chore: [DevOps] bump the production-minor-patch group with 5 updates

[dependabot[bot]]

Bumps the production-minor-patch group with 5 updates:

Package	From	To
org.springframework:spring-framework-bom	6.2.6	6.2.7
io.swagger.core.v3:swagger-models	2.2.30	2.2.32
io.swagger.parser.v3:swagger-parser	2.1.27	2.1.28
io.swagger.parser.v3:swagger-parser-core	2.1.27	2.1.28
org.apache.maven.archetype:archetype-packaging	3.3.1	3.4.0

Updates org.springframework:spring-framework-bom from 6.2.6 to 6.2.7

Release notes

Sourced from org.springframework:spring-framework-bom's releases.

v6.2.7

:star: New Features

• Forward more methods to underlying InputStream in NonClosingInputStream #34893
• Introduce Spring property for the default property placeholder escape character #34865
• Close ApplicationContext once AOT processing has completed #34841
• Fix AbstractJackson2HttpMessageConverter#getObjectMappersForType nullness #34811
• Add option for case-insensitive match to PatternMatchUtils #34801
• RestClient @RequestBody parameters lose generic type information when creating HTTP service beans #34793
• Adds option to set Principal in MockServerWebExchange #34789

:lady_beetle: Bug Fixes

• Beans created by FactoryBean are not considered as autowiring candidates if another thread holds a singletonLock #34902
• PropertySourcesPlaceholderConfigurer placeholder resolution fails in several scenarios #34861
• HttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 #34851
• Fragment.create() requires mutable map - which is unusable when used with Kotlin #34848
• Duplicate BeanOverrideHandler discovered in @Nested test case with superclass from different class or in interface implemented multiple times #34844
• Accidental ClassLoader defineClass enforcement after #34677 #34824
• HttpEntity.EMPTY headers should not be possible to mutate via HttpHeaders constructor #34812
• AbstractFileResolvingResource.exists incorrectly reports result for resources inside of spring-boot executable jar #34796
• Correctly expand query param with same name from URI variables array #34783
• R2DBC NamedParameterUtils only expands reused collection parameter once #34768
• PathMatchingResourcePatternResolver wrongly assumes that target/classes always exists #34764

:notebook_with_decorative_cover: Documentation

• Clarify CompositePropertySource behavior for EnumerablePropertySource contract #34886
• Javadoc and @Nullable annotation for servletContext parameter of ConfigurableWebEnvironment.initPropertySources are contradictory #34845
• Spring MVC: @EnableAsync needs to be redeclared for each ApplicationContext #34843
• Provide a working example instead of unclear placeholders #34828

:hammer: Dependency Upgrades

• Upgrade to Micrometer 1.14.7 #34889
• Upgrade to Reactor 2024.0.6 #34898

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​Artur-, @​blake-bauman, @​iifawzi, @​kilink, @​quaff, @​whlit, and @​zzoe2346

Commits

• ba590ac Release v6.2.7
• ee62701 Make use of PatternMatchUtils ignoreCase option
• fa168ca Revise FactoryBean locking behavior for strict/lenient consistency
• 3c228a5 Add missing @​since tags in PatternMatchUtils
• 9bf6b8c Upgrade to Reactor 2024.0.6
• 37ecdd1 Forward more methods to underlying InputStream in NonClosingInputStream
• 73f1c5a Polishing
• 4d296fb Upgrade to Micrometer 1.14.7
• 6a94444 Clarify CompositePropertySource behavior for EnumerablePropertySource contract
• 03ae97b Introduce Spring property for default escape character for placeholders
• Additional commits viewable in compare view

Updates io.swagger.core.v3:swagger-models from 2.2.30 to 2.2.32

Updates io.swagger.parser.v3:swagger-parser from 2.1.27 to 2.1.28

Release notes

Sourced from io.swagger.parser.v3:swagger-parser's releases.

Swagger-parser 2.1.28 released!

