search

spring-attic / spring-security-saml

SAML extension for the Spring Security project
Other
419 stars 484 forks source link

Bump spring-core from 3.1.2.RELEASE to 4.3.19.RELEASE in /sample #486

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.

Bumps spring-core from 3.1.2.RELEASE to 4.3.19.RELEASE.

Release notes

Sourced from spring-core's releases.

4.1.3 Release

:star: New Features

  • Please add static unprocessableEntity() builder method to ResponseEntity [SPR-12515] #17120
  • Support for X-Forwarded-Prefix in ServletUriComponentsBuilder [SPR-12500] #17105
  • Allow YamlProcessor subclasses to build the flattened map [SPR-12499] #17104
  • Check the user for a SockJS request [SPR-12497] #17103
  • Consistent bridge method handling in annotation post-processors [SPR-12495] #17101
  • Add UriComponentsBuilder.clone() [SPR-12494] #17100
  • @Scope and other common bean annotations on nested @Component classes [SPR-12486] #17092
  • Allow overriding InvocableHandlerMethod.invoke and/or ServletInvocableHandlerMethod.invokeAndHandle in subclasses [SPR-12484] #17090
  • Default conversion support for EnumSet / EnumMap [SPR-12483] #17089
  • Update SqlRowSet interface with JDBC 4.x ResultSet additions [SPR-12480] #17086
  • Enrich the message for "connected" events with Principal [SPR-12479] #17085
  • Extract ContentCachingRequestWrapper and ContentCachingResponseWrapper for custom use outside of Spring's filters [SPR-12477] #17083
  • NotReadablePropertyException should take causing exception as constructor argument [SPR-12467] #17073
  • SimpleJdbcInsert should take Map as arg instead of Map [SPR-12462] #17067
  • PersistenceAnnotationBeanPostProcessor.findPersistenceMetadata(PersistenceAnnotationBeanPostProcessor.java:392) too aggressive, resulting in NoClassDefFoundError [SPR-12461] #17066
  • Making it easier to replace "RequestMappingHandlerAdapter.handleInternal" [SPR-12460] #17065
  • Registering an HttpMessageConverter while preserving default converters [SPR-12450] #17055
  • BeanMethodInterceptor doesn't forward user-provided arguments to getBean(name, args) [SPR-12443] #17048
  • GenericGroovyApplicationContext propagates BeanDefinitionParsingException only when context file is named 'beans.groovy' [SPR-12435] #17040
  • MessageHeaderAccessor copyHeaders... tuning [SPR-12431] #17037
  • Concurrent registration/iteration in PropertySourcesPropertyResolver [SPR-12428] #17034
  • Allow custom @Validated annotations for handler method parameters [SPR-12406] #17014
  • Use Jackson ObjectMapper improved default properties outside spring-web [SPR-12293] #16898
  • Support for Undertow 1.1 / WildFly 8.2 [SPR-12302] #16836
  • @Configuration should respect @DependsOn on imported or nested classes as well [SPR-11883] #16502
  • Spring dependency injection for Jackson serializers [SPR-10768] #15394
  • @Validated should allow ElementType.METHOD target [SPR-9174] #13812

:beetle: Bug Fixes

  • Synchronize message sending in HTTP SockJS sessions with request initialization [SPR-12516] #17121
  • SpEL compilation problem for payload concatenation use case in Spring Integration [SPR-12514] #17119
  • @SendTo annotation not found on Jms listener with JDK proxy [SPR-12513] #17118
  • @ControllerAdvice(basePackageClasses) do the prefix search by package name. [SPR-12509] #17114
  • Base packages referenced from @ControllerAdvice must contain at least one Controller [SPR-12506] #17111
  • SpEL: problem with static methods conflicting with instance methods [SPR-12502] #17107
  • AnnotationAttributesReadingVisitor.doVisitEnd doesn't handle possible null return from AnnotationUtils.getAnnotations [SPR-12493] #17099
  • @Resource injection broken under spring-framework > 4.1.0 [SPR-12490] #17096
  • be more defensive looking up javax.annotation.Priority (jdk6 compatibility) [SPR-12489] #17095
  • SPR-12443 breaks Spring Security's AuthenticationConfiguration [SPR-12488] #17094
  • Need a defensive close() in YamlProcessor [SPR-12487] #17093
  • Cache busting does not work when context path is different from / [SPR-12459] #17064
  • Unable to initialize WebAsyncTask with executorName [SPR-12457] #17062
  • NPE in org.springframework.core.MethodParameter.getParameterName (possible race condition) [SPR-12453] #17058
  • Early initialization of @Configuration class may lead to unwanted call to setBeanFactory [SPR-12445] #17050
  • Not able to send message specific to user using STOMP over WebSocket [SPR-12444] #17049
  • Introspection with BeanUtils started failing against java.awt.Window [SPR-12434] #17039
... (truncated)
Commits
  • f428cbb Release version 4.3.19.RELEASE
  • 6a5d986 Fix SpEL compilation for non trivial elvis operand
  • 8ce9236 Polishing
  • 1a626ab SpelExpression consistently exposes EvaluationContext to compiled AST
  • 56194a1 Transactional timeout documented as seconds in annotation javadoc
  • a496836 Upgrade to Tomcat 8.5.33 and Netty 4.1.29
  • 974e7b8 Polishing
  • 069704f Support Jackson filters in combination with serialization view
  • d38eb9d SimpleAliasRegistry.hasAlias properly resolves multiple chained aliases
  • 5bd4f88 Polishing
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/spring-projects/spring-security-saml/network/alerts).
jzheaux commented 4 years ago

Closing since this project no longer uses Maven for dependency management.

dependabot[bot] commented 4 years ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.