highmed / highmed-dsf

HiGHmed Data Sharing Framework funded by the German Federal Ministry of Education and Research (BMBF, grant ids: 01ZZ1802E and 01ZZ1802A)
Apache License 2.0
32 stars 20 forks source link

Bump spring-core from 5.3.11 to 5.3.14 #304

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps spring-core from 5.3.11 to 5.3.14.

Release notes

Sourced from spring-core's releases.

v5.3.14

:star: New Features

  • Add default methods to CachingConfigurer #27811
  • Provide a variant of ListableBeanFactory.findAnnotationOnBean(String, Class) that does not initialize factory beans #27796
  • Convert single null argument to Optional.empty() in SpEL varargs expression #27795
  • Declare serialVersionUID on DefaultAopProxyFactory #27784
  • The ReactorClientHttpConnector must apply mapper before tcpConfiguration() #27749
  • Add getter for RequestMappingInfo builder config #27723
  • Give warning when using capturing patterns with the AntPathMatcher #27688
  • Support for customization of 404 response when RouterFunctionWebHandler finds no routes #25358
  • ModelAndView.status does not work with RedirectView #25092
  • ThreadPoolExecutorFactoryBean add ability to prestart threads #1246
  • Support empty attributes in TagWriter #910

:lady_beetle: Bug Fixes

  • AsyncConfigurer implementations are loaded too early #27808
  • Possible NPE in Spring MVC LogFormatUtils #27782
  • Extending CachingConfigurerSupport results in at least one log message about not being eligible for full post-processing #27751
  • WebFlux ServerResponse does not overwrite already present response headers #27741
  • Passing single null value in varargs SpEL expression results in NullPointerException #27719
  • UriUtils::extractFileExtension does not properly handle empty file names #27639
  • References of CountingBeforeAdvice target its previous location #22246
  • ProxyFactoryBean getObject called before setInterceptorNames, silently creating an invalid proxy [SPR-7582] #12238

:notebook_with_decorative_cover: Documentation

  • Remove references to AsyncConfigurerSupport as AsyncConfigurer should be used instead #27812
  • Fix javadoc reference to ThrowsAdvice #27804
  • Suggested WebSocket config causes circular bean reference #27746
  • Document the difference in generics resolution between @Autowired and beanFactory.getBeanProvider #27727
  • Clarify that interface-level cache annotations work for target-class proxies as well #27726
  • SchedulerFactoryBean no longer sets the job store's DataSource when the job store class has been customized #27709
  • Fix typo #27699
  • Fix incorrect example of error handling in WebClient Javadoc #27645
  • Missing reference documentation for WebSocketScope #25172
  • Clarify behaviour of AnnotationBeanNameGenerator with acronyms #2030
  • Fix simple data format in appendix #1025
  • Update StoredProcedure.java declareParameter method JavaDoc #1000
  • Document @Bean definitions via default methods #767
  • Improved DataBinder Javadoc for xxx*yyy pattern matching. #699

:hammer: Dependency Upgrades

  • Upgrade to ASM 9.3 (for early Java 19 support) #27740
  • Upgrade to JUnit 5.8.2 #27744
  • Upgrade to Reactor 2020.0.14 #27793

:heart: Contributors

... (truncated)

Commits
  • 29185a3 Release v5.3.14
  • 31a4c27 Upgrade to SnakeYAML 1.30, MockK 1.12.1, Jetty Reactive HttpClient 1.1.10
  • d665977 Polishing
  • 0b6a54d Upgrade to R2DBC Arabba-SR11, Kotlin 1.5.32, Jackson 2.12.6
  • 1885ab3 Polishing
  • de10bb6 Stop resolving AsyncConfigurer instances eagerly
  • c764242 Stop resolving CachingConfigurer instances eagerly
  • 4c2e0ee Upgrade to Log4j2 2.16.0
  • 79804d9 Upgrade to Protobuf 3.19.1, Gson 2.8.9, Woodstox 6.2.7, Apache Johnzon 1.2.15...
  • f191cf4 Revised comment on explicit LocalDataSourceJobStore configuration
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/highmed/highmed-dsf/network/alerts).
dependabot[bot] commented 2 years ago

Looks like org.springframework:spring-core is up-to-date now, so this is no longer needed.