Sourced from org.junit:junit-bom's releases.

JUnit 5.13.4 = Platform 1.13.4 + Jupiter 5.13.4 + Vintage 5.13.4

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.3...r5.13.4

• 8a21048 Release 5.13.4
• 9a38789 Finalize 5.13.4 release notes
• 458325c Log only once per implementation type for CloseableResource types
• 976a110 Protect against potential problems when converting file-based selectors
• e94f728 Allow default package for PackageSource
• b60fecf Fail on classpath resource names that are blank after removing leading /
• 6378c88 Remove java.* packages from Import-Package headers in all jars (#4738)
• 1a360f3 Create initial 5.13.4 release notes from template
• 806fc9a Document #4689 in release notes
• 1653839 Document #4686 in release notes
• Additional commits viewable in compare view

Sourced from org.springframework:spring-web's releases.

v6.2.9

⭐ New Features

• OncePerRequestFilter cannot be CGLib-proxied #35198
• Consistently catch InaccessibleObjectException next to IllegalAccessException #35190
• Introduce Date-to-Instant and Instant-to-Date converters #35175
• Consistent nullability and exception declarations in AbstractMessagingTemplate hierarchy #35159
• Register runtime hints for Instant-to-Timestamp conversion #35156
• Improve handling of ResponseEntity<?> in Spring MVC #35153
• Support @CacheConfig("myCacheName") declarations for simplified configuration #35152
• Declare messageSelector parameters in JmsOperations as @Nullable #35151
• Add getter for OverflowStrategy in ConcurrentWebSocketSessionDecorator #35132
• Use preset Content-Type for streaming and reactive responses in Spring MVC #35130
• Leniently tolerate null @Aspect bean #35074
• DataAccessResourceFailureException thrown when transaction times out on PostgreSQL #35073
• MethodInvokingFactoryBean fails to invoke publicly exported methods overridden by internal classes when using JPMS #34028

🐞 Bug Fixes

• Restore preference for interface (most abstract) method in getPubliclyAccessibleMethodIfPossible #35189
• Make targetBeanName field in AbstractBeanFactoryBasedTargetSource protected to avoid exceptions in logging and toString() #35172
• Fix inconsistencies in StaticListableBeanFactory #35119
• Support StreamingHttpOutputMessage in RestClient #35102
• When building DELETE requests, the request body is not used in JdkClientHttpRequest.buildRequest #35068
• AOT-generated bean registration file contains "too many constants" when building with many beans #35044
• Prevent cache pollution by storing only the factories #34732
• WebFlux decodes wildcard content-types as form-data/multipart #34660
• AOT-generated CGLib proxies do not contain method overrides #34642
• 500 response for ResourceHttpRequestHandler when requested range is not satisfied #34490

📔 Documentation

• Document how to register runtime hints for convention-based conversion #35178
• Link to @ContextConfiguration Javadoc from reference manual #35088

🔨 Dependency Upgrades

• Upgrade to JUnit 5.13.3 #35103
• Upgrade to Micrometer 1.14.9 #35202
• Upgrade to Reactor 2024.0.8 #35201

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Meijuh, @​RazorNd, @​chenggwang, @​izeye, @​mjd507, @​ngocnhan-tran1996, and @​philwebb

• 09a5ca3 Release v6.2.9
• a4ec25d Upgrade to MockK 1.13.17
• 0fc043f Upgrade to Netty 4.1.123, Selenium 4.34, XMLUnit 2.10.3
• 5473260 Backport nullability refinements for Micrometer
• 12a6098 Upgrade to Reactor 2024.0.8 and Micrometer 1.14.9
• f86034b Drop final declaration from doFilter entry point (for CGLIB proxying)
• 2180783 Upgrade to Jetty 12.0.23, Netty 4.1.122, Gson 2.13.1, Caffeine 3.2.1
• 2434bb1 Polishing
• 4063cb5 Publish releases using Central Portal
• 4277682 Catch InaccessibleObjectException next to IllegalAccessException
• Additional commits viewable in compare view

• 1fb7653 [maven-release-plugin] prepare release jackson-core-2.19.2
• 4dd2ee2 Prep for 2.19.2
• 155f66d ...
• 0c1f4ff Force 2.19/CI
• 4952499 Merge branch '2.18' into 2.19
• c9d3b02 Merge branch '2.17' into 2.18
• 12ba2c2 Merge branch '2.16' into 2.17
• d43f90e Merge branch '2.15' into 2.17
• 44a3c41 Merge branch '2.15' into 2.16
• b2480fa Update #943 description with [CVE-2025-52999] to tag CVE
• Additional commits viewable in compare view

• See full diff in compare view

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions