Bumps lodash from 4.17.11 to 4.17.15. <details> <summary>Commits</summary>

• ddfd9b1 Bump to v4.17.15.
• b185fce Rebuild lodash and docs.
• be87d30 Bump to v4.17.14.
• a6fe6b1 Rebuild lodash and docs.
• e371828 Bump to v4.17.13.
• 357e899 Rebuild lodash and docs.
• fd9a062 Bump to v4.17.12.
• e77d681 Rebuild lodash and docs.
• 629d186 Update OpenJS references.
• 2406eac Fix minified build.
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps webpack-bundle-analyzer from 3.0.3 to 3.6.0. <details> <summary>Changelog</summary>

Sourced from webpack-bundle-analyzer's changelog.

3.6.0

• Improvement
  • Support webpack builds where output.globalObject is set to 'self' (#323 by @​lemonmade)
  • Improve readability of tooltips (#320 by @​lorenzos)

3.5.2

• Bug Fix
  • Fix sidebar not showing visibility status of chunks hidden via popup menu (issue #316 by @​gaokun, fixed in #317 by @​bregenspan)

3.5.1

• Bug Fix
  • Fix regression in support of webpack dev server and webpack --watch (issue #312, fixed in #313 by @​gaokun)

3.5.0

• Improvements
  • Improved report title and added favicon (#310, @​gaokun)

3.4.1

• Bug Fix
  • Fix regression of requiring an object to be passed to new BundleAnalyzerPlugin() (issue #300, fixed in #302 by @​jerryOnlyZRJ)

3.4.0

• Improvements

  • Add port: 'auto' option (#290, @​avin-kavish)

• Bug Fix

  • Avoid mutation of the generated stats.json (#293, @​wood1986)

• Internal

  • Use Autoprefixer (#266, @​bregenspan)
  • Detect AsyncMFS to support dev-server of Nuxt 2.5 and above (#275, @​amoshydra)

3.3.2

• Bug Fix
  • Fix regression with escaping internal assets (#264, fixes #263)

3.3.1

• Improvements

  • Use relative links for serving internal assets (#261, fixes #254)
  • Properly escape embedded JS/JSON (#262)

• Bug Fix </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 9eb7499 v3.6.0
• 9c582cf Add changelog entry about readability improvement
• ea074c1 Merge pull request #323 from lemonmade/fix-self-global-object
• 2116b66 Allow self for globalObject in async chunks
• f49796f Merge pull request #320 from lorenzos/font-and-tooltip-opacity
• 84044cd Improved readability of translucent tooltips
• df49b19 Fixed serif font when Verdana is not available
• 7fd44c9 v3.5.2
• c619d51 Merge pull request #317 from bregenspan/fix-checked-bundles-not-updating
• 2b685ed Update changelog with checkbox fix
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary>

• ab73503 Bump to v4.5.0.
• a4f7d4c Rebuild lodash and docs.
• cca5ac6 Fix npm-test by removing the call to test-docs.
• 9f7f9fc Adjust heading order. [ci skip]
• 6e2fb92 Remove unused baseArity.
• 4f702e2 Specify utf8 encoding.
• b188f90 Add fp tests for iteratee shorthands.
• 7b93dc9 Ensure clone methods clone expando properties of boolean, number, & string ob...
• 664d66a Make string tests more consistent.
• d9dc0e6 Add _.invertBy tests.
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary>

• 754f0c2 1.3.2
• 90ee1fa ensure keys are valid when mixing in values
• See full diff in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version. </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps js-yaml from 3.12.1 to 3.13.1. <details> <summary>Changelog</summary>

Sourced from js-yaml's changelog.

[3.13.1] - 2019-04-05

Security

• Fix possible code execution in (already unsafe) .load(), #480.

[3.13.0] - 2019-03-20

Security

• Security fix: safeLoad() can hang when arrays with nested refs used as key. Now throws exception for nested arrays. #475.

