Hibernate Validator 9.1.0.Final released

We are pleased to announce the release of Hibernate Validator 9.1: 9.1.0.Final.

You can find the full list of 9.1.0.Final changes here.

This release mainly targets to improve performance. At the same time it contains a few other improvements, new constraints and more. See the "what's new" page to learn more.

You can also find the report on validation performace improvements at our blog.

For additional details, see:

• the release page
• the Migration Guide
• the Getting started
• the Reference Guide
• the API docs

Visit the website for details on getting in touch with us.

Reactor Netty 1.3.0 is part of 2025.0.0 Release Train.

This version:

• Upgrades Netty to version 4.2
  • Graduates Reactor Netty HTTP/3 support
  • Graduates Reactor Netty QUIC support
  • Netty IO_Uring support graduated from incubation. By default Reactor Netty comes with Epoll, if IO_Uring is needed, a dependency has to be added io.netty:netty-transport-native-io_uring. IO_Uring is supported on JDK 11+.
• Migrates to JSpecify annotations for nullability constraints

• Ensure POST empty body sending content-length 0 by @violetagg in #3663
• Ensure HttpClient does not add Content-Length header when GET/HEAD/DELETE and the send Publisher does not provide content by @violetagg in #3664

• Depend on Reactor Core v3.8.0 by @violetagg in 586257ffdb7aec8bb0e5cf1961896eed87e8bffa, see release notes
• Depend on Netty v4.2.7.Final by @violetagg in #3971
  • Adapt to SocketProtocolFamily by @violetagg in #3766
  • Adapt to IoEventLoopGroup by @violetagg in #3767
  • Graduate reactor-netty-incubator-quic to reactor-netty-quic by @violetagg in #3768
  • IO_Uring is now part of Netty by @violetagg in #3705 and by @j-bahr in #3974
  • Reactor Netty HTTP/3 support is no more in incubation by @violetagg in #3851, #3996
• Depend on Micrometer v1.16.0 by @violetagg in #3997
• Depend on Micrometer Tracing v1.6.0 by @violetagg in #3997
• Depend on Context Propagation v1.2.0 by @violetagg in #3997
• Depend on Brave v6.3.0 by @dependabot in #3786
• Migrate to JSpecify annotations for nullability constraints by @violetagg in #3630, #3640, #3641, #3642, #3644, #3645, #3647, #3665, #3694, #3707, #3708, #3709, #3933, #3934, #3995, 8b148ce33b4aa282bbc997d01bf6e99c1da02455, ee5ac40ef43ff5f8aacdded432f4a60ddf9a00a6
• Add HttpMeterRegistrarAdapter to track active streams in HTTP/2 and HTTP/3 by @raccoonback in #3632
• Move log statement to the correct place by @violetagg in #3674
• Add API for determining the resolved addresses to which this client should connect by @violetagg in #3687
• Support websocket over HTTP/2 by @violetagg in #3691 and #3715
• Enable set up TcpResources default max connection by setting by @lcamhoa in #3712
• Make AccessLog class not final by @dmitrysulman in #3726
• Add request and response header iterators to AccessLogArgProvider by @dmitrysulman in #3735
• Support error log handler for Http server by @raccoonback in #3700 and by @violetagg in 4ed2380d4a866e7577c1785c6efd8caa9675ff76 and #3750
• Remove unused method parameter by @violetagg in #3751
• Remove the usage of deprecated functionality by @violetagg in #3792
• Use the new Netty HTTP/2 setting SETTINGS_ENABLE_CONNECT_PROTOCOL by @violetagg in #3794
• Remove the usage of deprecated functionality by @violetagg in #3819
• Improve protocol validation in Forwarded/X-Forwarded-Proto header parsing by @violetagg in #3823 and #3824
• Remove trailer header pre-declaration requirement by @violetagg in #3825
• Support Proxy-Authorization renewal by @violetagg in #3925
• Add API for configuring maximum number RST frames that are allowed per window by @violetagg in #3931
• Preserve exception cause in ChannelBindException by @violetagg in #3976
• Add HTTP/2 PING-based connection health checks by @violetagg in #3980
• Allow setting .pendingAcquireMaxCount() to zero in ConnectionProvider by @Martin7-1 in #3987

