search

lgvalent / monstrengo

Framework MVC for modular applications with or without graphics interface
3 stars 1 forks source link

Bump spring-core from 3.2.18.RELEASE to 4.3.19.RELEASE in /Monstrengo #6

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 4 years ago

Bumps spring-core from 3.2.18.RELEASE to 4.3.19.RELEASE.

Release notes

Sourced from spring-core's releases.

4.1.8 Release

:star: New Features

  • Make AbstractFallbackTransactionAttributeSource.computeTransactionAttribute(…) protected [SPR-13246] #17837
  • Avoid ambiguous property warning for setter methods with multiple parameters [SPR-13349] #17933
  • Support for last-modified resolution in Tomcat's unpackwar=false mode [SPR-13393] #17434
  • ClasspathXmlApplicationContext cannot be closed twice [SPR-13425] #18004
  • Protect against RFD exploits [SPR-13548] #18124
  • Compatibility with GlassFish 4.1.1 / Tyrus 1.12 [SPR-13566] #18142

:beetle: Bug Fixes

  • ConcurrentModificationException when doing a merge on AbstractEnvironment [SPR-13213] #17805
  • PathResourceResolver should not resolve "/" as a JAR resource [SPR-13241] #17832
  • PropertyOrFieldReference throws ClassCastException [SPR-13247] #17838
  • Race condition when inbound message handling fails and StompSubProtocolHandler sends ERROR frame [SPR-13326] #17911
  • Regression: SpringHandlerInstantiator breaks stand-alone support in the MVC Test framework [SPR-13375] #17957
  • ScopedProxyMode resolution for custom scope meta-annotation not working with @Bean methods (with ASM-based scanning) [SPR-13394] #17974
  • StompDecoder fails for partial headers containing escape sequence [SPR-13416] #17995
  • ConcurrentModificationException in SingleConnectionFactory$AggregatedExceptionListener [SPR-13421] #18000
  • MessagingException should not provide empty description String to NestedRuntimeException [SPR-13447] #18027
  • DeferredResult not thread-safe for isSetOrExpired call [SPR-13451] #18031
  • ConcurrentMapCache.putIfAbsent doesn't support null values [SPR-13458] #18038
  • AbstractEmbeddedDatabaseConfigurer.shutdown does not close JDBC resources [SPR-13474] #18053
  • YamlProcessor subclasses can no longer instantiate StrictMapAppenderConstructor [SPR-13504] #18082
  • Null Pointer when receiving an invalid transport type during SockJS request [SPR-13545] #18121
  • Consistently detect spring-beans.dtd reference [SPR-13549] #18125
  • JCacheCache doesn't recognize null values in other JVMs [SPR-13553] #18129
  • DefaultSubscriptionRegistry loses track of subscribers in its cache [SPR-13555] #18131
  • Close processing triggered by shutdown hook isn't thread safe [SPR-13556] #18132
  • Clarify whether HttpInputMessage.getBody() is allowed to return null [SPR-13563] #18139
  • NullPointerException in DefaultSubscriptionRegistry.removeSubscription [SPR-13205] #17797
  • Wrong assertion message in ShallowEtagHeaderFilter [SPR-13194] #17786
  • STOMP CONNECT ignored ("No session for...") when using websocket:decorator-factories [SPR-13190] #17782
  • ConcurrentModificationException when calling SimpMessagingTemplate.convertAndSend [SPR-13185] #17777

:notebook_with_decorative_cover: Documentation

  • Misleading note on readonly and disabled flags in spring-form.tld [SPR-13397] #17977
  • Documentation for Portlet MVC does not refer to Portlet 2.0 spec (JSR-286) [SPR-13513] #18090
  • Dispel the myth that Spring MVC Test only works with JUnit [SPR-13552] #18128

4.1.7 Release

:star: New Features

  • Avoid reflection for creating StandardServletAsyncWebRequest [SPR-13112] #17703
  • Provide means to opt out of default annotation based transaction management by bean [SPR-13109] #17700
  • Make PropertyMatches public [SPR-13054] #17646
  • mvc:resources does not handles directories well [SPR-12999] #17591
  • Same Origin check in both AbstractSockJSService and OriginHandshakeInterceptor is not working with Tyrus client [SPR-12956] #17548
... (truncated)
Commits
  • f428cbb Release version 4.3.19.RELEASE
  • 6a5d986 Fix SpEL compilation for non trivial elvis operand
  • 8ce9236 Polishing
  • 1a626ab SpelExpression consistently exposes EvaluationContext to compiled AST
  • 56194a1 Transactional timeout documented as seconds in annotation javadoc
  • a496836 Upgrade to Tomcat 8.5.33 and Netty 4.1.29
  • 974e7b8 Polishing
  • 069704f Support Jackson filters in combination with serialization view
  • d38eb9d SimpleAliasRegistry.hasAlias properly resolves multiple chained aliases
  • 5bd4f88 Polishing
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lgvalent/monstrengo/network/alerts).
dependabot[bot] commented 3 years ago

Superseded by #9.