Update spring core to v5.3.33

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.springframework:spring-webmvc	5.3.27 -> 5.3.33
org.springframework:spring-web	5.3.27 -> 5.3.33
org.springframework:spring-tx	5.3.27 -> 5.3.33
org.springframework:spring-orm	5.3.27 -> 5.3.33
org.springframework:spring-jdbc	5.3.27 -> 5.3.33
org.springframework:spring-jcl	5.3.27 -> 5.3.33
org.springframework:spring-expression	5.3.27 -> 5.3.33
org.springframework:spring-context-support	5.3.27 -> 5.3.33
org.springframework:spring-context	5.3.27 -> 5.3.33
org.springframework:spring-aspects	5.3.27 -> 5.3.33
org.springframework:spring-aop	5.3.27 -> 5.3.33
org.springframework:spring-beans	5.3.27 -> 5.3.33
org.springframework:spring-core	5.3.27 -> 5.3.33

---

Release Notes

spring-projects/spring-framework (org.springframework:spring-webmvc)

v5.3.33

⭐ New Features

• Extract reusable method for URI validations #​32442
• Allow UriTemplate to be built with an empty template #​32438
• Refine *HttpMessageConverter#getContentLength return value null safety #​32332

🐞 Bug Fixes

• AopUtils.getMostSpecificMethod does not return original method for proxy-derived method anymore #​32369
• Better protect against concurrent error handling for async requests #​32342
• Restore Jetty 10 compatibility in JettyClientHttpResponse #​32337
• ContentCachingResponseWrapper no longer honors Content-Type and Content-Length #​32322

📔 Documentation

• Build KDoc against 5.3.x Spring Framework Javadoc #​32414

🔨 Dependency Upgrades

• Upgrade to Reactor 2020.0.42 #​32422

v5.3.32

⭐ New Features

• Add CORS support for Private Network Access #​31974
• Avoid early getMostSpecificMethod resolution in CommonAnnotationBeanPostProcessor #​31969

🐞 Bug Fixes

• Consistent parsing of user information in UriComponentsBuilder #​32247
• QualifierAnnotationAutowireCandidateResolver.checkQualifier does identity checks when comparing arrays used as qualifier fields #​32108
• Guard against multiple body subscriptions in Jetty and JDK reactive responses #​32101
• Static resources caching issues with ShallowEtagHeaderFilter and Jetty caching directives #​32051
• ChannelSendOperator.WriteBarrier race condition in request(long) method leads to response being dropped #​32021
• Spring AOP does not propagate arguments for dynamic prototype-scoped advice #​31964
• MergedAnnotation swallows IllegalAccessException for attribute method #​31961
• CronTrigger hard-codes default ZoneId instead of participating in scheduler-wide Clock setup #​31950
• MergedAnnotations finds duplicate annotations on method in multi-level interface hierarchy #​31825
• PathEditor cannot handle absolute Windows paths with forward slashes #​31728
• Include Hibernate's Query.scroll() in SharedEntityManagerCreator's queryTerminatingMethods set #​31684
• TypeDescriptor does not check generics in equals method (for ConversionService caching) #​31674
• Slow SpEL performance due to method sorting in ReflectiveMethodResolver #​31665
• Jackson encoder releases resources in wrong order #​31657
• WebSocketMessageBrokerStats has null stats for stompSubProtocolHandler since 5.3.2 #​31642

📔 Documentation

• Document cron-vs-quartz parsing convention for dayOfWeek part in CronExpression #​32131

🔨 Dependency Upgrades

• Upgrade to Reactor 2020.0.41 #​32276

v5.3.31

⭐ New Features

• Log4jLog needs to re-resolve ExtendedLogger on deserialization (for compatibility with Log4J 2.21) #​31583

🐞 Bug Fixes

• MessageBuilder#createMessage should not define the payload as @Nullable #​31611
• Avoid duplicate JAR resources in PathMatchingResourcePatternResolver on MS Windows #​31603
• Spring web integration commons fileupload receives files and other parameter uploads, with a null pointer #​31564
• Function column out doesn't resolve to SqlOutParameter #​31560
• Resolve to empty MultiValueMap when no matrix variables are provided #​31484
• BeanUtils.copyProperties() consumes large amount of memory #​31481
• CGLIB BeanCopier falls back to ClassLoader.defineClass for public target #​31436
• R2DBC Connection is closed during transaction when using TransactionAwareConnectionFactoryProxy #​31411
• HibernateJpaDialect and HibernateExceptionTranslator throw SQLExceptionTranslator-provided exception instead of returning it #​31410
• NamedParameterJdbcTemplate throws unexpected exception for null query #​31394
• LazyResolutionMessage does not implement proper toString #​31385
• Illegal reflective access in ContextOverridingClassLoader.isEligibleForOverriding #​31233

📔 Documentation

• Clarify documentation for @Transactional on interfaces #​31401
• Default behavior of BeanPropertyRowMapper.getColumnValue(ResultSet, int, Class) inconsistent with code #​31349
• Referencing a @Bean method in a @Configuration class' @PostConstruct method leads to circular reference #​31339
• Incorrect reference information about CGLIB supported method visibility #​31311