[3.12.2] - 2019-02-26

Fixed

• Fix noArrayIndent option for root level, #468. </details> <details> <summary>Commits</summary>

• 665aadd 3.13.1 released
• da8ecf2 Browser files rebuild
• b2f9e88 Merge pull request #480 from nodeca/toString
• e18afbf Fix possible code execution in (already unsafe) load()
• 9d4ce5e 3.13.0 released
• f64c673 Browser files rebuild
• a567ef3 Restrict data types for object keys
• 59b6e76 Fix test name
• e4267fc 3.12.2 released
• 7231a49 Browser files rebuild
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps lodash from 4.17.11 to 4.17.15. <details> <summary>Commits</summary>

• ddfd9b1 Bump to v4.17.15.
• b185fce Rebuild lodash and docs.
• be87d30 Bump to v4.17.14.
• a6fe6b1 Rebuild lodash and docs.
• e371828 Bump to v4.17.13.
• 357e899 Rebuild lodash and docs.
• fd9a062 Bump to v4.17.12.
• e77d681 Rebuild lodash and docs.
• 629d186 Update OpenJS references.
• 2406eac Fix minified build.
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps lodash.merge from 4.6.1 to 4.6.2. <details> <summary>Commits</summary>

• See full diff in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps handlebars from 4.0.11 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

• fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
• fix: add more properties required to be enumerable - 1988878

Chores / Build:

• fix: use !== 0 instead of != 0 - c02b05f
• add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

• The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

• Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
• The semantics have not changed in cases where the properties are enumerable, as in:

{
  __proto__: 'some string'
}

• The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

• fix: use String(field) in lookup when checking for "constructor" - d541378
• test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

• no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• c819c8b v4.5.3
• 827c9d0 Update release notes
• f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
• 1988878 fix: add more properties required to be enumerable
• 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
• 0817dad test: add sinon as global variable to eslint in the specs
• 93516a0 test: add sinon.js for spies, deprecate current assertions
• 93e284e chore: add chai and dirty-chai for better test assertions
• c02b05f fix: use !== 0 instead of != 0
• 8de121d v4.5.2
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Superseded by #12.

Bumps handlebars from 4.0.11 to 4.5.1. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.1 - October 29th, 2019

Bugfixs

• fix: move "eslint-plugin-compat" to devDependencies - 5e9d17f (#1589)

Compatibility notes:

• No compatibility issues are to be expected

Commits

v4.5.0 - October 28th, 2019

Features / Improvements

• Add method Handlebars.parseWithoutProcessing (#1584) - 62ed3c2
• add guard to if & unless helpers (#1549)
• show source location for the strict lookup exceptions - feb60f8

Bugfixes:

• Use objects for hash value tracking - 7fcf9d2

Chore:

• Resolve deprecation warning message from eslint while running eslint (#1586) - 7052e88
• chore: add eslint-plugin-compat and eslint-plugin-es5 - 088e618

Compatibility notes:

• No compatibility issues are to be expected

Commits

v4.4.5 - October 20th, 2019

Bugfixes:

• Contents of raw-blocks must be matched with non-eager regex-matching - 8d5530e, #1579

Commits

v4.4.4 - October 20th, 2019

Bugfixes:

• fix: prevent zero length tokens in raw-blocks (#1577, #1578) - f1752fe

Chore:

• chore: link to s3 bucket with https, add "npm ci" to build instructions - 0b593bf

Compatibility notes:

• no compatibility issues are expected

Commits

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 7ef8617 v4.5.1
• b75e3e1 Update release notes
• 5e9d17f fix: move "eslint-plugin-compat" to devDependencies
• b24797d v4.5.0
• a243067 Update release notes
• 088e618 chore: add eslint-plugin-compat and eslint-plugin-es5
• 7052e88 Resolve deprecation warning message from eslint while running eslint (#1586)
• b8913fc Add missing types for the Exception class properties (#1583)
• 62ed3c2 Add Handlebars.parseWithoutProcessing (#1584)
• 7fcf9d2 Use objects for hash value tracking
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps handlebars from 4.0.12 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

• fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
• fix: add more properties required to be enumerable - 1988878

Chores / Build:

• fix: use !== 0 instead of != 0 - c02b05f
• add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

• The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

• Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
• The semantics have not changed in cases where the properties are enumerable, as in:

{
  __proto__: 'some string'
}

• The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

• fix: use String(field) in lookup when checking for "constructor" - d541378
• test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

• no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• c819c8b v4.5.3
• 827c9d0 Update release notes
• f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
• 1988878 fix: add more properties required to be enumerable
• 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
• 0817dad test: add sinon as global variable to eslint in the specs
• 93516a0 test: add sinon.js for spies, deprecate current assertions
• 93e284e chore: add chai and dirty-chai for better test assertions
• c02b05f fix: use !== 0 instead of != 0
• 8de121d v4.5.2
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Superseded by #12.

