Bump spring-webmvc from 4.3.3.RELEASE to 5.2.20.RELEASE in /java/zookeeper#34
Open
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)
Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 4.3.3.RELEASE to 5.2.20.RELEASE. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">spring-webmvc's releases</a>.</em></p> <blockquote> <h2>v5.2.20.RELEASE</h2> <h2>:star: New Features</h2> <ul> <li>Restrict access to property paths on Class references <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28262">#28262</a></li> <li>Improve diagnostics in SpEL for large array creation <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/28257">#28257</a></li> </ul> <h2>v5.2.19.RELEASE</h2> <h2>:star: New Features</h2> <ul> <li>Declare serialVersionUID on DefaultAopProxyFactory <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27785">#27785</a></li> <li>Use ByteArrayDecoder in DefaultClientResponse::createException <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27667">#27667</a></li> </ul> <h2>:lady_beetle: Bug Fixes</h2> <ul> <li>ProxyFactoryBean getObject called before setInterceptorNames, silently creating an invalid proxy [SPR-7582] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27817">#27817</a></li> <li>Possible NPE in Spring MVC LogFormatUtils <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27783">#27783</a></li> <li>UndertowHeadersAdapter's remove() method violates Map contract <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27593">#27593</a></li> <li>Fix assertion failure messages in DefaultDataBuffer.checkIndex() <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27577">#27577</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> <ul> <li>Lazy annotation throws exception if non-required bean does not exist <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27660">#27660</a></li> <li>Incorrect Javadoc in [NamedParameter]JdbcOperations.queryForObject methods regarding exceptions <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27581">#27581</a></li> <li>DefaultResponseErrorHandler update javadoc comment <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27571">#27571</a></li> </ul> <h2>:hammer: Dependency Upgrades</h2> <ul> <li>Upgrade to Reactor Dysprosium-SR25 <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27635">#27635</a></li> <li>Upgrade to Log4j2 2.16.0 <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27825">#27825</a></li> </ul> <h2>v5.2.18.RELEASE</h2> <h2>:star: New Features</h2> <ul> <li>Enhance DefaultResponseErrorHandler to allow logging complete error response body <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27558">#27558</a></li> <li>DefaultMessageListenerContainer does not log an error/warning when consumer tasks have been rejected <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27457">#27457</a></li> </ul> <h2>:lady_beetle: Bug Fixes</h2> <ul> <li>Performance impact of con.getContentLengthLong() in AbstractFileResolvingResource.isReadable() downloading huge jars to check component length <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27549">#27549</a></li> <li>Performance impact of ResourceUrlEncodingFilter on HttpServletResponse#encodeURL <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27548">#27548</a></li> <li>Avoid duplicate JCacheOperationSource bean registration in <!-- raw HTML omitted --> <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27547">#27547</a></li> <li>Non-escaped closing curly brace in RegEx results in initialization error on Android <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27502">#27502</a></li> <li>Proxy generation with Java 17 fails with "Cannot invoke "Object.getClass()" because "cause" is null" <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27498">#27498</a></li> <li>ConcurrentReferenceHashMap's entrySet violates the Map contract <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27455">#27455</a></li> </ul> <h2>:hammer: Dependency Upgrades</h2> <ul> <li>Upgrade to Reactor Dysprosium-SR24 <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/27526">#27526</a></li> </ul> <h2>v5.2.17.RELEASE</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spring-projects/spring-framework/commit/cfa701b8726f06528e9d408b1b94f333f70da45f"><code>cfa701b</code></a> Release v5.2.20.RELEASE</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/996f701a1916d10202c1d0d281f06ab1f2e1117e"><code>996f701</code></a> Refine PropertyDescriptor filtering</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/90cfde985ef08e8372ffefda2156f8091f65efe6"><code>90cfde9</code></a> Improve diagnostics in SpEL for large array creation</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/94f52bc94f885fe97201b93bc1c92f35e7b0afa9"><code>94f52bc</code></a> Upgrade to Artifactory Resource 0.0.17</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/d4478bafa43d9fd7c92f2891a28ec1b620f26792"><code>d4478ba</code></a> Upgrade Java versions in CI image</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/136e6db822f2b0695ce00d6a79e7046f721bcdf0"><code>136e6db</code></a> Upgrade Ubuntu version in CI images</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/8f1f68377da4cc32efeaeb7b56229db09ee2a590"><code>8f1f683</code></a> Upgrade Java versions in CI image</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/ce2367a76ff714cf5f832990caa64ae598a4d744"><code>ce2367a</code></a> Upgrade to Log4j2 2.17.1</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/acf782347f2d70853a5def82ab0c38f14fc0bbc2"><code>acf7823</code></a> Next development version (v5.2.20.BUILD-SNAPSHOT)</li> <li><a href="https://github.com/spring-projects/spring-framework/commit/1a03ffef62a9dc6bc8234b73fbd5023ed153b941"><code>1a03ffe</code></a> Upgrade to Log4j2 2.16.0</li> <li>Additional commits viewable in <a href="https://github.com/spring-projects/spring-framework/compare/v4.3.3.RELEASE...v5.2.20.RELEASE">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/zj-dreamly/my-program-learning/network/alerts). </details>
AI Analysis
This issue appears to be discussing a feature request or bug report related to the repository. Based on the content, it seems to be still under discussion. The issue was opened by dependabot[bot] and has received 0 comments.
Add a comment
Comment form would go here