Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dependabot: bump org.springframework:spring-core from 5.3.27 to 5.3.29 #3208

Merged
merged 1 commit into from
Aug 21, 2023
Merged

dependabot: bump org.springframework:spring-core from 5.3.27 to 5.3.29 #3208

merged 1 commit into from
Aug 21, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 21, 2023

Bumps org.springframework:spring-core from 5.3.27 to 5.3.29.

Release notes

Sourced from org.springframework:spring-core's releases.

v5.3.29

⭐ New Features

  • Avoid illegal reflective access in ContextOverridingClassLoader.isEligibleForOverriding #30868
  • Improve diagnostics for CGLIB ClassLoader issues with shared classes in parent ClassLoader #30866
  • JdbcTemplate does not call handleWarnings in case of exception #30852
  • Tolerate AnnotationUtils.isCandidateClass call with null as annotation type #30843
  • Simplify DefaultSingletonBeanRegistry.isDependent() #30841
  • Provide explicit support for collections, maps, and arrays in ObjectUtils.nullSafeConciseToString() #30811
  • Extend list of supported types in ObjectUtils.nullSafeConciseToString() #30806
  • Align ConcurrentMapCacheManager locking behavior with CaffeineCacheManager #30781
  • ResolvableType.hasUnresolvableGenerics() should cache its result #30715
  • Ensure Spring LogFactory contains all public methods from Apache LogFactory #30711
  • Translate SQL Exception with State S0001 and Vendor Code 2628 to a Spring Exception in MSSQL 2019 #30682

🐞 Bug Fixes

  • For a prototype bean, if first-time rejected value is null, subsequent value will wrongly be null always #30809
  • Revert changes to toString() in FieldError #30800
  • Fix log level on error with @TransactionalEventListener #30784
  • SerializableTypeWrapper does not consistently catch InvocationTargetException #30767
  • NPE in MvcUriComponentsBuilder with no-arg target method on interface #30757
  • Jackson2ObjectMapperBuilder breaks when modules customizer follows modulesToInstall #30752
  • Spring ORM SpringBeanContainer when trying to create a bean fails with not found bean definition, and fallbacks to default hibernate bean creation #30685

📔 Documentation

  • ResultSet holdability into the View layer broken by Hibernate 5 #30863
  • Clarify ReactiveTransactionManager exception declarations #30819
  • Doc: JdbcTransactionManager vs DataSourceTransactionManager #30814

🔨 Dependency Upgrades

  • Upgrade to Reactor 2020.0.34 #30873

v5.3.28

⭐ New Features

  • ClassLoader can be null in DeserializingConverter and should be annotated with @Nullable #30672
  • Performance optimization in AbstractBeanFactoryBasedTargetSource.hashCode() #30585
  • Consistent support for MultiValueMap and common Map implementations in CollectionFactory #30441
  • Reject null and empty SpEL expressions #30373
  • Introduce Environment.matchesProfiles() for profile expressions #30226

🐞 Bug Fixes

  • Change of behaviour for UUID in bean validation output in v5.3.27 #30662
  • Spring Framework 5.3.27 appears to cause issues in OSGi environment #30637
  • Inconsistent ProxyCallbackFilter#equals/hashCode methods in CglibAopProxy #30616
  • EclipseLinkJpaDialect: Unexpected default isolation levels #30589

... (truncated)

Commits
  • 13b31c7 Release v5.3.29
  • 5331938 Polishing
  • e1e7fa4 Upgrade to Reactor 2020.0.34 (and Tomcat 9.0.78)
  • e1351a5 Update OS version in CI image
  • ac94d2b Polishing
  • 16fd70a Avoid illegal reflective access in ContextOverridingClassLoader
  • c1bf099 Improve diagnostics for LinkageError in case of ClassLoader mismatch
  • 9e7ee0c Deprecate setAllowResultAccessAfterCompletion and document it as broken
  • 1cd994d Encapsulate full path initialization
  • 3d28c02 Handle JDBC warnings in case of a statement exception as well
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
dependabot: bump org.springframework:spring-core from 5.3.27 to 5.3.29
30f6d92 
Bumps [org.springframework:spring-core](https://github.com/spring-projects/spring-framework) from 5.3.27 to 5.3.29.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v5.3.27...v5.3.29)

---
updated-dependencies:
- dependency-name: org.springframework:spring-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 21, 2023
@dependabot dependabot bot requested a review from stephen-crawford as a code owner August 21, 2023 06:25
@dependabot dependabot bot added the java Pull requests that update Java code label Aug 21, 2023
@codecov
Copy link

codecov bot commented Aug 21, 2023
edited
Loading

Codecov Report

Merging #3208 (30f6d92) into main (32d3112) will decrease coverage by 0.03%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##               main    #3208      +/-   ##
============================================
- Coverage     62.45%   62.43%   -0.03%     
+ Complexity     3353     3351       -2     
============================================
  Files           254      254              
  Lines         19748    19748              
  Branches       3334     3334              
============================================
- Hits          12334    12330       -4     
- Misses         5785     5789       +4     
  Partials       1629     1629

see 2 files with indirect coverage changes

@willyborankin willyborankin merged commit 39b125c into main Aug 21, 2023
@willyborankin willyborankin deleted the dependabot/gradle/org.springframework-spring-core-5.3.29 branch August 21, 2023 11:20
@cwperks cwperks added the backport 2.x backport to 2.x branch label Aug 21, 2023
@opensearch-trigger-bot
Copy link
Contributor

The backport to 2.x failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/security/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/security/backport-2.x
# Create a new branch
git switch --create backport/backport-3208-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 39b125c6bf0154c59c926d10c459fc5ca446cc44
# Push it to GitHub
git push --set-upstream origin backport/backport-3208-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/security/backport-2.x

Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-3208-to-2.x.

@peternied peternied mentioned this pull request Aug 31, 2023
Closed
31 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RyanL1997 RyanL1997 RyanL1997 approved these changes

@willyborankin willyborankin willyborankin approved these changes

@cliu123 cliu123 Awaiting requested review from cliu123

@cwperks cwperks Awaiting requested review from cwperks cwperks is a code owner

@DarshitChanpura DarshitChanpura Awaiting requested review from DarshitChanpura DarshitChanpura is a code owner

@davidlago davidlago Awaiting requested review from davidlago

@peternied peternied Awaiting requested review from peternied peternied is a code owner

@stephen-crawford stephen-crawford Awaiting requested review from stephen-crawford

@reta reta Awaiting requested review from reta reta is a code owner

Assignees
No one assigned
Labels
backport 2.x backport to 2.x branch dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@willyborankin @RyanL1997 @cwperks @DarshitChanpura