Superseded by #11.

Bumps bootstrap from 3.0.0 to 3.4.1.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps handlebars from 4.0.11 to 4.7.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.7.3 - February 5th, 2020

Chore/Housekeeping:

• #1644 - Download links to aws broken on handlebarsjs.com - access denied (@​Tea56)
• Fix spelling and punctuation in changelog - d78cc73

Bugfixes:

• Add Type Definition for Handlebars.VERSION, Fixes #1647 - 4de51fe
• Include Type Definition for runtime.js in Package - a32d05f

Compatibility notes:

• No incompatibilities are to be expected

Commits

v4.7.2 - January 13th, 2020

Bugfixes:

• fix: don't wrap helpers that are not functions - 9d5aa36, #1639

Chore/Build:

• chore: execute saucelabs-task only if access-key exists - a4fd391

Compatibility notes:

• No breaking changes are to be expected

Commits

v4.7.1 - January 12th, 2020

Bugfixes:

• fix: fix log output in case of illegal property access - f152dfc
• fix: log error for illegal property access only once per property - 3c1e252

Compatibility notes:

• no incompatibilities are to be expected.

Commits

v4.7.0 - January 10th, 2020

Features: </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• c978969 v4.7.3
• 9278f21 Update release notes
• d78cc73 Fixes spelling and punctuation
• 4de51fe Add Type Definition for Handlebars.VERSION, Fixes #1647
• a32d05f Include Type Definition for runtime.js in Package
• ad63f51 chore: add missing "await" in aws-s3 publishing code
• 586e672 v4.7.2
• f0c6c4c Update release notes
• a4fd391 chore: execute saucelabs-task only if access-key exists
• 9d5aa36 fix: don't wrap helpers that are not functions
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps handlebars from 4.0.12 to 4.5.1. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.1 - October 29th, 2019

Bugfixs

• fix: move "eslint-plugin-compat" to devDependencies - 5e9d17f (#1589)

Compatibility notes:

• No compatibility issues are to be expected

Commits

v4.5.0 - October 28th, 2019

Features / Improvements

• Add method Handlebars.parseWithoutProcessing (#1584) - 62ed3c2
• add guard to if & unless helpers (#1549)
• show source location for the strict lookup exceptions - feb60f8

Bugfixes:

• Use objects for hash value tracking - 7fcf9d2

Chore:

• Resolve deprecation warning message from eslint while running eslint (#1586) - 7052e88
• chore: add eslint-plugin-compat and eslint-plugin-es5 - 088e618

Compatibility notes:

• No compatibility issues are to be expected

Commits

v4.4.5 - October 20th, 2019

Bugfixes:

• Contents of raw-blocks must be matched with non-eager regex-matching - 8d5530e, #1579

Commits

v4.4.4 - October 20th, 2019

Bugfixes:

• fix: prevent zero length tokens in raw-blocks (#1577, #1578) - f1752fe

Chore:

• chore: link to s3 bucket with https, add "npm ci" to build instructions - 0b593bf

Compatibility notes:

• no compatibility issues are expected

Commits

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 7ef8617 v4.5.1
• b75e3e1 Update release notes
• 5e9d17f fix: move "eslint-plugin-compat" to devDependencies
• b24797d v4.5.0
• a243067 Update release notes
• 088e618 chore: add eslint-plugin-compat and eslint-plugin-es5
• 7052e88 Resolve deprecation warning message from eslint while running eslint (#1586)
• b8913fc Add missing types for the Exception class properties (#1583)
• 62ed3c2 Add Handlebars.parseWithoutProcessing (#1584)
• 7fcf9d2 Use objects for hash value tracking
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Superseded by #11.

