Commit Graph

31788 Commits

Author SHA1 Message Date
Juergen Hoeller
fb6a6892ef Merge branch '6.1.x' 2024-10-16 11:36:30 +02:00
Juergen Hoeller
feb6a5f52d Polishing 2024-10-16 11:35:23 +02:00
Simon Baslé
dbbc578676 Polishing
Inline `AbstractMockitoTestExecutionListener` since there's now only one
Mockito `TestExecutionListener`.
2024-10-16 10:22:38 +02:00
Simon Baslé
6f79c7e70f Remove support for Mockito annotations and MockitoSession
This change remove the support for Mockito annotations, `MockitoSession`
and opening/closing of mocks that was inherited from Boot's `@MockBean`
support, as well as the switch to `MockitoSession` made in 1c893e6.

Attempting to take responsability for things Mockito's own JUnit
Jupiter extension does better is not ideal, and we found it leads to
several corner cases which make `SpringExtension` and `MockitoExtension`
incompatible in the current approach.

Instead, this change refocuses our Mockito bean overriding support
exclusively on aspects specific to the Framework. `MockitoExtension`
will thus be usable in conjunction with `SpringExtension` if one needs
to use `@Captor`/`@InitMocks`/`@Mock`/`@Spy` or other Mockito utilities.

See gh-33318
Closes gh-33692
2024-10-16 09:40:57 +02:00
rstoyanchev
c261ca3102 Ensure scheme not lowercased if URI variable
Closes gh-33699
2024-10-15 20:50:01 +01:00
rstoyanchev
a63cf06496 Update Javadoc snippets for static resource locations
Switch to FileUrlResource, the same as what is used get with
the "file:" prefix in webmvc and webflux config.

See gh-33712
2024-10-15 19:23:07 +01:00
rstoyanchev
789d7effa9 Assert static resource location
Closes gh-33712
2024-10-15 19:23:07 +01:00
Brian Clozel
f204f4962d Document XML parser usage against security false positives
Prior to this commit, our XML parser usage would be already haredened
against XXE (XML External Entities) attacks. Still, we recently received
several invalid security reports claiming that our setup should be
hardened.

This commit documents a few usages of XML parsers to add some more
context and hopefully prevent future invalid reports.

Closes gh-33713
2024-10-15 18:59:02 +02:00
Habin Song
166714c8f5 Update scheduling.adoc
Change quotation marks to backticks.

Closes gh-33709
2024-10-15 18:21:42 +02:00
Sam Brannen
67cb3c77ec Rename BeanOverrideStrategy enum constants
Closes gh-33701
2024-10-15 18:19:59 +02:00
Rossen Stoyanchev
7ea43bb252 Update SECURITY.md 2024-10-15 17:13:29 +01:00
Brian Clozel
88b684c981 Update security policy and issue template
Because Spring Framework already has a security policy, this shows up in
the issue template automatically. This commit removes the extra external
link and updates the original security policy.

See gh-33711
2024-10-15 17:57:04 +02:00
Brian Clozel
3bc2c91eff Revisit GitHub issue template
Prior to this commit, this repository had a single issue template
markdown file that listed all the information for creating a new issue
in this project. Because there was a lot, people missed warnings against
creating security reports publicly or asking questions in the issue
tracker.

This commit introduces an issue template configuration that provides
developers with a choice before creating the actual issue.

Closes gh-33711
2024-10-15 17:36:48 +02:00
Stéphane Nicoll
7f7de55b67 Merge branch '6.1.x' 2024-10-15 14:59:10 +02:00
Stéphane Nicoll
453849ab20 Upgrade to Reactor 2024.0.0-RC1
Closes gh-33636
2024-10-15 14:57:44 +02:00
Stéphane Nicoll
a228eb8bd6 Upgrade to Reactor 2023.0.11
Closes gh-33637
2024-10-15 14:56:57 +02:00
Stéphane Nicoll
f03f074581 Merge branch '6.1.x' 2024-10-15 09:13:35 +02:00
Stéphane Nicoll
c79b575417 Upgrade to Micrometer 1.14.0-RC1
Closes gh-33648
2024-10-15 09:07:45 +02:00
Stéphane Nicoll
c015814140 Upgrade to Micrometer 1.12.11
Closes gh-33647
2024-10-15 09:06:27 +02:00
rstoyanchev
5099657244 Merge branch '6.1.x' 2024-10-14 18:18:39 +01:00
rstoyanchev
7d3a3d35ce Update valid path checks for double encoding
See gh-33687
2024-10-14 18:14:01 +01:00
rstoyanchev
fb7890d739 Update processPath for double encoding
See gh-33689
2024-10-14 18:13:55 +01:00
Sébastien Deleuze
20cdd192d9 Merge branch '6.1.x' 2024-10-14 19:01:43 +02:00
Habin Song
7c2c4d7c9a Update scheduling.adoc
Change 'OutOfMemoryErrors' to 'OutOfMemoryError'.

Closes gh-33703
2024-10-14 19:01:33 +02:00
Sébastien Deleuze
60978ff4c7 Polish WebRequest Javadoc
See gh-33698
2024-10-14 17:07:07 +02:00
rstoyanchev
cff6db02b4 Merge branch '6.1.x' 2024-10-14 16:00:48 +01:00
rstoyanchev
1a0b577bfc Do not support relative static resource paths
Closes gh-33687
2024-10-14 15:54:59 +01:00
rstoyanchev
3bfbe30a78 Normalize static resource path early
Rather than leaving it to the Resource implementation, and
potentially normalizing twice, we apply it once as part of the
initial processPath checks.

Closes gh-33689
2024-10-14 15:52:15 +01:00
Tran Ngoc Nhan
e191c34078 Polishing
Closes gh-33681
2024-10-14 16:44:42 +02:00
KimJuHyun
5bcce17fd9 Add tests for CollectionUtils
- findValueOfType
- findCommonElementType
- firstElement
- lastElement
- toArray
- compositeMap

Closes gh-33694
2024-10-14 16:10:05 +02:00
Brian Clozel
9be3d85a06 Merge branch '6.1.x' 2024-10-14 15:04:58 +02:00
Brian Clozel
32962894a0 Add runtime hints for JMS connection factories proxies
Prior to this commit, the JMS connection factories would proxy various
interfaces. This typically requires runtime hints for GraalVM native
applications and spring-jms is missing those.

This commit adds a new `ConnectionFactoriesRuntimeHints` that
contributes such hints with type conditions.

Fixes gh-33590
2024-10-14 14:54:24 +02:00
海子 Yang
3984266295 Remove unused method in UriComponentsBuilder
This commit removes HierarchicalUriComponents#checkSchemeAndHost
unused private method.

Closes gh-33684
2024-10-14 14:02:31 +02:00
Sébastien Deleuze
a75f22e548 Merge branch '6.1.x' 2024-10-14 12:09:00 +02:00
Hosam Aly
97bce6d361 Fix link in testing/support-jdbc.adoc
Fix the link to "Testing Data Access Logic with an Embedded Database".

Closes gh-33686
2024-10-14 12:07:17 +02:00
Simon Baslé
12134e8619 Merge branch '6.1.x' 2024-10-14 11:57:39 +02:00
Simon Baslé
8da31e1db7 Reject CORS request with 403 if Origin header is malformed
When assessing if a request is a CORS request, both mvc and reactive
`DefaultCorsProcessor` now catch `IllegalArgumentException` and turn
this into a 403 rejection rather than letting the exception propagate
into a 500 response.

Closes gh-33688
2024-10-14 11:50:19 +02:00
Sangmin Park
ae32227b50 Polish ServletWebRequest
Closes gh-33698
2024-10-14 11:38:24 +02:00
Sam Brannen
b3cc9a219e Ensure that @⁠MockitoBeanSettings is inherited in @⁠Nested test class
Closes gh-33685
2024-10-11 17:20:53 +02:00
Juergen Hoeller
7ea0ac55cd Restore special instance supplier generation for inner classes
Closes gh-33683
2024-10-11 16:59:15 +02:00
Juergen Hoeller
b748cb38c5 Rename to Mockito(Spy)BeanForFactoryBeanIntegrationTests 2024-10-11 16:58:18 +02:00
Sam Brannen
eb4bf1c0a6 Support @⁠MockitoBean reset and MockitoSession management with @⁠Nested tests
Prior to this commit, the MockitoResetTestExecutionListener failed to
reset mocks created via @⁠MockitoBean if the @⁠MockitoBean field was
declared in an enclosing class for a @⁠Nested test class. In addition,
the MockitoSession was not properly managed by the
MockitoTestExecutionListener.

This commit addresses those issue as follows.

1) The hasMockitoAnnotations() utility method has been overhauled so
that it finds Mockito annotations not only on the current test class
and on fields of the current test class but also on interfaces,
superclasses, and enclosing classes for @⁠Nested test classes as well
as on fields of superclasses and enclosing classes.

That allows the MockitoResetTestExecutionListener to properly detect
that it needs to reset mocks for fields declared in enclosing classes
for @⁠Nested classes.

2) MockitoTestExecutionListener has been revised so that it only
initializes a MockitoSession before each test method and closes the
MockitoSession after each test method. In addition, it now only manages
the MockitoSession when hasMockitoAnnotations() returns true for the
current test class (which may be a @⁠Nested test class). Furthermore,
it no longer attempts to initialize a MockitoSession during the
prepareTestInstance() callback since that results in an
UnfinishedMockingSessionException for a @⁠Nested test class due to the
fact that a MockitoSession was already created for the current thread
for the enclosing test class.

Closes gh-33676
2024-10-11 16:14:42 +02:00
Sam Brannen
7fb6a2e4f7 Polish Javadoc for Bean Override TestExecutionListeners 2024-10-11 15:50:56 +02:00
Sam Brannen
e2d981e809 Extract common logic into AbstractMockitoTestExecutionListener 2024-10-11 10:15:49 +02:00
Simon Baslé
0f25c75b9e Document TestExecutionListener implementations introduced in 6.2
Closes gh-33661
2024-10-10 16:32:38 +02:00
Sam Brannen
0e8316e704 Add value attribute alias to @⁠MockitoBean and @⁠MockitoSpyBean
This commit improves the user experience for common use cases by
introducing new `value` attributes in @⁠MockitoBean and
@⁠MockitoSpyBean that are aliases for the existing `name` attributes.

For example, this allows developers to declare
@⁠MockitoBean("userService") instead of @⁠MockitoBean(name =
"userService"), analogous to the existing name/value alias support in
@⁠TestBean.

Closes gh-33680
2024-10-10 13:05:39 +02:00
Sam Brannen
1b8f2c46c1 Update Javadoc for @⁠Mockito[Spy]Bean to reflect current semantics 2024-10-10 12:19:36 +02:00
Sam Brannen
f7e32a9c78 Revise singleton destruction for Bean Overrides
See gh-33678
2024-10-10 12:13:44 +02:00
Sam Brannen
8d652e9c12 Reinstate Bean Override support for replacing a manually registered singleton
Closes gh-33678
2024-10-09 18:10:07 +02:00
Sam Brannen
c70a6d3be1 Fix test method names 2024-10-09 17:17:57 +02:00