Bump spring-web from 5.3.0 to 5.3.1

[dependabot]

Bumps spring-web from 5.3.0 to 5.3.1.

Release notes

Sourced from spring-web's releases.

v5.3.1

⭐ New Features

• Expose a public method "isClosed" to indicate whether the connection has been closed in WebSocketSession (WebFlux) #26043
• WebFlux missing programmatic handling of MappingJacksonValue #26035
• Optimize locking in AspectJProxyFactory for concurrent aspect instantiation #26034
• Upgrade SpelCompiler bytecode level to 1.8 and optimize for concurrent access #26033
• MergedAnnotationCollectors.toAnnotationSet() should not create intermediate ArrayList #26031
• SpEL doesn't work nicely with records #26029
• StompSubProtocolHandler logs failed authentication with error stack trace #26026
• Expose toEntityFlux methods in WebClient.ResponseSpec #26023
• Improve AdvisedSupport.getAdvisors() #26017
• Improve URI/query strings sanitization #26012
• DefaultSimpUserRegistry prevents event from being published if original SimpMessageHeaderAccessor cannot be found #26010
• DefaultWebClientBuilder copies references #25992
• Inefficient request handling inside ServletRequestDataBinder #25986
• Avoid multiple volatile reads/writes in a row where only one is enough #25899
• Allows Jackson2 encoders to log Throwable reason for not being able to serialize or deserialize #25892
• Mechanism to access request bound objects in WebClient filter in servlet env #25710

🪲 Bug Fixes

• Cannot be cast to class Publisher error with non suspending @Transactional functions #26052
• Fix wrong reference in UrlPathHelper.removeSemicolonContentInternal() #26050
• setTaskScheduler in StompBrokerRelayRegistration breaks chaining #26049
• Add FullyQualifiedAnnotationBeanNameGenerator.INSTANCE #26025
• Autowiring does not work reliably in case of dynamically changing prototype bean class #26019
• Order of profiles in tests is not preserved #26004
• @Transactional on suspending function returning a value always rollbacks #25998
• SseEmitter: connection closed after first event #25987
• @Nonnull annotation breaks ServletRequestMethodArgumentResolver for Principal #25981
• Spring MVC's locale resolver can no longer be customized in parent context #25290

📔 Documentation

• Fix kotlin example code which does not compile #26016
• Fix a broken Asciidoctor syntax in core-resources.adoc #25999

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

• @izeye
• @aksh1618
• @NaNrailgun
• @Anusien
• @mindhaq
• @evpaassen
• @stsypanov
• @hzmpay

Commits

• 967637d Release v5.3.1
• 2899652 Fix checkstyle violation
• 560a504 Polishing in DefaultWebClient
• 79f79e9 WebClient method to populate the Reactor Context
• bd2640a Strict nullability for field assignment
• 6825287 Polishing
• 737d77a Fix @Transactional support on functions returning Flow
• 1f13516 Fix @Transactional support on suspending function
• 6bb3ad7 Add isOpen to WebSocketSession in WebFlux
• c73cff8 Use RxJava 2/3 fromPublisher() when possible in ReactiveAdapterRegistry
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities (and 0 Security Hotspots to review)
0 Code Smells

No Coverage information
No Duplication information