Bumps handlebars from 4.0.12 to 4.7.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.7.3 - February 5th, 2020

Chore/Housekeeping:

• #1644 - Download links to aws broken on handlebarsjs.com - access denied (@​Tea56)
• Fix spelling and punctuation in changelog - d78cc73

Bugfixes:

• Add Type Definition for Handlebars.VERSION, Fixes #1647 - 4de51fe
• Include Type Definition for runtime.js in Package - a32d05f

Compatibility notes:

• No incompatibilities are to be expected

Commits

v4.7.2 - January 13th, 2020

Bugfixes:

• fix: don't wrap helpers that are not functions - 9d5aa36, #1639

Chore/Build:

• chore: execute saucelabs-task only if access-key exists - a4fd391

Compatibility notes:

• No breaking changes are to be expected

Commits

v4.7.1 - January 12th, 2020

Bugfixes:

• fix: fix log output in case of illegal property access - f152dfc
• fix: log error for illegal property access only once per property - 3c1e252

Compatibility notes:

• no incompatibilities are to be expected.

Commits

v4.7.0 - January 10th, 2020

Features: </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• c978969 v4.7.3
• 9278f21 Update release notes
• d78cc73 Fixes spelling and punctuation
• 4de51fe Add Type Definition for Handlebars.VERSION, Fixes #1647
• a32d05f Include Type Definition for runtime.js in Package
• ad63f51 chore: add missing "await" in aws-s3 publishing code
• 586e672 v4.7.2
• f0c6c4c Update release notes
• a4fd391 chore: execute saucelabs-task only if access-key exists
• 9d5aa36 fix: don't wrap helpers that are not functions
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps webpack-dev-server from 2.11.5 to 3.1.11. <details> <summary>Release notes</summary>

Sourced from webpack-dev-server's releases.

v3.1.11

<a name="3.1.11"></a>

3.1.11 (2018-12-21)

Bug Fixes

• bin/options: correct check for color support (options.color) (#1555) (55398b5)
• package: update spdy v3.4.1...4.0.0 (assertion error) (#1491) (#1563) (7a3a257)
• Server: correct node version checks (#1543) (927a2b3)
• Server: mime type for wasm in contentBase directory (#1575) (#1580) (fadae5d)
• add url for compatibility with webpack@5 (#1598) (#1599) (68dd49a)
• check origin header for websocket connection (#1603) (b3217ca)

v3.1.10

2018-10-23

Bug Fixes

• options: add writeToDisk option to schema (#1520) (d2f4902)
• package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#1537) (e719959)
• Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#1531) (c12def3)

v3.1.9

No release notes provided.

v3.1.8

2018-09-06

Bug Fixes

• package: yargs security vulnerability (dependencies) (#1492) (8fb67c9)
• utils/createLogger: ensure quiet always takes precedence (options.quiet) (#1486) (7a6ca47)

v3.1.7

2018-08-29

Bug Fixes

• Server: don't use spdy on node >= v10.0.0 (#1451) (8ab9eb6)

v3.1.6

2018-08-26

Bug Fixes

</tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from webpack-dev-server's changelog.

3.1.11 (2018-12-21)

Bug Fixes

• bin/options: correct check for color support (options.color) (#1555) (55398b5)
• package: update spdy v3.4.1...4.0.0 (assertion error) (#1491) (#1563) (7a3a257)
• Server: correct node version checks (#1543) (927a2b3)
• Server: mime type for wasm in contentBase directory (#1575) (#1580) (fadae5d)
• add url for compatibility with webpack@5 (#1598) (#1599) (68dd49a)
• check origin header for websocket connection (#1603) (b3217ca)

<a name="3.1.10"></a>

3.1.10 (2018-10-23)

Bug Fixes

• options: add writeToDisk option to schema (#1520) (d2f4902)
• package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#1537) (e719959)
• Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#1531) (c12def3)

<a name="3.1.9"></a>

3.1.9 (2018-09-24)

<a name="3.1.8"></a>

3.1.8 (2018-09-06)

Bug Fixes

• package: yargs security vulnerability (dependencies) (#1492) (8fb67c9)
• utils/createLogger: ensure quiet always takes precedence (options.quiet) (#1486) (7a6ca47)

<a name="3.1.7"></a>

3.1.7 (2018-08-29)

Bug Fixes

• Server: don't use spdy on node >= v10.0.0 (#1451) (8ab9eb6)

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• See full diff in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Looks like webpack-dev-server is up-to-date now, so this is no longer needed.