🔨 Dependency Upgrades

• Upgrade to Reactor 2020.0.38 #​31584

v5.3.30

⭐ New Features

• Optimize ClassUtils#getMostSpecificMethod #​31100
• Optimize whitespace checks in StringUtils #​31069
• Align validation metadata handling in PayloadMethodArgumentResolver #​31056
• Register an override for an existing adapter in ReactiveAdapterRegistry #​31048
• Make bean initialization deterministic for multiple @Autowired methods on same bean class #​30994
• Performance bottlenecks while creating scoped bean instances #​30892

🐞 Bug Fixes

• Possible classloader leak through incomplete clearing of annotation caches #​31176
• Spring LogFactory implementation deviates from original Apache LogFactory in terms of abstract method declarations #​31167
• Bean injection fails due to nullSafeConciseToString() invoking isEmpty() on a Map/Collection proxy #​31156
• SpelExpressionParser throws IllegalStateException instead of ParseException for invalid expression #​31099
• @DynamicPropertySource in @Nested test class cannot override dynamic properties from enclosing class #​31085
• TransactionalApplicationListenerMethodAdapter should find @TransactionalEventListener on target class method #​31037
• ScheduledAnnotationBeanPostProcessor: graceful shutdown should not interrupt currently running jobs #​31020
• Permgen memory leak due to ClassInfo caching in java.beans.Introspector on JDK 11/17 #​31005
• MethodIntrospector.selectMethods(?) fails to find methods in case of special bridge method arrangement #​30907

📔 Documentation

• Fix documentation: Passing in Lists of Values for IN Clause does not work with JdbcTemplate #​31229
• Refine CORS documentation for wildcard processing #​31168
• Propagation REQUIRES_NEW may cause connection pool deadlock #​31040
• Clarify R2DBC ConnectionAccessor and DatabasePopulator exception declarations #​30933
• Doc: Avoid deadlock in @PostConstruct through SmartInitializingSingleton or ContextRefreshedEvent #​30889

v5.3.29

⭐ New Features

• Avoid illegal reflective access in ContextOverridingClassLoader.isEligibleForOverriding #​30868
• Improve diagnostics for CGLIB ClassLoader issues with shared classes in parent ClassLoader #​30866
• JdbcTemplate does not call handleWarnings in case of exception #​30852
• Tolerate AnnotationUtils.isCandidateClass call with null as annotation type #​30843
• Simplify DefaultSingletonBeanRegistry.isDependent() #​30841
• Provide explicit support for collections, maps, and arrays in ObjectUtils.nullSafeConciseToString() #​30811
• Extend list of supported types in ObjectUtils.nullSafeConciseToString() #​30806
• Align ConcurrentMapCacheManager locking behavior with CaffeineCacheManager #​30781
• ResolvableType.hasUnresolvableGenerics() should cache its result #​30715
• Ensure Spring LogFactory contains all public methods from Apache LogFactory #​30711
• Translate SQL Exception with State S0001 and Vendor Code 2628 to a Spring Exception in MSSQL 2019 #​30682

🐞 Bug Fixes

• For a prototype bean, if first-time rejected value is null, subsequent value will wrongly be null always #​30809
• Revert changes to toString() in FieldError #​30800
• Fix log level on error with @TransactionalEventListener #​30784
• SerializableTypeWrapper does not consistently catch InvocationTargetException #​30767
• NPE in MvcUriComponentsBuilder with no-arg target method on interface #​30757
• Jackson2ObjectMapperBuilder breaks when modules customizer follows modulesToInstall #​30752
• Spring ORM SpringBeanContainer when trying to create a bean fails with not found bean definition, and fallbacks to default hibernate bean creation #​30685

📔 Documentation

• ResultSet holdability into the View layer broken by Hibernate 5 #​30863
• Clarify ReactiveTransactionManager exception declarations #​30819
• Doc: JdbcTransactionManager vs DataSourceTransactionManager #​30814

🔨 Dependency Upgrades

• Upgrade to Reactor 2020.0.34 #​30873

v5.3.28

⭐ New Features

• ClassLoader can be null in DeserializingConverter and should be annotated with @Nullable #​30672
• Performance optimization in AbstractBeanFactoryBasedTargetSource.hashCode() #​30585
• Consistent support for MultiValueMap and common Map implementations in CollectionFactory #​30441
• Reject null and empty SpEL expressions #​30373
• Introduce Environment.matchesProfiles() for profile expressions #​30226

🐞 Bug Fixes

• Change of behaviour for UUID in bean validation output in v5.3.27 #​30662
• Spring Framework 5.3.27 appears to cause issues in OSGi environment #​30637
• Inconsistent ProxyCallbackFilter#equals/hashCode methods in CglibAopProxy #​30616
• EclipseLinkJpaDialect: Unexpected default isolation levels #​30589
• ThreadLocalTargetSource does not include actual target bean name in NamedThreadLocal #​30586
• ApplicationListenerMethodAdapter inconsistently publishes events from CompletableFuture #​30584
• For @Bean method that returns null, @Autowired injects NullBean instead of null for cached arguments #​30551
• Make maximum SpEL expression length configurable #​30446
• Respect TaskDecorator configuration on DefaultManagedTaskExecutor #​30443

📔 Documentation

• Document which @Scheduled attributes support SpEL expressions #​30642
• FileSystemUtils::deleteRecursively Javadoc refers to File instead of Path #​30555

🔨 Dependency Upgrades

• Upgrade to Reactor 2020.0.33 #​30656

---

Configuration

📅 Schedule: Branch creation - "after 7am and before 11am every weekday" in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.