19.30 #49081
  • Upgrade to Logback 1.5.32 #49243
  • Upgrade to Micrometer 1.15.9 #49064
  • Upgrade to Micrometer Tracing 1.5.9 #49065
  • Upgrade to MySQL 9.6.0 #49083
  • Upgrade to Netty 4.1.131.Final #49165
  • Upgrade to Postgresql 42.7.10 #49201
  • Upgrade to Reactor Bom 2024.0.15 #49066
  • Upgrade to Spring Authorization Server 1.5.6 #49067
  • Upgrade to Spring Data Bom 2025.0.9 #49068
  • Upgrade to Spring Framework 6.2.16 #49069
  • Upgrade to Spring GraphQL 1.4.5 #49070
  • Upgrade to Spring Integration 6.5.7 #49071
  • Upgrade to Spring Kafka 3.3.13 #49244
  • Upgrade to Spring LDAP 3.3.6 #49072
  • Upgrade to Spring Pulsar 1.2.15 #49073
  • Upgrade to Spring Security 6.5.8 #49225
  • Upgrade to Spring Session 3.5.5 #49074
  • Upgrade to Tomcat 10.1.52 #49084
  • Upgrade to Undertow 2.3.23.Final #49166

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​dsyer, @​linkian209, @​nosan, @​quaff, @​scordio, and @​srt

... (truncated)

Commits
  • 3728f97 Release v3.5.11
  • 54ab3c5 Align "noteworthy" issues in release notes with Spring Framework
  • 996664f Temporarily switch Docker to overlay2
  • 91cc0dd Upgrade to Spring Session 3.5.5
  • f439fd3 Show docker version and docker info when running system tests
  • ec94645 Print CI docker images in system test
  • 33a7890 Upgrade to Spring Integration 6.5.7
  • 1cf8668 Upgrade to Spring Authorization Server 1.5.6
  • 679254a Upgrade to Spring Pulsar 1.2.15
  • c022218 Upgrade to Spring Kafka 3.3.13
  • Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 6.5.7 to 6.5.8

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

6.5.8

⭐ New Features

  • Add @FunctionalInterface to RequestMatcher #18337
  • Spring Security 7 should provide migration path from request-matcher="ant" #18211
  • Stop deploying JavaDoc outside of Antora #18199

🪲 Bug Fixes

  • Add Missing Migration Pages to Navigation #18313
  • Create SHA-1 MessageDigest for every new check request in Compromised Password Checker #18235
  • Fix typo in "Preparing for 7.0" in reference to PathPatternRequestMatcher #18336
  • Fix typo in AnnotationTemplateExpressionDefaults documentation #18176
  • Fix typos in documentation depenendencies->dependencies #18208

🔨 Dependency Upgrades

  • Bump @antora/atlas-extension from 1.0.0-alpha.2 to 1.0.0-alpha.5 in /docs #18675
  • Bump @antora/collector-extension from 1.0.1 to 1.0.2 in /docs #18677
  • Bump @springio/antora-extensions from 1.14.4 to 1.14.7 in /docs #18676
  • Bump antora from 3.2.0-alpha.8 to 3.2.0-alpha.11 in /docs #18679
  • Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 #18192
  • Bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22 #18321
  • Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 #18387
  • Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25 #18525
  • Bump ch.qos.logback:logback-classic from 1.5.25 to 1.5.26 #18591
  • Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 #18631
  • Bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 #18678
  • Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29 #18710
  • Bump gradle-wrapper from 8.14 to 8.14.4 #18704
  • Bump io.micrometer:context-propagation from 1.1.3 to 1.1.4 #18703
  • Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14 #18279
  • Bump io.mockk:mockk from 1.14.6 to 1.14.7 #18275
  • Bump io.projectreactor:reactor-bom from 2024.0.12 to 2024.0.13 #18293
  • Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14 #18495
  • Bump io.projectreactor:reactor-bom from 2024.0.14 to 2024.0.15 #18716
  • Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25 #18535
  • Bump io.spring.gradle:spring-security-release-plugin from 1.0.13 to 1.0.14 #18724
  • Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.4 to 4.0.5 #18670
  • Bump org-apache-maven-resolver from 1.9.24 to 1.9.25 #18292
  • Bump org-aspectj from 1.9.25 to 1.9.25.1 #18329
  • Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 #18352
  • Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 #18590
  • Bump org.hibernate.orm:hibernate-core from 6.6.34.Final to 6.6.36.Final #18193
  • Bump org.hibernate.orm:hibernate-core from 6.6.36.Final to 6.6.38.Final #18241
  • Bump org.hibernate.orm:hibernate-core from 6.6.38.Final to 6.6.39.Final #18308
  • Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final #18351
  • Bump org.hibernate.orm:hibernate-core from 6.6.40.Final to 6.6.41.Final #18524
  • Bump org.hibernate.orm:hibernate-core from 6.6.41.Final to 6.6.42.Final #18632
  • Bump org.springframework.data:spring-data-bom from 2024.1.12 to 2024.1.13 #18320

... (truncated)

Commits
  • 0fab34f Release 6.5.8
  • 08e5b37 Bump io.projectreactor:reactor-bom from 2024.0.14 to 2024.0.15
  • f9c32af Bump org.springframework:spring-framework-bom from 6.2.15 to 6.2.16
  • 3d61276 Bump io.spring.gradle:spring-security-release-plugin
  • 10cb6f7 Update spring-security-release-tools 1.0.14
  • 3131642 Bump io.micrometer:context-propagation from 1.1.3 to 1.1.4
  • 552d8d1 Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29
  • f240f29 Bump gradle-wrapper from 8.14 to 8.14.4
  • 1efacf1 Remove unnecessary Gradle wrapper from buildSrc
  • fa7c6ea Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22
  • Additional commits viewable in compare view

Updates org.springframework:spring-framework-bom from 6.2.15 to 6.2.16

Release notes

Sourced from org.springframework:spring-framework-bom's releases.

v6.2.16

⭐ New Features

  • Improve performance of hashcode calculations for request mappings #36297
  • Improve performance of HandlerMethod bean lookup #36296
  • Improve performance of validation groups determination #36295
  • Improve performance of single pattern request mappings #36294
  • Optimize NamedParameterUtils#buildValueArray by lazily fetching SqlParameter #36232
  • Consistently close streams through try-with-resources in FileCopyUtils #36224
  • SqlBinaryValue and SqlCharacterValue should support InputStream content with undetermined length #36220
  • DataBufferUtils.write() with NettyDataBuffer on JDK 25 hangs indefinitely #36189
  • WebClient (Reactor) attributes on Netty channel do not clear after connection release #36163
  • Reintroduce WebLogicJtaTransactionManager in Spring Framework 6.2.x #36152
  • DisconnectedClientHelper should detect presence of RestClientException and WebClientException separately #36150
  • Add DataAccessException and MessagingException to the excluded outermost exceptions in DisconnectedClientHelper #36135
  • Improve user check in TransportHandlingSockJsService #36129

🐞 Bug Fixes

  • Avoid lock congestion in ConcurrentReferenceHashMap #36308
  • Resolved HttpEntity Controller argument does not reflect mutated HTTP headers #36301
  • AbstractMessageConverter does not support wildcards in supported MIME types #36286
  • Make LocalEntityManagerFactoryBean#setDataSource work on Hibernate as well as EclipseLink #36272
  • Deadlock might occur when calling System.exit on startup (against multiple shutdown hooks) #36268
  • Netty4HeadersAdapter.remove returns empty list instead of null for non-existing key #36227
  • EclipseLinkConnectionHandle can fail against transaction isolation race condition #36166
  • WiretapConnector leaks data buffers when response body not consumed #36051
  • UriComponentsBuilder loses the fragment when it consists of only a single character #36035
  • SimpleBeanInfoFactory fails to reliably resolve read/write methods in type hierarchies with unresolved generics #36026