Bumps springframework.version from 4.3.13.RELEASE to 5.2.3.RELEASE.

Updates spring-core from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-core's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-web from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-web's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-webmvc from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-webmvc's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-tx from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-tx's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-orm from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-orm's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-context from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-context-support from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context-support's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-aspects from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-aspects's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps bootstrap from 4.1.3 to 4.3.1. <details> <summary>Release notes</summary>

Sourced from bootstrap's releases.

v4.3.1

• Security: Fixed an XSS vulnerability (CVE-2019-8331) in our tooltip and popover plugins by implementing a new HTML sanitizer
• Fixed a small issue with our RFS (responsive font sizes) mixins

v4.3.0

Highlights

• New: Added .stretched-link utility to make any anchor the size of it's nearest position: relative parent, perfect for entirely clickable cards!
• New: Added .text-break utility for applying word-break: break-word
• New: Added .rounded-sm and .rounded-lg for small and large border-radius.
• New: Added .modal-dialog-scrollable modifier class for scrolling content within a modal.
• New: Added responsive .list-group-horizontal modifier classes for displaying list groups as a horizontal row.
• Improved: Reduced our compiled CSS by using null for variables that by default inherit their values from other elements (e.g., $headings-color was inherit and is now null until you modifier it in your custom CSS).
• Improved: Badge focus styles now match their background-color like our buttons.
• Fixed: Silenced bad selectors in our JS plugins for the href HTML attribute to avoid JavaScript errors. Please try to use valid selectors or the data-target HTML attribute/target option where available.
• Fixed: Reverted v4.2.1's change to the breakpoint and grid container Sass maps that blocked folks from upgrading when modifying those default variables.
• Fixed: Restored white-space: nowrap to .dropdown-toggle (before v4.2.1 it was on all .btns) so carets don't wrap to new lines.
• Deprecated: img-retina, invisible, float, and size mixins are now deprecated and will be removed in v5.

Links

• Read the full ship list
• Review the project board

v4.2.1

Bump to v4.2.1 to republish package on npm. See v4.2.0 release notes for changes introduced in v4.2.

v4.2.0

Here are the highlights of what's new and updated in v4.2.

• New: Added a new spinner loading component.
• New: Added new toast component for displaying notifications.
• New: Added a new iOS style switch (a modifier class to our custom checkboxes).
• New: Added touch support in our carousel component.
• New: Added .font-weight-lighter and .font-weight-bolder utilities.
• New: Added .text-decoration-none utility class.
• New: Added .modal-xl modifier class for our modals.
• New: Added new negative margin utility classes (e.g., .mb-n3). These rad new classes not only allow you more control over your general spacing needs, but also allow you to create responsive grid gutters at each breakpoint.
• New: Validated form fields now have feedback icons on :invalid and :valid fields. Disable them with the $enable-validation-icons boolean Sass variable (defaults to true).
• New: Added a new versions page to our docs
• New: Tooltips/Popovers work with Shadow DOM
• Updated: Redesigned the custom checkboxes and radios for more obvious states.
• Updated: bootstrap-grid.css now includes our margin and padding utilities for full control of our grid system.
• Updated: Changed auto columns (e.g., .col-auto) from max-width: none to max-width: 100% to prevent content from causing a column to overflow the parent.
• Updated: Improved rendering of custom selects, ranges, file input, and more.

Checkout the full v4.2.0 ship list and GitHub project for the full details. Up next is v4.3 with some bugfixes, a few new modifier classes and variables, and some new utilities.

