Bump spring.version from 5.1.9.RELEASE to 5.2.3.RELEASE in /aws-serverless-java-container-spring #319
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps `spring.version` from 5.1.9.RELEASE to 5.2.3.RELEASE. Updates `spring-webmvc` from 5.1.9.RELEASE to 5.2.3.RELEASE - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.1.9.RELEASE...v5.2.3.RELEASE) Updates `spring-test` from 5.1.9.RELEASE to 5.2.3.RELEASE - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.1.9.RELEASE...v5.2.3.RELEASE) Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
the
dependencies
dependabot
bot
deleted the
dependabot/maven/aws-serverless-java-container-spring/spring.version-5.2.3.RELEASE
branch
sapessi
added a commit
that referenced
this pull request
Apr 8, 2020
* Bump spring.version in /aws-serverless-java-container-spring (#319) Bumps `spring.version` from 5.1.9.RELEASE to 5.2.3.RELEASE. Updates `spring-webmvc` from 5.1.9.RELEASE to 5.2.3.RELEASE - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.1.9.RELEASE...v5.2.3.RELEASE) Updates `spring-test` from 5.1.9.RELEASE to 5.2.3.RELEASE - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.1.9.RELEASE...v5.2.3.RELEASE) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump spring-webflux in /aws-serverless-java-container-springboot2 (#318) Bumps [spring-webflux](https://github.com/spring-projects/spring-framework) from 5.1.9.RELEASE to 5.2.0.RELEASE. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.1.9.RELEASE...v5.2.0.RELEASE) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * ci: Fixing Spring build to use 5.2 as latest * chore(deps): Bump Spring 5.1 path release to address a security vulnerability * chore(deps): Fixing usual spring dependency mess with exlusions out of the spring-security package used in the tests * Fix for issue #317 (#323) * fix issue 317 - use charset from request * update dependencies * update build dependencies, remove spring boot 2.0.x * restoring ci config Co-authored-by: Stefano Buliani <[email protected]> * test: Fixed Spring security tests for SpringBoot 2, added validation tests and updated servlet tests to use the new servletApplication option * fix: Avoid flushing the response buffer if we are dispatching the request asynchronously. This was causing race conditions in the SpringBoot 2 WebFlux implementation - requests that had to run through security or validation filters took longer and the library flushed an empty request, which caused the status code to default to 200. This fix addresses issues #279, #304, and #306 * chore(deps): Bump spring dependency version and added webmvc optional dependency to truly support Servlet-only server * feat: New application type parameter to SpringBootLambdaContainerHandler that tells the framework whether to start a reactive or servlet-based embedded server. Also added a new servletApplication method to the builder object. * test: Fixed UTF-8 encoding test * ci: Fixed dependencies for CI run on SpringBoot 2 * ci: More Spring dependency convergence issues during CI * fix: Added null-check on getServerName in case the multi-value headers property is null. Unlikely outside of tests but better safe than sorry. This addresses #327 * fix: Changed servlet initialization mechanism so that servlet that requests load on startup are initialized right away, as part of the initialization() method call in LambdaServletContainerHandler. Also centralized the lazy Servlet initialization to the ServletExecutionFilter so that we don't have code scattered all around. This begins to address #287 * feat: Added new 0-parameter constructor for async initializer that uses the actual JVM start time to calculate the timeout milliseconds. Also added the new method to the builder object and deprecated the current method that receives a milliseconds epoch parameter. I'm not deprecating the constructor of the async initializer class that receives the parameter as it may still be useful for tests. This change was suggested in #287 * fix: Updated SpringBoot 1.x handler to use the new servlet initialization mechanism * ci: switch SpringBoot slow integration test to use a custom async time since the JVM is reused for both tests in the and we cannot reuse the actual JVM init time * feat: New models for HTTP API support for #329 * feat: First implementation of HTTP API servlet request, request reader, and security context writer - continuing to address #329 * test: Basic unit tests for the new HTTP API support in core library (#329) * feat: Updated log formatter to support both versions (1 and 2) of the proxy request model (#329) * feat: Further generified request readers to read to a generic HttpServletRequest rather than specific implementations of it. This makes it easier to create container handler implementations that support HTTP API, API Gateway, and ALB (#329) * test: Fixed tests for new logged and generified request readers * feat: Added HTTP API support to Jersey implementation with new getHttpApiV2ProxyHandler method (#329) * feat: Added HTTP API support to Spark implementation (#329) * feat: Added HTTP API support to Spring implementation (#329) * feat: HTTP API support in SpringBoot 2 implementation. bug: Fixed an issue with the implementation of AsyncContext where it wasn't dispatching if the handler wasn't set * feat: First pass of HTTP API support in struts 2 implementation (#329) * fix: Added support for HTTP APIs to the request dispatcher * chore(deps): Dependency bump all around. Rotated Jersey ci versions * fix: Updated stream handling logic to work with reactive applications as suggested in #316 * test: Added unit test to replicate #333 * feat: New configuration parameter to skip exception mapping and allow exception to bubble up from #307 * fix: Fixed spotbugs issue in RuntimeException cast * test: Added tests for more complex content types mentioned in issue #315 * docs: Updated samples to support SAM CLI operations out of the box to address #293 and switched to HTTP API by default * feat: Updated archetypes to work out of the box with the SAM CLI, continuing to address #293 * chore: License header pass on the entire project * fix: Set default value for setDisableException mapper in config to false * fix: Updated default initialization timeout to 20 seconds Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eran Medan <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps
spring.versionfrom 5.1.9.RELEASE to 5.2.3.RELEASE.Updates
spring-webmvcfrom 5.1.9.RELEASE to 5.2.3.RELEASERelease notes
Sourced from spring-webmvc's releases.
Commits
0ddc62eRelease version 5.2.3.RELEASE8740c2dWarning against split URL handling in docs5debd86Upgrade to Reactor Dysprosium SR31c270d8Fix Checkstyle violation29fe65dUpgrade to Dysprosium snapshots8a60867Polishing regarding AJDT versions33ffdd8Update copyright datec84dd55Fix typo in ReflectionUtilsTestscbc5746Support for maxInMemorySize in SSE readera741ae4Improve limit handling in StringDecoderUpdates
spring-testfrom 5.1.9.RELEASE to 5.2.3.RELEASERelease notes
Sourced from spring-test's releases.
Commits
0ddc62eRelease version 5.2.3.RELEASE8740c2dWarning against split URL handling in docs5debd86Upgrade to Reactor Dysprosium SR31c270d8Fix Checkstyle violation29fe65dUpgrade to Dysprosium snapshots8a60867Polishing regarding AJDT versions33ffdd8Update copyright datec84dd55Fix typo in ReflectionUtilsTestscbc5746Support for maxInMemorySize in SSE readera741ae4Improve limit handling in StringDecoderDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot ignore this [patch|minor|major] versionwill close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and languageYou can disable automated security fix PRs for this repo from the Security Alerts page.