📔 Documentation

  • Fix links to JUnit User Guide #36218
  • Fix LocalContainerEntityManagerFactoryBean#setPersistenceUnitName javadoc #36206
  • Update documentation on trailing slash handling where type-level @GetMapping("/base") is combined with method level @GetMapping("/") #36200
  • Update documentation on the MediaType used for ProblemDetail #36193
  • Replace getErrors() with getBindingResult() in examples #36172
  • Upgrade Antora dependencies #36106
  • Fix typos and grammar #36023

🔨 Dependency Upgrades

  • Bump fast-xml-parser from 4.5.2 to 5.3.4 in /framework-docs #36239
  • Upgrade to ASM 9.9.1 and Objenesis 3.5 #36244
  • Upgrade to JUnit 5.14.2 #36148
  • Upgrade to Micrometer 1.15.9 #36290
  • Upgrade to Reactor 2024.0.15 #36289
Commits
  • 053d8e2 Release v6.2.16
  • 8334388 avoid unnecessary locking in ConcurrentReferenceHashMap's implementation of c...
  • 757b713 Use updated message in HttpEntityMethodProcessor
  • a065563 Optimize RequestMappingInfo hashcode calculation
  • 6162d89 Cache HandlerMethod with resolved bean if singleton
  • 5c537db Optimize single PathPattern match
  • 849553d Avoid determineValidationGroups not necessary
  • 7240a5a Upgrade to Reactor 2024.0.15
  • b00c387 Upgrade to Micrometer 1.15.9
  • 8396c07 Fix wildcard MIME type support in messaging converters
  • Additional commits viewable in compare view

Updates org.springframework.boot:spring-boot-dependencies from 3.5.9 to 3.5.11

Release notes

Sourced from org.springframework.boot:spring-boot-dependencies's releases.

v3.5.11

🐞 Bug Fixes

  • Whitespace can be incorrectly removed when spring-boot-configuration-processor runs on multi-line javadoc #49039
  • server.jetty.threads.max is ignored when using virtual threads #48982
  • Docker credential helpers with file extensions cannot be executed on Windows #48965

📔 Documentation

  • Couchbase and Kafka are incorrectly listed as supporting SSL with Docker Compose #49211
  • Document that use of non idiomatic format for '@Value' still apply for environment variables #49054
  • Document naming convention for custom test-scoped starters #49014
  • LICENSE.txt and NOTICE.txt files have the wrong content in the latest releases #48996
  • ApplicationContextAssert documents a non-existent assertion in getFailure() #48973
  • Highlight the importance of the preStop hook when configuring Kubernetes probes #48936

🔨 Dependency Upgrades

  • Upgrade to AssertJ 3.27.7 #49075
  • Upgrade to Groovy 4.0.30 #49076
  • Upgrade to Hibernate 6.6.42.Final #49077
  • Upgrade to Jaybird 6.0.4 #49078
  • Upgrade to JBoss Logging 3.6.2.Final #49079
  • Upgrade to Jetty 12.0.32 #49080
  • Upgrade to jOOQ 3.19.30 #49081
  • Upgrade to Logback 1.5.32 #49243
  • Upgrade to Micrometer 1.15.9 #49064
  • Upgrade to Micrometer Tracing 1.5.9 #49065
  • Upgrade to MySQL 9.6.0 #49083
  • Upgrade to Netty 4.1.131.Final #49165
  • Upgrade to Postgresql 42.7.10 #49201
  • Upgrade to Reactor Bom 2024.0.15 #49066
  • Upgrade to Spring Authorization Server 1.5.6 #49067
  • Upgrade to Spring Data Bom 2025.0.9 #49068
  • Upgrade to Spring Framework 6.2.16 #49069
  • Upgrade to Spring GraphQL 1.4.5 #49070
  • Upgrade to Spring Integration 6.5.7 #49071
  • Upgrade to Spring Kafka 3.3.13 #49244
  • Upgrade to Spring LDAP 3.3.6 #49072
  • Upgrade to Spring Pulsar 1.2.15 #49073
  • Upgrade to Spring Security 6.5.8 #49225
  • Upgrade to Spring Session 3.5.5 #49074
  • Upgrade to Tomcat 10.1.52 #49084
  • Upgrade to Undertow 2.3.23.Final #49166

