** Bug
* [HHH-14333] - Pessimistic Lock causes FOR UPDATE on outer join statements
* [HHH-14329] - DirtinessTracker usage for enhanced entities doesn't respect mutable types
* [HHH-14322] - HBM many-to-one property-ref broken since 5.3.2 due to HHH-12684
* [HHH-14317] - Avoid closing datasource in AgroalConnectionProvider if datasource is not initialized
* [HHH-14316] - Avoid accessing state in DriverManagerConnectionProviderImpl if null
* [HHH-14312] - Padded batch style entity loader ignores entity graph
* [HHH-14310] - Document hibernate.query.in_clause_parameter_padding
* [HHH-14288] - Complex batch insert query stopped to work
* [HHH-14279] - Broken 'with key(...)' operator on entity-key maps
* [HHH-14276] - Nested ID class using derived identifiers fails with strange AnnotationException: unable to find column reference in the @MapsId mapping: game_id
* [HHH-14257] - An Entity A with a map collection having as index an Embeddable with a an association to the Entity A fails with a NPE
* [HHH-13310] - getParameterValue() not working for collections
** Improvement
* [HHH-14332] - Make it easier for Quarkus SPI to avoid loading XML
* [HHH-14325] - Add Query hint for specifying "query spaces" for native queries
* [HHH-14158] - Upgrade Javassist to the latest version
** Task
* [HHH-14324] - Add .gradletasknamecache to .gitignore
* [HHH-14309] - Improve BulkOperationCleanupAction#affectedEntity
* [HHH-14225] - CVE-2020-25638 Potential for SQL injection on use_sql_comments logging enabled
** Bug
* [HHH-14279] - Broken 'with key(...)' operator on entity-key maps
* [HHH-14275] - Broken link to Infinispan User Guide in Hibernate 5.3 User Guide
* [HHH-14260] - Dead links in user guide
* [HHH-14259] - HHH-13980 is not merged into 5.4
* [HHH-14249] - MultiLineImport fails when script contains blank spaces or tabs at the end of the last sql statement
* [HHH-14247] - Automatic release scripts, wrong Jira release url
* [HHH-14227] - Insert statements are not ordered with entities that use inheritance and reference a subclass
** Improvement
* [HHH-14305] - Analyse retained heap after bootstrap to trim memory consumption
* [HHH-14304] - Replacing eager initialization of LockingStrategy within AbstractEntityPersister
* [HHH-14303] - Upgrade to JBoss Loging 3.4.1.Final
* [HHH-14302] - Upgrade to Agroal 1.9
* [HHH-14301] - Upgrade to Byte Buddy 1.10.17
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/LibrePlan/libreplan/network/alerts).
Bumps hibernate-core from 5.1.1.Final to 5.4.24.Final.
Release notes
Sourced from hibernate-core's releases.
Changelog
Sourced from hibernate-core's changelog.
... (truncated)
Commits
0b5d3a2
5.4.24.Final33123d2
HHH-14333 Pessimistic Lock causes FOR UPDATE on outer join statements84e37c1
HHH-14332 Make it easier for Quarkus SPI to avoid loading XML related resourcesda8706e
HHH-14329 Amend existing DirtyTrackingTest2669848
HHH-14329 consider mutable types always as potentially dirty when using Dirti...5ea0d92
HHH-14329 test case showing that DirtinessTracker usage for enhanced entities...c444d5f
HHH-14325 - Add Query hint for specifying "query spaces" for native queries49ae7bd
HHH-14325 - Add Query hint for specifying "query spaces" for native queriesfe2230f
HHH-14276 Amend style and formattinga8fdb4d
HHH-14276 Avoid quoting column name for looking up references during composit...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/LibrePlan/libreplan/network/alerts).