Skip to content

build(deps): Bump org.springframework:spring-web from 6.2.11 to 7.0.0#3116

Closed
dependabot[bot] wants to merge 2 commits intomasterfrom
dependabot/maven/org.springframework-spring-web-7.0.0
Closed

build(deps): Bump org.springframework:spring-web from 6.2.11 to 7.0.0#3116
dependabot[bot] wants to merge 2 commits intomasterfrom
dependabot/maven/org.springframework-spring-web-7.0.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 14, 2025
edited
Loading

Bumps org.springframework:spring-web from 6.2.11 to 7.0.0.

Release notes

Sourced from org.springframework:spring-web's releases.

v7.0.0

⭐ New Features

  • Make SessionHolder publicly accessible for external resource management #35799
  • RouterFunctions Builders do not support ServerResponse subtypes #35791
  • Configure Jackson CBOR codecs by default if present #35787
  • Rename maxAttempts to maxRetries in @Retryable and RetryPolicy #35772
  • Prevent Kotlin Serialization side effects #35761
  • Add default API version to the list of supported versions #35755
  • Improve user check in TransportHandlingSockJsService #35753
  • Update ApiVersionDeprecationHandler to provide access to handler #35750
  • Use dedicated classes for ApiVersionResolver implementations #35747
  • Provide AOT support for @Nested classes in a @ParameterizedClass #35744
  • AssertJ support for WebTestClient #35737
  • Reject attempt to use @MockitoSpyBean with a scoped proxy #35722
  • Provide a way to supply the client builder for an HttpServiceGroup #35707
  • Review HttpMessageConverters.Builder to improve readability of code using the API #35704
  • Configure custom Kotlin Serialization converter on HttpMessageConverters #35733

🐞 Bug Fixes

  • Missing support for UnprocessableContent in WebClientResponseException.create(HttpStatusCode, ..) methods #35802
  • Relax media type checks in HttpMessageConverters #35801
  • Fix HttpHeaders and WebSocketHttpHeaders interop issues #35792
  • @ConcurrencyLimit weird behavior when combined with @Async and @Transactional #35788
  • buildSrc:test failing on JDKs before JDK 25 #35777
  • Add jar validation and fix multi-release jar #35768
  • Upgrade to JUnit 6.0.1 and prevent AOT test scanning failure for JUnit 4 tests #35740
  • Fix port handling in HtmlUnitRequestBuilder #35709
  • RestTestClient.mutate() should not have side effects #35698

📔 Documentation

  • Document workaround for @PersistenceContext and @PersistenceUnit in test classes in AOT #31442

🔨 Dependency Upgrades

  • Upgrade to Jetty 12.1.4 #35805
  • Upgrade to Micrometer 1.16.0 #35811
  • Upgrade to Reactor 2025.0.0 #35779

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Sineaggi and @​UpStreamThomas

v7.0.0-RC3

⭐ New Features

... (truncated)

Commits
  • fe00848 Release v7.0.0
  • 333031e Merge branch '6.2.x'
  • ed444eb Next development version (v6.2.14-SNAPSHOT)
  • 888d0f9 Upgrade to Micrometer 1.16.0
  • 08798e0 Merge branch '6.2.x'
  • da31750 Upgrade to Micrometer 1.14.13
  • b853203 Upgrade to Reactor 2024.0.12
  • 89e0273 Fix UnprocessableContent support in WebClientResponseException
  • 8c4b30a Merge branch '6.2.x'
  • 2b04df0 Upgrade to Jetty 12.0.30
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
org.springframework:spring-web [>= 5.a, < 6]
org.springframework:spring-web [>= 6.a, < 7]

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Note: Dependabot was ignoring updates to this dependency, but since you've updated it yourself we've started tracking it for you again. 🤖

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Nov 14, 2025
@github-actions github-actions bot enabled auto-merge November 14, 2025 05:02
@dependabot
build(deps): Bump org.springframework:spring-web from 6.2.11 to 7.0.0
c81c8d7 
Bumps [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) from 6.2.11 to 7.0.0.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.11...v7.0.0)

---
updated-dependencies:
- dependency-name: org.springframework:spring-web
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/maven/org.springframework-spring-web-7.0.0 branch from f007732 to c81c8d7 Compare November 14, 2025 05:13
@DidierLoiseau DidierLoiseau mentioned this pull request Nov 17, 2025
Closed
@velo
fix: adapt to Spring 7.0 HttpHeaders API changes
8e90960 
Signed-off-by: Marvin Froeder <velo.br@gmail.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 21, 2025

A newer version of org.springframework:spring-web exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

@velo
Copy link
Member

velo commented Feb 6, 2026

Will be included in #3187 as part of full Spring upgrade

@velo velo closed this Feb 6, 2026
auto-merge was automatically disabled February 6, 2026 15:45

Pull request was closed

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 6, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/maven/org.springframework-spring-web-7.0.0 branch February 6, 2026 15:45
@velo velo mentioned this pull request Feb 6, 2026
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@velo