• chore: migrate Sonatype OSSRH to Central Portal (#2189)
• Add $dynamicRef (#2181)

Commits

• 60dca14 Fix project URL in POM
• 78932ed fix mvn command in release.yml
• b63e4a5 prepare release 2.1.28
• b6075c4 Fix GH Workflow missing comma
• b7c68fd update dependencies
• 87f3e66 chore: migrate Sonatype OSSRH to Central Portal
• af2d7e8 Add
• f74a954 Merge pull request #2180 from swagger-api/bump-snap-2.1.28-SNAPSHOT
• 00e6143 bump snapshot 2.1.28-SNAPSHOT
• See full diff in compare view

Updates io.swagger.parser.v3:swagger-parser-core from 2.1.27 to 2.1.28

Updates io.swagger.parser.v3:swagger-parser-core from 2.1.27 to 2.1.28

Updates org.apache.maven.archetype:archetype-packaging from 3.3.1 to 3.4.0

Release notes

Sourced from org.apache.maven.archetype:archetype-packaging's releases.

3.4.0

🚀 New features and improvements

• Bump archetype descriptor version to 1.2.0 (#268) @​slawekjaranowski
• Add property for outputDirectory in create-from-project mojo (#113) @​geoffpotter
• Lock down plugin versions in maven-archetype packaging (#267) @​slawekjaranowski
• Enable GitHUb Issues (#250) @​slawekjaranowski
• [ARCHETYPE-274] - Conditionally include or exclude a file from archetype during generation (#244) @​Giovds

🐛 Bug Fixes

• [ARCHETYPE-674] - Workaround for Maven 4 (#270) @​slawekjaranowski
• Fix recognize project packaging by PomUtils (#264) @​thomasdaviddedalus

👻 Maintenance

• Update site descriptor (#269) @​slawekjaranowski
• Remove clean from the PR template (#266) @​slawekjaranowski
• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#255) @​Bukama
• Bump project version to 3.4.0-SNAPSHOT (#254) @​slawekjaranowski
• Add GitHub Actions to dependabot (#252) @​slawekjaranowski
• Add release-drafter configuration (#251) @​slawekjaranowski
• [ARCHETYPE-691] - Refactor FileCharsetDetector (#248) @​Stellar1999
• Remove a lot of old println detritus (#246) @​elharo
• @Component --> @Inject (#243) @​elharo
• refactor: Replace Plexus AbstractLogEnabled with SLF4J (#240) @​timtebeek

📦 Dependency updates

• Bump org.apache.maven:maven-parent from 43 to 44 (#258) @dependabot[bot]
• Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#262) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-velocity from 2.2.0 to 2.2.1 (#261) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-interactivity-api from 1.3 to 1.4 (#260) @dependabot[bot]
• Bump com.ibm.icu:icu4j from 76.1 to 77.1 (#257) @dependabot[bot]
• Bump org.apache.groovy:groovy-bom from 4.0.25 to 4.0.26 (#256) @dependabot[bot]
• Bump org.apache.groovy:groovy-bom from 4.0.24 to 4.0.25 (#253) @dependabot[bot]
• Bump org.apache.ivy:ivy from 2.5.2 to 2.5.3 (#249) @dependabot[bot]
• Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#242) @dependabot[bot]
• Bump org.easymock:easymock from 5.4.0 to 5.5.0 (#241) @dependabot[bot]
• Bump org.apache.groovy:groovy-bom from 4.0.23 to 4.0.24 (#239) @dependabot[bot]
• Bump org.apache.maven:maven-archiver from 3.6.2 to 3.6.3 (#238) @dependabot[bot]
• Bump com.ibm.icu:icu4j from 75.1 to 76.1 (#237) @dependabot[bot]

Commits

• f20ba2a [maven-release-plugin] prepare release maven-archetyp-3.4.0
• 2c22da9 [ARCHETYPE-674] Workaround for Maven 4
• cb5abbd Update site descriptor
• 39a926b Fix recognize project packaging by PomUtils (#264)
• 0c1e55e Bump archetype descriptor version to 1.2.0
• 25e3668 Add property for outputDirectory in create-from-project mojo
• ac9d130 Lock down plugin versions in maven-archetype packaging
• 367d66c Remove clean from the PR template
• 9a16dd2 Bump org.apache.maven:maven-parent from 43 to 44 (#258)
• 150bfe7 Bump commons-io:commons-io from 2.18.0 to 2.19.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions