Prior to this commit, methods in a @ControllerAdvice bean were
registered and invoked twice if the advice was a scoped bean (e.g.,
request or session scoped). In other words, both the proxy bean and the
target bean were wrapped in ControllerAdviceBean instances.
This commit fixes this bug by modifying the findAnnotatedBeans() method
in ControllerAdviceBean so that it filters out targets of scoped
proxies.
Closes gh-24017
Spring Framework 5.2 introduced support for implementing the Ordered
interface in a @ControllerAdvice bean. This support requires that
@ControllerAdvice beans be eagerly resolved from the BeanFactory in
order to invoke the getOrder() method defined in the Ordered interface.
Unfortunately doing so resulted in a regression in that an attempt to
eagerly resolve a scoped @ControllerAdvice bean throws a
BeanCreationException due to the lack of an active scope (e.g., request
or session scope).
This commit fixes this regression by avoiding eager resolution of scoped
@ControllerAdvice beans. As a direct consequence, the Ordered interface
is not supported for scoped @ControllerAdvice beans.
Closes gh-23985
Previously, spring-webmvc and spring-webflux both contained tests
that would create gzipped files, write them to the filesystem
alongside the project's compiled test classes, and configure them to
be deleted on JVM exit. The output location placed the files on the
classpath, polluting it for every subsequent test that used the same
ClassLoader. The test-sources plugin combined with Gradle's use of
worker JVMs, broadens the scope of this pollution to other, downstream
projects in the same build. For example, the tests for
spring-websocket will have a different classpath depending on whether
or not the tests for spring-webmvc have already been run on the same
worker as part of the current build.
This commit updates the spring-webmvc and spring-webflux modules to
introduce a new JUnit Jupiter extension, GzipSupport. This extension
allows gzipped files to be created via an injectable GzippedFiles
class and automatically deletes each created file in an after-each
callback. This ensures that a gzipped file only exists on the
classpath for the duration of the test that needs it, avoiding the
pollution of the classpath of any subsequent tests.
Closes gh-23970
Previously, the infrastructure provided by WebMvcConfigurationSupport
and WebFluxConfigurationSupport can lead to unexpected results due to
the lack of qualifier for certain dependencies. Those configuration
classes refer to very specific beans, yet their injection points do not
define such qualifiers. As a result, if a candidate exists for the
requested type, the context will inject the existing bean and will
ignore a most specific one as such constraint it not defined. This can
be easily reproduced by having a primary Validator whereas a dedicated
"mvcValidator" is expected. Note that a parameter name is in no way a
constraint as the name is only used as a fallback when a single
candidate cannot be determined.
This commit provides explicit @Qualifier metadata for such injection
points, renaming the parameter name in the process to clarify that it
isn't relevant for the proper bean to be resolved by the context.
Closes gh-23887
Prior to this commit and following changes done in d27b5d0, the CORS
response headers would not be added for SockJS-related requests, even
though a CORS configuration had been applied to SockJS/WebSocket.
This was due to a missing case in our implementation: calling
`AbstractHandlerMapping#getHandlerInternal` can return a Handler
directly, but also a `HandlerExecutionChain` in some cases, as explained
in the Javadoc.
This commit ensures that, when checking for existing CORS configuration,
the `AbstractHandlerMapping` class also considers the
`HandlerExecutionChain` case and unwraps it to get the CORS
configuration from the actual Handler.
Fixes gh-23843
Prior to this commit, the Spring Framework build would partially use the
dependency management plugin to import and enforce BOMs.
This commit applies the dependency management plugin to all Java
projects and regroups all version management declaration in the root
`build.gradle` file (versions and exclusions).
Some versions are overridden in specific modules for
backwards-compatibility reasons or extended support.
This commit also adds the Gradle versions plugin that checks for
dependency upgrades in artifact repositories and produces a report; you
can use the following:
./gradlew dependencyUpdates
This commit prepends "[{index}] " to all custom display names
configured via @ParameterizedTest.
This provides better diagnostics between the "technical names" reported
on the CI server vs. the "display names" reported within a developer's
IDE.
See gh-23451
This commit reorganizes tasks and scripts in the build to only apply
them where they're needed. We're considering here 3 "types" of projects
in our build:
* the root project, handling documentation, publishing, etc
* framework modules (a project that's published as a spring artifact)
* internal modules, such as the BOM, our coroutines support and our
integration-tests
With this change, we're strealining the project configuration for all
spring modules and only applying plugins when needed (typically our
kotlin support).
See gh-23282
This commit removes the JUnit 4 dependency from all modules except
spring-test which provides explicit JUnit 4 support.
This commit also includes the following.
- migration from JUnit 4 assertions to JUnit Jupiter assertions in all
Kotlin tests
- migration from JUnit 4 assumptions in Spring's TestGroup support to
JUnit Jupiter assumptions, based on org.opentest4j.TestAbortedException
- introduction of a new TestGroups utility class than can be used from
existing JUnit 4 tests in the spring-test module in order to perform
assumptions using JUnit 4's Assume class
See gh-23451
Prior to this commit, the Spring Framework build would be using the
propdeps Gradle plugin to introduce two new configurations to the build:
"optional" and "provided". This would also configure related conventions
for IDEs, adding those configurations to published POMs.
This commit removes the need for this plugin and creates instead a
custom plugin for an "optional" configuration. While the Eclipse IDE
support is still supported, there is no need for specific conventions
for IntelliJ IDEA anymore.
This new plugin does not introduce the "provided" scope, as
"compileOnly" and "testCompileOnly" are here for that.
Also as of this commit, optional/provided dependencies are not published
with the Spring Framework modules POMs annymore.
Generally, these dependencies do not provide actionable information to
the developers reading / tools consuming the published POMs.
Optional/Provided dependencies are **not**:
* dependencies you can add to enable some supported feature
* dependencies versions that you can use to figure out CVEs or bugs
* dependencies that might be missing in existing Spring applications
In the context of Spring Framework, optional dependencies are just
libraries are Spring is compiling against for various technical reasons.
With that in mind, we are not publishing that information anymore.
See gh-23282
Sam Brannen
Johnny Lim
Rossen Stoyanchev
Sam Brannen
Andy Wilkinson
stsypanov
Arjen Poutsma
Christoph Dreis
Stephane Nicoll
Brian Clozel
康智冬
Juergen Hoeller
Sebastien Deleuze
Phillip Webb