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​dsyer, @​linkian209, @​nosan, @​quaff, @​scordio, and @​srt

... (truncated)

Commits
  • 3728f97 Release v3.5.11
  • 54ab3c5 Align "noteworthy" issues in release notes with Spring Framework
  • 996664f Temporarily switch Docker to overlay2
  • 91cc0dd Upgrade to Spring Session 3.5.5
  • f439fd3 Show docker version and docker info when running system tests
  • ec94645 Print CI docker images in system test
  • 33a7890 Upgrade to Spring Integration 6.5.7
  • 1cf8668 Upgrade to Spring Authorization Server 1.5.6
  • 679254a Upgrade to Spring Pulsar 1.2.15
  • c022218 Upgrade to Spring Kafka 3.3.13
  • Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 6.5.7 to 6.5.8

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

6.5.8

⭐ New Features

  • Add @FunctionalInterface to RequestMatcher #18337
  • Spring Security 7 should provide migration path from request-matcher="ant" #18211
  • Stop deploying JavaDoc outside of Antora #18199

🪲 Bug Fixes

  • Add Missing Migration Pages to Navigation #18313
  • Create SHA-1 MessageDigest for every new check request in Compromised Password Checker #18235
  • Fix typo in "Preparing for 7.0" in reference to PathPatternRequestMatcher #18336
  • Fix typo in AnnotationTemplateExpressionDefaults documentation #18176
  • Fix typos in documentation depenendencies->dependencies #18208

🔨 Dependency Upgrades

  • Bump @antora/atlas-extension from 1.0.0-alpha.2 to 1.0.0-alpha.5 in /docs #18675
  • Bump @antora/collector-extension from 1.0.1 to 1.0.2 in /docs #18677
  • Bump @springio/antora-extensions from 1.14.4 to 1.14.7 in /docs #18676
  • Bump antora from 3.2.0-alpha.8 to 3.2.0-alpha.11 in /docs #18679
  • Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 #18192
  • Bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22 #18321
  • Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 #18387
  • Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25 #18525
  • Bump ch.qos.logback:logback-classic from 1.5.25 to 1.5.26 #18591
  • Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 #18631
  • Bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 #18678
  • Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29 #18710
  • Bump gradle-wrapper from 8.14 to 8.14.4 #18704
  • Bump io.micrometer:context-propagation from 1.1.3 to 1.1.4 #18703
  • Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14 #18279
  • Bump io.mockk:mockk from 1.14.6 to 1.14.7 #18275
  • Bump io.projectreactor:reactor-bom from 2024.0.12 to 2024.0.13 #18293
  • Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14 #18495
  • Bump io.projectreactor:reactor-bom from 2024.0.14 to 2024.0.15 #18716
  • Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25 #18535
  • Bump io.spring.gradle:spring-security-release-plugin from 1.0.13 to 1.0.14 #18724
  • Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.4 to 4.0.5 #18670
  • Bump org-apache-maven-resolver from 1.9.24 to 1.9.25 #18292
  • Bump org-aspectj from 1.9.25 to 1.9.25.1 #18329
  • Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 #18352
  • Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 #18590
  • Bump org.hibernate.orm:hibernate-core from 6.6.34.Final to 6.6.36.Final #18193
  • Bump org.hibernate.orm:hibernate-core from 6.6.36.Final to 6.6.38.Final #18241
  • Bump org.hibernate.orm:hibernate-core from 6.6.38.Final to 6.6.39.Final #18308
  • Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final #18351
  • Bump org.hibernate.orm:hibernate-core from 6.6.40.Final to 6.6.41.Final #18524
  • Bump org.hibernate.orm:hibernate-core from 6.6.41.Final to 6.6.42.Final #18632
  • Bump org.springframework.data:spring-data-bom from 2024.1.12 to 2024.1.13 #18320

... (truncated)

Commits
  • 0fab34f Release 6.5.8
  • 08e5b37 Bump io.projectreactor:reactor-bom from 2024.0.14 to 2024.0.15
  • f9c32af Bump org.springframework:spring-framework-bom from 6.2.15 to 6.2.16
  • 3d61276 Bump io.spring.gradle:spring-security-release-plugin
  • 10cb6f7 Update spring-security-release-tools 1.0.14
  • 3131642 Bump io.micrometer:context-propagation from 1.1.3 to 1.1.4
  • 552d8d1 Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29
  • f240f29 Bump gradle-wrapper from 8.14 to 8.14.4
  • 1efacf1 Remove unnecessary Gradle wrapper from buildSrc
  • fa7c6ea Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22
  • Additional commits viewable in compare view

Updates org.springframework:spring-framework-bom from 6.2.15 to 6.2.16

Release notes

Sourced from org.springframework:spring-framework-bom's releases.

v6.2.16

⭐ New Features

  • Improve performance of hashcode calculations for request mappings #36297
  • Improve performance of HandlerMethod bean lookup #36296
  • Improve performance of validation groups determination #36295
  • Improve performance of single pattern request mappings #36294
  • Optimize NamedParameterUtils#buildValueArray by lazily fetching SqlParameter #36232
  • Consistently close streams through try-with-resources in FileCopyUtils #36224
  • SqlBinaryValue and SqlCharacterValue should support InputStream content with undetermined length #36220
  • DataBufferUtils.write() with NettyDataBuffer on JDK 25 hangs indefinitely #36189
  • WebClient (Reactor) attributes on Netty channel do not clear after connection release #36163
  • Reintroduce WebLogicJtaTransactionManager in Spring Framework 6.2.x #36152
  • DisconnectedClientHelper should detect presence of RestClientException and WebClientException separately #36150
  • Add DataAccessException and MessagingException to the excluded outermost exceptions in DisconnectedClientHelper #36135
  • Improve user check in TransportHandlingSockJsService #36129

🐞 Bug Fixes

  • Avoid lock congestion in ConcurrentReferenceHashMap #36308
  • Resolved HttpEntity Controller argument does not reflect mutated HTTP headers #36301
  • AbstractMessageConverter does not support wildcards in supported MIME types #36286
  • Make LocalEntityManagerFactoryBean#setDataSource work on Hibernate as well as EclipseLink #36272
  • Deadlock might occur when calling System.exit on startup (against multiple shutdown hooks) #36268
  • Netty4HeadersAdapter.remove returns empty list instead of null for non-existing key #36227
  • EclipseLinkConnectionHandle can fail against transaction isolation race condition #36166
  • WiretapConnector leaks data buffers when response body not consumed #36051
  • UriComponentsBuilder loses the fragment when it consists of only a single character #36035
  • SimpleBeanInfoFactory fails to reliably resolve read/write methods in type hierarchies with unresolved generics #36026

📔 Documentation

  • Fix links to JUnit User Guide #36218
  • Fix LocalContainerEntityManagerFactoryBean#setPersistenceUnitName javadoc #36206
  • Update documentation on trailing slash handling where type-level @GetMapping("/base") is combined with method level @GetMapping("/") #36200
  • Update documentation on the MediaType used for ProblemDetail #36193
  • Replace getErrors() with getBindingResult() in examples #36172
  • Upgrade Antora dependencies #36106
  • Fix typos and grammar #36023

🔨 Dependency Upgrades

  • Bump fast-xml-parser from 4.5.2 to 5.3.4 in /framework-docs #36239
  • Upgrade to ASM 9.9.1 and Objenesis 3.5 #36244
  • Upgrade to JUnit 5.14.2 #36148
  • Upgrade to Micrometer 1.15.9 #36290
  • Upgrade to Reactor 2024.0.15 #36289
Commits

Bumps the spring group with 4 updates in the /partition-core directory: [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi), [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot), [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) and [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework).
Bumps the spring group with 3 updates in the /partition-core-plus directory: [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot), [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) and [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework).
Bumps the spring group with 4 updates in the / directory: [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi), [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot), [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) and [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework).
Bumps the spring group with 3 updates in the /provider/partition-azure directory: [org.springframework.boot:spring-boot-dependencies](https://github.com/spring-projects/spring-boot), [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) and [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework).


