search

hutchig / open-liberty

Open Liberty is a highly composable, fast to start, dynamic application server runtime environment
http://openliberty.io
Eclipse Public License 2.0
0 stars 0 forks source link

Bump spring-expression from 3.0.7.RELEASE to 5.3.12 in /dev/cnf/dependabot/check_this_in_if_it_changes #279

Open dependabot[bot] opened 3 years ago

dependabot[bot] commented 3 years ago

Bumps spring-expression from 3.0.7.RELEASE to 5.3.12.

Release notes

Sourced from spring-expression's releases.

v5.3.12

:lady_beetle: Bug Fixes

  • Update warn log message for empty static resource locations #27575
  • Default content type of response changed in v5.3.11 #27573
  • Fix assertion failure messages in DefaultDataBuffer.checkIndex() #27567

:notebook_with_decorative_cover: Documentation

  • Incorrect Javadoc in [NamedParameter]JdbcOperations.queryForObject methods regarding exceptions #27559

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

v5.3.11

:star: New Features

  • Enhance DefaultResponseErrorHandler to allow logging complete error response body #27552
  • Include correct keyword in CookieAssertions failure messages #27550
  • Use Arrays.hashCode() in ByteArrayResource.hashCode() #27544
  • Allow default CacheAwareContextLoaderDelegate configuration via a system property #27540
  • Invoke bean-derived (Auto)Closeable.close() method directly #27504
  • Defensive reference to JNDI API for JDK 9+ (optional java.naming module) #27483
  • DefaultMessageListenerContainer does not log an error/warning when consumer tasks have been rejected #27451
  • Provide accessor on externallyManaged RootBeanDefinition attributes #27449
  • Allow to avoid class validation in CglibAopProxy via ProxyFactory #27439
  • Add support for non-public record declarations #27437
  • Emit WebClientResponseException for malformed HTTP response #27262
  • DatabasePopulatorUtils.execute should commit if the current Connection has auto-commit set to false #27008

:lady_beetle: Bug Fixes

  • CronTrigger uses new Date() instead of context's Clock #27546
  • Performance impact of con.getContentLengthLong() in AbstractFileResolvingResource.isReadable() downloading huge jars to check component length #27541
  • Performance impact of ResourceUrlEncodingFilter on HttpServletResponse#encodeURL #27538
  • UriTemplateRequestEntity doesn't override hashCode() and equals() #27531
  • DataBufferUtils.write loses context #27517
  • Avoid duplicate JCacheOperationSource bean registration in #27499
  • Proxy generation with Java 17 fails with "Cannot invoke "Object.getClass()" because "cause" is null" #27490
  • MediaType.sortBySpecificityAndQuality throws java.lang.IllegalArgumentException: Comparison method violates its general contract #27488
  • Leading whitespaces are removed while reading SSE response #27473
  • Non-escaped closing curly brace in RegEx results in initialization error on Android #27467
  • ConcurrentReferenceHashMap's entrySet violates the Map contract #27454
  • Avoid early ConversionService determination in StandardBeanExpressionResolver #27446
  • Spring Framework >= 5.3.8 ASM ClassReader fails to parse class file due to InputStream optimization #27429
  • StringUtils.collectionToDelimitedString(?) fails with NullPointerException when the collection contains null #27419

... (truncated)

Commits
  • 850cb6c Release v5.3.12
  • 3d6d8a9 Update "Reporting a Vulnerability" link
  • 6fa6bfe Fix link to Spring Framework project page in Javadoc overview
  • 05ea991 Removing locations logging in ResourceHttpRequestHandler
  • a248a52 Revert transitive MediaType comparators
  • 2a3c9e4 Revert "Polishing"
  • bad87be Fix checkstyle warning
  • 346b755 Fix assertion message in DefaultDataBuffer
  • 4978eef Update Javadoc in DefaultResponseErrorHandler
  • 052ed50 Fix copy-and-paste error in Javadoc
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)