Head to to the v4.2.x docs to see the latest in action. The full release has been published to npm and will soon appear on the Bootstrap CDN and Rubygems. </details> <details> <summary>Commits</summary>

• 8fa0d30 Release v4.3.1. (#28252)
• dae20da Remove unneeded glob. (#28249)
• 10b97f6 Fix npm package contents
• 7bc4d2e Add sanitize template option for tooltip/popover plugins.
• bf2515a Update RFS to v8.0.1 (#28245)
• 45ced60 Update font size (#28232)
• 1ded0d6 Release v4.3.0 (#28228)
• 3aa0770 docs snippets: a few more minor tweaks (#28225)
• adf16da toasts.md: Remove useless divs.
• 2bfe581 Remove stray parameter from capture.
• Additional commits viewable in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by xhmikosr, a new releaser for bootstrap since your current version. </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps Microsoft.AspNetCore.All from 2.0.3 to 2.0.9. <details> <summary>Commits</summary>

• 84d6a54 Merge 2.0.9 into release/2.0
• 43ec723 Merge branch release/2.0
• cc0e039 Add required infrastructure improvements to submodules to support NETStandard...
• 9030255 Merge branch 'release/2.0'
• 1895502 Update the LZMA to include NETStandard.Library 2.0.3
• e7c57af Upgrade to NETCore.App 2.0.9 (#29)
• 8fd6124 Merge branch 'release/2.0'
• 93f2e99 Fix for uploading blobs to private Azure blob containers
• aa91b80 Add script used to deploy blobs to Azure storage
• b1f55ff Merge branch 'release/2.0' of release/2.0.9
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps springframework.version from 4.3.13.RELEASE to 5.2.3.RELEASE.

Updates spring-core from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-core's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-web from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-web's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-webmvc from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-webmvc's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-tx from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-tx's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-orm from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-orm's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-context from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-context-support from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context-support's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Looks like these dependencies are updatable in another way, so this is no longer needed.

Bumps spring-data-jpa from 1.10.2.RELEASE to 1.11.23.RELEASE.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps jackson-databind from 2.6.3 to 2.9.10.1. <details> <summary>Commits</summary>

• See full diff in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps mongoose from 5.7.1 to 5.7.5. <details> <summary>Changelog</summary>

Sourced from mongoose's changelog.

5.7.14 / 2019-12-06

• fix(cursor): wait until all eachAsync() functions finish before resolving the promise #8352
• fix(update): handle embedded discriminator paths when discriminator key is defined in the update #8378
• fix(schematype): handle passing message function to SchemaType#validate() as positional arg #8360
• fix(map): handle cloning a schema that has a map of subdocuments #8357
• docs(schema): clarify that uppercase, lowercase, and trim options for SchemaString don't affect RegExp queries #8333

5.7.13 / 2019-11-29

• fix: upgrade mongodb driver -> 3.3.5 #8383
• fix(model): catch the error when insertMany fails to initialize the document #8365 #8363 Fonger
• fix(schema): add array.$, array.$.$ subpaths for nested arrays #6405
• docs(error): add more detail about the ValidatorError class, including properties #8346
• docs(connection): document Connection#models property #8314

5.7.12 / 2019-11-19

• fix: avoid throwing error if calling push() on a doc array with no parent #8351 #8317 #8312 AbdelrahmanHafez
• fix(connection): only buffer for "open" events when calling connection helper while connecting #8319
• fix(connection): pull default database from connection string if specified #8355 #8354 zachazar
• fix(populate+discriminator): handle populating document whose discriminator value is different from discriminator model name #8324
• fix: add mongoose.isValidObjectId() function to test whether Mongoose can cast a value to an objectid #3823
• fix(model): support setting excludeIndexes as schema option for subdocs #8343
• fix: add SchemaMapOptions class for options to map schematype #8318
• docs(query): remove duplicate omitUndefined options #8349 mdumandag
• docs(schema): add Schema#paths docs to public API docs #8340

5.7.11 / 2019-11-14

• fix: update mongodb driver -> 3.3.4 #8276
• fix(model): throw readable error when casting bulkWrite update without a 'filter' or 'update' #8332 #8331 AbdelrahmanHafez
• fix(connection): bubble up connected/disconnected events with unified topology #8338 #8337
• fix(model): delete $versionError after saving #8326 #8048 Fonger
• test(model): add test for issue #8040 #8341 Fonger