Updates `org.springdoc:springdoc-openapi-starter-webmvc-ui` from 2.8.14 to 2.8.15
- [Release notes](https://github.com/springdoc/springdoc-openapi/releases)
- [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md)
- [Commits](springdoc/springdoc-openapi@v2.8.14...v2.8.15)

Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.9 to 3.5.11
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.9...v3.5.11)

Updates `org.springframework.security:spring-security-bom` from 6.5.7 to 6.5.8
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.5.7...6.5.8)

Updates `org.springframework:spring-framework-bom` from 6.2.15 to 6.2.16
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.15...v6.2.16)

Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.9 to 3.5.11
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.9...v3.5.11)

Updates `org.springframework.security:spring-security-bom` from 6.5.7 to 6.5.8
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.5.7...6.5.8)

Updates `org.springframework:spring-framework-bom` from 6.2.15 to 6.2.16
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.15...v6.2.16)

Updates `org.springdoc:springdoc-openapi-starter-webmvc-ui` from 2.8.14 to 2.8.15
- [Release notes](https://github.com/springdoc/springdoc-openapi/releases)
- [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md)
- [Commits](springdoc/springdoc-openapi@v2.8.14...v2.8.15)

Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.9 to 3.5.11
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.9...v3.5.11)

Updates `org.springframework.security:spring-security-bom` from 6.5.7 to 6.5.8
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.5.7...6.5.8)

Updates `org.springframework:spring-framework-bom` from 6.2.15 to 6.2.16
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.15...v6.2.16)

Updates `org.springframework.boot:spring-boot-dependencies` from 3.5.9 to 3.5.11
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.9...v3.5.11)

Updates `org.springframework.security:spring-security-bom` from 6.5.7 to 6.5.8
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.5.7...6.5.8)

Updates `org.springframework:spring-framework-bom` from 6.2.15 to 6.2.16
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.15...v6.2.16)

---
updated-dependencies:
- dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui
  dependency-version: 2.8.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 3.5.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework.security:spring-security-bom
  dependency-version: 6.5.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 3.5.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework.security:spring-security-bom
  dependency-version: 6.5.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui
  dependency-version: 2.8.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 3.5.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework.security:spring-security-bom
  dependency-version: 6.5.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework.boot:spring-boot-dependencies
  dependency-version: 3.5.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework.security:spring-security-bom
  dependency-version: 6.5.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: spring
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Dependency updates and issues label Feb 26, 2026
@github-actions

Copy link
Copy Markdown
Contributor

Validation Status

  • ✓ No Merge Conflicts
  • ✓ Branch is Up-to-date
  • ℹ️ Dependabot Build Handled by dependabot-validation.yml

1 similar comment
@github-actions

Copy link
Copy Markdown
Contributor

Validation Status

  • ✓ No Merge Conflicts
  • ✓ Branch is Up-to-date
  • ℹ️ Dependabot Build Handled by dependabot-validation.yml

@github-actions

Copy link
Copy Markdown
Contributor

Validation Status

  • ✅ Dependency Update Build Successful

@dependabot @github

dependabot Bot commented on behalf of github Mar 2, 2026

Copy link
Copy Markdown
Author

Superseded by #10.

@dependabot dependabot Bot closed this Mar 2, 2026
@dependabot dependabot Bot deleted the dependabot/maven/partition-core/main/spring-1b90302877 branch March 2, 2026 10:06
github-actions Bot pushed a commit that referenced this pull request Mar 10, 2026
refactor: extract workflow scripts into testable composite actions
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates and issues

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants