jeecgboot / autopoi

AutoPOI 功能如同名字auto,追求的就是自动化,让一个没接触过poi的人员,可以傻瓜化的快速实现Excel导入导出、Word模板导出、可以仅仅5行代码就可以完成Excel的导入导出。
http://www.jeecg.com
Apache License 2.0
482 stars 205 forks source link

Bump spring-webmvc from 5.1.0.RELEASE to 5.2.20.RELEASE #75

Closed dependabot[bot] closed 11 months ago

dependabot[bot] commented 1 year ago

Bumps spring-webmvc from 5.1.0.RELEASE to 5.2.20.RELEASE.

Release notes

Sourced from spring-webmvc's releases.

v5.2.20.RELEASE

:star: New Features

  • Restrict access to property paths on Class references #28262
  • Improve diagnostics in SpEL for large array creation #28257

v5.2.19.RELEASE

:star: New Features

  • Declare serialVersionUID on DefaultAopProxyFactory #27785
  • Use ByteArrayDecoder in DefaultClientResponse::createException #27667

:lady_beetle: Bug Fixes

  • ProxyFactoryBean getObject called before setInterceptorNames, silently creating an invalid proxy [SPR-7582] #27817
  • Possible NPE in Spring MVC LogFormatUtils #27783
  • UndertowHeadersAdapter's remove() method violates Map contract #27593
  • Fix assertion failure messages in DefaultDataBuffer.checkIndex() #27577

:notebook_with_decorative_cover: Documentation

  • Lazy annotation throws exception if non-required bean does not exist #27660
  • Incorrect Javadoc in [NamedParameter]JdbcOperations.queryForObject methods regarding exceptions #27581
  • DefaultResponseErrorHandler update javadoc comment #27571

:hammer: Dependency Upgrades

  • Upgrade to Reactor Dysprosium-SR25 #27635
  • Upgrade to Log4j2 2.16.0 #27825

v5.2.18.RELEASE

:star: New Features

  • Enhance DefaultResponseErrorHandler to allow logging complete error response body #27558
  • DefaultMessageListenerContainer does not log an error/warning when consumer tasks have been rejected #27457

:lady_beetle: Bug Fixes

  • Performance impact of con.getContentLengthLong() in AbstractFileResolvingResource.isReadable() downloading huge jars to check component length #27549
  • Performance impact of ResourceUrlEncodingFilter on HttpServletResponse#encodeURL #27548
  • Avoid duplicate JCacheOperationSource bean registration in #27547
  • Non-escaped closing curly brace in RegEx results in initialization error on Android #27502
  • Proxy generation with Java 17 fails with "Cannot invoke "Object.getClass()" because "cause" is null" #27498
  • ConcurrentReferenceHashMap's entrySet violates the Map contract #27455

:hammer: Dependency Upgrades

  • Upgrade to Reactor Dysprosium-SR24 #27526

v5.2.17.RELEASE

... (truncated)

Commits
  • cfa701b Release v5.2.20.RELEASE
  • 996f701 Refine PropertyDescriptor filtering
  • 90cfde9 Improve diagnostics in SpEL for large array creation
  • 94f52bc Upgrade to Artifactory Resource 0.0.17
  • d4478ba Upgrade Java versions in CI image
  • 136e6db Upgrade Ubuntu version in CI images
  • 8f1f683 Upgrade Java versions in CI image
  • ce2367a Upgrade to Log4j2 2.17.1
  • acf7823 Next development version (v5.2.20.BUILD-SNAPSHOT)
  • 1a03ffe Upgrade to Log4j2 2.16.0
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jeecgboot/autopoi/network/alerts).
dependabot[bot] commented 11 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.