5.7.10 / 2019-11-11

• perf(cursor): remove unnecessary setTimeout() in eachAsync(), 4x speedup in basic benchmarks #8310
• docs(README): re-order sections for better readability #8321 dandv
• chore: make npm test not hard-code file paths #8322 stieg

5.7.9 / 2019-11-08

• fix(schema): support setting schema path to an instance of SchemaTypeOptions to fix integration with mongoose-i18n-localize #8297 #8292
• fix(populate): make retainNullValues set array element to null if foreign doc with that id was not found #8293
• fix(document): support getter setting virtual on manually populated doc when calling toJSON() #8295
• fix(model): allow objects with toBSON() to make it to save() #8299

5.7.8 / 2019-11-04 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 40a879b chore: release 5.7.5
• 159457d chore: add vpn black friday as sponsor
• e6285ea Merge pull request #8244 from AbdelrahmanHafez/master
• d9163f5 fix: correct order for declaration
• cec9dda Minor refactor to ValidationError
• 13ae085 docs(index): add favicon to home page
• 96ce0eb style: fix lint
• 973b1e0 docs: add schema options to API docs
• cdfb507 chore: add useUnifiedTopology for tests re: #8212
• 936ddfb fix(update): handle subdocument pre('validate') errors in update validation
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps spring.version from 4.3.6.RELEASE to 5.2.3.RELEASE.

Updates spring-core from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-core's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-web from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-web's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-oxm from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-oxm's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-tx from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-tx's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-jdbc from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-jdbc's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-webmvc from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-webmvc's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-aop from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-aop's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

• 0ddc62e Release version 5.2.3.RELEASE
• 8740c2d Warning against split URL handling in docs
• 5debd86 Upgrade to Reactor Dysprosium SR3
• 1c270d8 Fix Checkstyle violation
• 29fe65d Upgrade to Dysprosium snapshots
• 8a60867 Polishing regarding AJDT versions
• 33ffdd8 Update copyright date
• c84dd55 Fix typo in ReflectionUtilsTests
• cbc5746 Support for maxInMemorySize in SSE reader
• a741ae4 Improve limit handling in StringDecoder
• Additional commits viewable in compare view </details> <br />

Updates spring-context-support from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context-support's releases.

v5.2.3.RELEASE

:star: New Features

• Update throwable to SQLException #24337
• Update CORS support #24327
• Improve exception message in AopContext.currentProxy() #24321
• Trim line in LineInfo only once #24310
• Merge getCallableInterceptors and getDeferredResultInterceptors #24305
• Optimize SimpleAliasRegistry hasAlias implementation #24295
• Improve ExposeInvocationInterceptor exception message #24293
• Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
• StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
• Add fast path for ClassUtils.hasMethod #24282
• Support headers with multiple values in ResponseStatusException #24261
• Remove quality parameter from chosen media type in WebFlux responses #24239
• Remove Content-* response headers before error handling in WebFlux #24238
• Reuse InputStream for ResourceRegionHttpMessageConverter #24214
• Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
• Simplify AdvisedSupport.removeAdvisor() #24205
• Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
• Short-circuit in AbstractBeanDefinition.equals() #24185
• Expose local address in reactive ServerHttpRequest #24174
• Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
• Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
• Add "application/*+xml" as supported media type to XML decoders #24164
• Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
• Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
• Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
• Support variable resolution of wildcard types #24145
• WebTestClientExtensions.expectBody doesn't work for generic types #24142
• Add firstElement to CollectionUtils #24135
• Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
• Introduce BeanNameGenerator based on fully qualified class name #24114
• ContentDisposition cannot parse encoded filename with leading space #24112
• Add option to encode MultiValueMap of query params #24043
• AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
• Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

• StringDecoder buffer leak related to maxInMemorySize limit #24339
• Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
• SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
• ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
• Unsafe double-checked locking in SpelExpression#compileExpression #24265
• Ensure CORS processing does not add Vary header twice on async requests #24223
• Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
• ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
• ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
• Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>