• Fix various issues with Nullable annotation by @violetagg in #3626, #3628, #3629, #3646
• Fix NullPointerException in Http2SettingsSpec#hashCode by @violetagg in #3639
• Fix Http2ConnectionProvider#logStreamsState to log active/max streams per connection and per all connections by @violetagg in #3650
• Ensure the HTTP/2 stream is closed when an error happens before send operation by @violetagg in #3675
• Ensure the HTTP/3 stream is closed when an error happens before send operation by @violetagg in #3677
• Ensure the connection is invalidated when an error happens before h2c upgrade operation by @violetagg in #3678
• Ensure HttpInfos#version returns the correct protocol when Unix Domain Sockets by @violetagg in #3693
• Ensure reactor.netty.http.server.connections.active is updated when there is no HttpServerOperations by @violetagg in #3725
• Ensure the default compression configuration is taken from Netty by @violetagg in #3743
• Ensure the exception is propagated in case of delayed address resolution by @violetagg in #3744
• Release the partial HttpData only if it is not released by Netty by @violetagg in #3749
• Connection pools with/without resolvedAddressesSelector are different pools by @violetagg in #3753
• Remove extra write invocation when Expect: 100-continue by @violetagg in #3755
• Ensure the connection is invalidated when a connection close happens before HTTP/1.1 to HTTP/2 upgrade operation by @violetagg in #3806
• When HTTP/2 apply always the trailer headers by @violetagg in #3808
• Trailers must not include pseudo-header fields by @violetagg in #3810
• Add the HTTP/2 connection to the channel group for a proper graceful shutdown in case no active streams by @violetagg in #3827
• Add proper initialisation of maxConcurrentStreams when successful HTTP/1.1 to HTTP/2 upgrade by @violetagg in #3832
• Ensure the HTTP/2 upgrade stream inherits the proper state from the original HTTP/1.1 connection when successful upgrade from HTTP/1.1 to HTTP/2 by @violetagg in #3838
• When HTTP/2, ensure the trailer headers are provided in case full response is received by @violetagg in #3847
• Ensure HttpClientResponse#trailerHeaders always completes by @violetagg in #3848
• Fix message for handlerConfigurator by @klopfdreh in #3861
• Ensure both resolved and unresolved server bind addresses are used with ConnectionProvider#disposeWhen by @violetagg in #3881
• Ensure 100-Continue is handled when collecting client's metrics by @violetagg in #3895
• Ensure cookie validation errors are propagated by @violetagg in #3898
• Ensure ResponseTimeoutHandler is added as one of the first handlers in the pipeline by @violetagg in #3916
• Add missing check for null by @violetagg in #3932
• Do not try to send the file when Content-Length:0 by @violetagg in #3936
• Ensure the HTTP/2 upgrade stream inherits the proper state from the original HTTP/1.1 connection when successful upgrade from HTTP/1.1 to HTTP/2 by @violetagg in #3957
• Fix HttpClientConfig copying issue in MonoHttpConnect by @violetagg in #3964

• Add reactor-netty-quic reference documentation by @violetagg in #3775
• Add QUIC example by @violetagg in #3782
• Document the required HTTP/2 initial setting when websocket over HTTP/2 on the server by @violetagg in #3783

• @lcamhoa made their first contribution in #3712
• @dmitrysulman made their first contribution in #3726
• @jkonicki made their first contribution in #3829 and #3830
• @klopfdreh made their first contribution in #3861
• @Martin7-1 made their first contribution in #3987

Full Changelog: https://github.com/reactor/reactor-netty/compare/v1.2.3...v1.3.0

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.739...7.20.0-rc.740

Reactor Netty 1.2.12 is part of 2024.0.12 Release Train.

• Depend on Reactor Core v3.7.13 by @chemicL in e96e94ab11cffd22ccc361466c9daa5b58575c8b, see release notes
• Depend on Netty v4.1.128.Final by @violetagg in #3970
• Preserve exception cause in ChannelBindException by @violetagg in #3976
• Add HTTP/2 PING-based connection health checks by @violetagg in #3980
• Allow setting .pendingAcquireMaxCount() to zero in ConnectionProvider by @Martin7-1 in #3987

• @Martin7-1 made their first contribution in #3987

Full Changelog: https://github.com/reactor/reactor-netty/compare/v1.2.11...v1.2.12

• Restore support for Jersey now that it supports JAX-RS 4 (Jakarta EE 11) #47967
• Refactor OpenTelemetryLoggingAutoConfiguration from OpenTelemetrySdkAutoConfiguration #47963
• Switch property backing OnEnabledTracingExportCondition to management.tracing.export.{name}.enabled #47959
• Rename management.zipkin.tracing to management.tracing.export.zipkin #47958
• Switch property backing OnEnabledLoggingExportCondition to management.logging.export.{name}.enabled #47957
• Rename management.opentelemetry.logging.export properties #47954
• Split spring-boot-micrometer-tracing into Brave and OpenTelemetry specific module #47953
• Use Elasticsearch 9.2's elasticsearch-rest5-client in spring-boot-elasticsearch #47945
• Provide auto-configuration for Jackson's XML data format #47942
• Rename OnlyOnceLoggingDenyMeterFilter #47925
• Allow url to be specified when working with @AutoConfigureWebMvc configured HtmlUnit beans #47857

