Update Spring All

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
org.springframework:spring-webmvc	6.2.15 → 6.2.17
org.springframework.boot:spring-boot-starter-aop (source)	3.5.10 → 3.5.12
org.springframework.boot:spring-boot-starter-test (source)	3.5.10 → 3.5.12
org.springframework.boot:spring-boot-starter-actuator (source)	3.5.10 → 3.5.12
org.springframework.boot:spring-boot-starter-validation (source)	3.5.10 → 3.5.12
org.springframework.boot:spring-boot (source)	3.5.10 → 3.5.12

---

Release Notes

spring-projects/spring-framework (org.springframework:spring-webmvc)

v6.2.17

⭐ New Features

• Leverage ResourceHandlerUtils in ScriptTemplateView #​36459
• Restore ScriptTemplateViewTests #​36457
• Fix log message in ConfigurationClassBeanDefinitionReader #​36454
• Resolve context initializers only once in AbstractTestContextBootstrapper #​36431
• Exclude legacy @javax.validation.Constraint from convention-based annotation attribute override check #​36412
• Optimize MediaType(MediaType, Charset) constructor #​36351
• Optimize the addition of a charset to the MediaType in AbstractHttpMessageConverter #​36350
• Consistent adaptation of HTTP headers on Servlet responses #​36345
• Improve performance of validation groups determination in WebFlux #​36337
• Detect all common size exceptions from Tomcat and Commons FileUpload 2.x #​36324

🐞 Bug Fixes

• Guard against invalid id/event values in Server Sent Events #​36442
• Incomplete debug message in ConfigurationClassBeanDefinitionReader #​36411
• Inconsistent ApplicationEventMulticaster state after removing ApplicationListener implemented by FactoryBean #​36405
• Graceful shutdown of SimpleAsyncTaskExecutor #​36384
• HttpMediaTypeException thrown when calculating compatible media types #​36363
• ResolvableType#getGenerics() breaks serialization #​36347
• Multipart upload leak on client abort (ByteBuf.release() not called) #​36327

📔 Documentation

• Document @Fallback alongside Primary in the reference manual and @Bean Javadoc #​36441
• Document registration recommendations for BeanPostProcessor and BeanFactoryPostProcessor #​36436
• Fix links to UriComponentsBuilder and polish examples #​36406
• Emphasize @Configuration classes over XML and Groovy in testing chapter #​36394
• Polish SpEL operator examples in reference docs #​36375

🔨 Dependency Upgrades

• Upgrade to JUnit 5.14.3 #​36388
• Upgrade to Micrometer 1.15.10 #​36446
• Upgrade to Reactor 2024.0.16 #​36445

v6.2.16

⭐ New Features

• Improve performance of hashcode calculations for request mappings #​36297
• Improve performance of HandlerMethod bean lookup #​36296
• Improve performance of validation groups determination #​36295
• Improve performance of single pattern request mappings #​36294
• Optimize NamedParameterUtils#buildValueArray by lazily fetching SqlParameter #​36232
• Consistently close streams through try-with-resources in FileCopyUtils #​36224
• SqlBinaryValue and SqlCharacterValue should support InputStream content with undetermined length #​36220
• DataBufferUtils.write() with NettyDataBuffer on JDK 25 hangs indefinitely #​36189
• WebClient (Reactor) attributes on Netty channel do not clear after connection release #​36163
• Reintroduce WebLogicJtaTransactionManager in Spring Framework 6.2.x #​36152
• DisconnectedClientHelper should detect presence of RestClientException and WebClientException separately #​36150
• Add DataAccessException and MessagingException to the excluded outermost exceptions in DisconnectedClientHelper #​36135
• Improve user check in TransportHandlingSockJsService #​36129

🐞 Bug Fixes

• Avoid lock congestion in ConcurrentReferenceHashMap #​36308
• Resolved HttpEntity Controller argument does not reflect mutated HTTP headers #​36301
• AbstractMessageConverter does not support wildcards in supported MIME types #​36286
• Make LocalEntityManagerFactoryBean#setDataSource work on Hibernate as well as EclipseLink #​36272
• Deadlock might occur when calling System.exit on startup (against multiple shutdown hooks) #​36268
• Netty4HeadersAdapter.remove returns empty list instead of null for non-existing key #​36227
• EclipseLinkConnectionHandle can fail against transaction isolation race condition #​36166
• WiretapConnector leaks data buffers when response body not consumed #​36051
• UriComponentsBuilder loses the fragment when it consists of only a single character #​36035
• SimpleBeanInfoFactory fails to reliably resolve read/write methods in type hierarchies with unresolved generics #​36026

📔 Documentation

• Fix links to JUnit User Guide #​36218
• Fix LocalContainerEntityManagerFactoryBean#setPersistenceUnitName javadoc #​36206
• Update documentation on trailing slash handling where type-level @GetMapping("/base") is combined with method level @GetMapping("/") #​36200
• Update documentation on the MediaType used for ProblemDetail #​36193
• Replace getErrors() with getBindingResult() in examples #​36172
• Upgrade Antora dependencies #​36106
• Fix typos and grammar #​36023

🔨 Dependency Upgrades

• Bump fast-xml-parser from 4.5.2 to 5.3.4 in /framework-docs #​36239
• Upgrade to ASM 9.9.1 and Objenesis 3.5 #​36244
• Upgrade to JUnit 5.14.2 #​36148
• Upgrade to Micrometer 1.15.9 #​36290
• Upgrade to Reactor 2024.0.15 #​36289

spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-aop)

v3.5.12

v3.5.11

🐞 Bug Fixes

• Whitespace can be incorrectly removed when spring-boot-configuration-processor runs on multi-line javadoc #​49039
• server.jetty.threads.max is ignored when using virtual threads #​48982
• Docker credential helpers with file extensions cannot be executed on Windows #​48965

📔 Documentation

• Couchbase and Kafka are incorrectly listed as supporting SSL with Docker Compose #​49211
• Document that use of non idiomatic format for '@Value' still apply for environment variables #​49054
• Document naming convention for custom test-scoped starters #​49014
• LICENSE.txt and NOTICE.txt files have the wrong content in the latest releases #​48996
• ApplicationContextAssert documents a non-existent assertion in getFailure() #​48973
• Highlight the importance of the preStop hook when configuring Kubernetes probes #​48936

🔨 Dependency Upgrades

• Upgrade to AssertJ 3.27.7 #​49075
• Upgrade to Groovy 4.0.30 #​49076
• Upgrade to Hibernate 6.6.42.Final #​49077
• Upgrade to Jaybird 6.0.4 #​49078
• Upgrade to JBoss Logging 3.6.2.Final #​49079
• Upgrade to Jetty 12.0.32 #​49080
• Upgrade to jOOQ 3.19.30 #​49081
• Upgrade to Logback 1.5.32 #​49243
• Upgrade to Micrometer 1.15.9 #​49064
• Upgrade to Micrometer Tracing 1.5.9 #​49065
• Upgrade to MySQL 9.6.0 #​49083
• Upgrade to Netty 4.1.131.Final #​49165
• Upgrade to Postgresql 42.7.10 #​49201
• Upgrade to Reactor Bom 2024.0.15 #​49066
• Upgrade to Spring Authorization Server 1.5.6 #​49067
• Upgrade to Spring Data Bom 2025.0.9 #​49068
• Upgrade to Spring Framework 6.2.16 #​49069
• Upgrade to Spring GraphQL 1.4.5 #​49070
• Upgrade to Spring Integration 6.5.7 #​49071
• Upgrade to Spring Kafka 3.3.13 #​49244
• Upgrade to Spring LDAP 3.3.6 #​49072
• Upgrade to Spring Pulsar 1.2.15 #​49073
• Upgrade to Spring Security 6.5.8 #​49225
• Upgrade to Spring Session 3.5.5 #​49074
• Upgrade to Tomcat 10.1.52 #​49084
• Upgrade to Undertow 2.3.23.Final #​49166

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​dsyer, @​linkian209, @​nosan, @​quaff, @​scordio, and @​srt

---

Configuration

📅 Schedule: Branch creation - "after 7am and before 11am every weekday" in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.