search

springfox / springfox-grails-integration

SpringFox integration with Grails 3.x
Apache License 2.0
19 stars 12 forks source link

Bump hibernate-core from 5.1.10.Final to 5.4.25.Final #68

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps hibernate-core from 5.1.10.Final to 5.4.25.Final.

Release notes

Sourced from hibernate-core's releases.

Hibernate ORM 5.2.0

5.2.0 includes many improvements and bug-fixes. For a complete list of changes, see https://hibernate.atlassian.net/projects/HHH/versions/23150/tab/release-report-done.

Many of the changes in 5.2.0 have important ramifications in terms of both usage and extension. Be sure to read the 5.2 Migration Guide for details.

Below is a discussion of the major changes.

Java 8 baseline

5.2 moves to Java 8 as its baseline. This means:

  • The hibernate-java8 module has been removed, and that functionality has been moved into hibernate-core.
  • Native support for Java 8 date/time types as Query parameters.
  • Support for streaming (java.util.stream.Stream) query results.
  • Support for java.util.Optional as return from methods that may return null.
  • Leveraging Java 8 "default methods" when introducing new methods to extension points.

Consolidating JPA support into hibernate-core.

That effectively means that the hibernate-entitymanager module no longer exists. Its functionality being consumed into hibernate-core.

JCache support

Support for using any JCache-compliant cache impl as a second-level caching provider.

Session-level batch size support

Support has been added for specifying a batch size for write operations per Session.

Changelog

Sourced from hibernate-core's changelog.

Changes in 5.4.25.Final (December 01, 2020)

https://hibernate.atlassian.net/projects/HHH/versions/31903

** Bug * [HHH-14350] - MariaDB103Dialect requires the lock wait timeout to be expressed in seconds * [HHH-14348] - Lazy collection is fetched during dirty checking with bytecode enhancement * [HHH-14346] - org.hibernate.metamodel.model.domain.internal.AbstractManagedType#getPluralAttributes NPE * [HHH-14343] - Nested ID classes fail with AnnotationException: Column name game_id of x.x.PlayerStat not found in JoinColumns.referencedColumnName * [HHH-14335] - Cache resolution of SimpleValue#getType * [HHH-14251] - Invalid SQL for @Embedded UPDATE

** Improvement * [HHH-14334] - Make dom4j and jaxb-api optional if hibernate.xml_mapping_enabled=false

Changes in 5.4.24.Final (November 17, 2020)

https://hibernate.atlassian.net/projects/HHH/versions/31892

** Bug * [HHH-14333] - Pessimistic Lock causes FOR UPDATE on outer join statements * [HHH-14329] - DirtinessTracker usage for enhanced entities doesn't respect mutable types * [HHH-14322] - HBM many-to-one property-ref broken since 5.3.2 due to HHH-12684 * [HHH-14317] - Avoid closing datasource in AgroalConnectionProvider if datasource is not initialized * [HHH-14316] - Avoid accessing state in DriverManagerConnectionProviderImpl if null * [HHH-14312] - Padded batch style entity loader ignores entity graph * [HHH-14310] - Document hibernate.query.in_clause_parameter_padding * [HHH-14288] - Complex batch insert query stopped to work * [HHH-14279] - Broken 'with key(...)' operator on entity-key maps * [HHH-14276] - Nested ID class using derived identifiers fails with strange AnnotationException: unable to find column reference in the @MapsId mapping: game_id * [HHH-14257] - An Entity A with a map collection having as index an Embeddable with a an association to the Entity A fails with a NPE * [HHH-13310] - getParameterValue() not working for collections

** Improvement * [HHH-14332] - Make it easier for Quarkus SPI to avoid loading XML * [HHH-14325] - Add Query hint for specifying "query spaces" for native queries * [HHH-14158] - Upgrade Javassist to the latest version

** Task * [HHH-14324] - Add .gradletasknamecache to .gitignore * [HHH-14309] - Improve BulkOperationCleanupAction#affectedEntity * [HHH-14225] - CVE-2020-25638 Potential for SQL injection on use_sql_comments logging enabled

Changes in 5.4.23.Final (November 01, 2020)

Commits
  • 4d8beec 5.4.25.Final
  • 70f3a92 HHH-14242 Fix issue for Dialects supporting row value constructor Syntax but ...
  • 54ea3c1 HHH-14251 Fix issue for Dialects not supporting row value constructor Syntax
  • ec7a278 HHH-14251 Invalid SQL for @Embedded UPDATE
  • cb04aa1 HHH-14251 Add test for issue
  • 12b284c HHH-14346 Check declaredPluralAttributes for null before access
  • c215601 HHH-14350 MariaDB103Dialect requires the lock wait timeout to be expressed in...
  • 8728cc3 HHH-14343 Fix quoting of column names when globally quoted identifiers is active
  • a917fc1 HHH-14343 Test case for issue
  • 41f44ad Restore collectionsInDefaultFetchGroupEnabled usage in LazyAttributesMetadata
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

Superseded by #72.