• Incorrect metadata for HttpServiceClientProperties ("spring.http.serviceclient") #47943
• Setting 'max-uri-tags' does not prevent unlimited meter growth on any AutoConfiguredCompositeMeterRegistry #47924
• Docker response 407 is not handled correctly resulting in no error message #47901
• Runtime hints for web resources no longer include nested folders #47894
• Auto-configuration for WebTestClient should be in an autoconfigure package #47892
• Jackson 2 support does not work in some sliced tests #47869
• spring-boot-starter-zipkin is missing spring-boot-micrometer-tracing dependency #47866
• Application TaskExecutor is no longer used when a custom AsyncConfigurer bean is defined #47897
• Custom Jackson serializers are no longer included in WebMvcTest and WebFluxTest #47864
• spring-boot-webtestclient is missing from GraphQL test starter #47849
• spring-boot-security brings test dependencies #47813
• @JsonTest and @AutoConfigureJson fail when using spring-boot-jackson2 #47811
• Message converter customizer ordering impedes overriding #47798
• Deprecated testcontainers implementations are no longer detected #47796
• reactor-test is missing from reactive test starters #47795
• spring-kafka-test is missing from spring-boot-starter-kafka-test #47793
• spring-batch-test is missing from spring-boot-starter-batch-test #47792
• spring-rabbit-test is missing from spring-boot-starter-amqp-test #47791
• App fails to start when using Actuator with Jackson 2 and without spring-web #47788
• Depending on spring-boot-starter-actuator without a tracing bridge results in empty and unwanted correlation IDs in the logs #47785
• spring-boot-maven-plugin process-aot goal does not find package-private main method #47783
• Templating auto-configurations still have enabled properties that are not relevant following modularization #32250

• Config property management.logging.export.enabled is missing from documentation #47961
• Add a section about upgrading to Spring Boot 4.x #47916
• BootstrapContext#getOrElseThrow has incorrect reference to IllegalStateException #47906
• Clarify when BootstrapContext get methods may return null rather than throwing an exception or calling the fallback supplier #47899
• Document that web clients are opt-in with @SpringBootTest #47891
• Document AssertJ support in RestTestClient #47881
• Document that Actuator endpoint may have at most one extension of each type #47874
• Limit Kotlin API documentation to Kotlin-specific APIs #47860
• Correct link to JacksonTester in JacksonTesterTestAutoConfiguration javadoc #47784

• Downgrade to Cassandra Driver 4.19.0 #47938
• Upgrade to AspectJ 1.9.25 #47931
• Upgrade to Caffeine 3.2.3 #47884
• Upgrade to Elasticsearch Client 9.2.0 #47847
• Upgrade to GraphQL Java 25.0.beta-9 #47911
• Upgrade to Hibernate 7.1.6.Final #47932
• Upgrade to Jackson 2 Bom 2.20.1 #47886
• Upgrade to JUnit Jupiter 6.0.1 #47933
• Upgrade to Kotlin 2.2.21 #47887
• Upgrade to Prometheus Client 1.4.2 #47888
• Upgrade to Quartz 2.5.1 #47889
• Upgrade to R2DBC Postgresql 1.1.1.RELEASE #47890
• Upgrade to Rabbit AMQP Client 5.27.1 #47950
• Upgrade to Spring Batch 6.0.0-RC2 #47842
• Upgrade to Spring Data Bom 2025.1.0-RC2 #47843
• Upgrade to Spring Framework 7.0.0-RC3 #47850
• Upgrade to Spring GraphQL 2.0.0-RC2 #47879
• Upgrade to Spring HATEOAS 3.0.0-RC2 #47851
• Upgrade to Spring Integration 7.0.0-RC2 #47880
• Upgrade to Spring Security 7.0.0-RC3 #47844

Thank you to all the contributors who worked on this release:

@Walti91, @filiphr, @mipo256, @namest504, @ngocnhan-tran1996, @siva-sai-udaygiri, and @tschut

• Default WebAuthnConfigurer#rpName to rpId #18132
• Document effects of disabling CORS #18130

• WebAuthnAuthenticationFilter is not getting post-processed by EnableMfaFiltersPostProcessor #18128
• AOT hints for authorization server Jackson 3 types should be registered #18146
• JdbcRegisteredClientRepository should support Jackson 3 #18143
• RequestHeaderAuthenticationFilter#getPreAuthenticatedPrincipal should be declared @Nullable #18046

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.738...7.20.0-rc.739

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.737...7.20.0-rc.738

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.736...7.20.0-rc.737

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.735...7.20.0-rc.736