Skip to content

build(deps): bump org.springframework:spring-context from 6.2.17 to 6.2.18#23

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/gradle/org.springframework-spring-context-6.2.18
Open

build(deps): bump org.springframework:spring-context from 6.2.17 to 6.2.18#23
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/gradle/org.springframework-spring-context-6.2.18

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 20, 2026

Bumps org.springframework:spring-context from 6.2.17 to 6.2.18.

Release notes

Sourced from org.springframework:spring-context's releases.

v6.2.18

⭐ New Features

  • Improve SpringValidatorAdapter and MethodValidationAdapter performance #36624
  • Add missing @Deprecated(forRemoval = true) for deleted in 7.0 #36591
  • Deprecate methodIdentification() in CacheAspectSupport for removal #36576
  • Improve error handling in multipart codecs #36564
  • LazyConnectionDataSourceProxy does not work well with Hibernate's multi-tenancy by schema strategy #36529
  • MySQL Error 149 (Galera/WSREP conflict) not translated to ConcurrencyFailureException in Spring JDBC/ORM #36510

🐞 Bug Fixes

  • Handle Kotlin nullable value class param correctly in CoroutineUtils #36643
  • NullPointerException in ServerSentEvent when trying to set id or event properties #36634
  • @Sql fails if DataSource is wrapped in a TransactionAwareDataSourceProxy #36630
  • WebDataBinder unnecessarily instantiates collections when using the "!" and "_" prefixes #36627
  • Cache pollution from high-cardinality FieldError default messages in MessageSourceSupport #36623
  • ContentCachingRequestWrapper does not allow unlimited content caching #36620
  • MergedAnnotation does not use ClassLoader for method or field #36614
  • AnnotationBeanNameGenerator fails when an annotation references a non-existent class #36588
  • FileSystemResource does not strictly follow the Resource#isReadable() contract #36585
  • Query not hidden in DefaultClientResponse checkpoint #36571
  • LazyConnectionDataSourceProxy does not pass on holdability to target Connection #36530
  • DefaultJmsListenerContainer may hang in an endless loop in doShutdown #36511
  • Inconsistent codings resolution in resource resolvers #36508

📔 Documentation

  • Clarify semantics of HttpMethod.valueOf() #36653
  • Document that spring.profiles.active is ignored by @ActiveProfiles #36636
  • Document whitespace semantics in SpEL expressions #36629
  • MergedAnnotation.asAnnotationAttributes() Javadoc incorrectly states that it creates an immutable map #36568
  • Introduce Kotlin examples for Bean Overrides (@MockitoBean, etc.) #36542
  • Fix incorrect cross-reference links in AbstractEnvironment Javadoc #36517

🔨 Dependency Upgrades

  • Upgrade to Micrometer 1.15.11 #36661
  • Upgrade to Reactor 2024.0.17 #36660
Commits
  • 6b11724 Release v6.2.18
  • f6671e7 Upgrade to Reactor 2024.0.17 and Micrometer 1.15.11
  • b338fdd Add doOnDiscard in MultipartHttpMessageReader
  • 4e3f264 Add missing tests for WebRequestDataBinder
  • 9e0b83e Polish WebRequestDataBinderTests
  • af4b122 Extract ServletRequestParameterPropertyValuesTests
  • 623ccd1 Revise "Skip binding entirely when field is not allowed"
  • 69068ba Further clarify semantics of HttpMethod.valueOf()
  • f182f9a Clarify semantics of HttpMethod.valueOf()
  • 9d14448 Improve SpEL tests for Elvis and Ternary operators
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
org.springframework:spring-context [>= 7.a, < 8]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump org.springframework:spring-context
2800098 
Bumps [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) from 6.2.17 to 6.2.18.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.17...v6.2.18)

---
updated-dependencies:
- dependency-name: org.springframework:spring-context
  dependency-version: 6.2.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Apr 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants