Skip to content

Bump jdbi3.version from 3.52.1 to 3.53.0#323

Merged
ferenc-csaky merged 1 commit intomainfrom
dependabot/maven/jdbi3.version-3.53.0
May 8, 2026
Merged

Bump jdbi3.version from 3.52.1 to 3.53.0#323
ferenc-csaky merged 1 commit intomainfrom
dependabot/maven/jdbi3.version-3.53.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Bumps jdbi3.version from 3.52.1 to 3.53.0.
Updates org.jdbi:jdbi3-core from 3.52.1 to 3.53.0

Release notes

Sourced from org.jdbi:jdbi3-core's releases.

3.53.0

Fixes: Jdbi-Freemarker Security Advisory GHSA-mggx-p7jf-jgw4

The Freemarker configuration allows templates to construct arbitrary Java types, including freemarker.template.utility.Execute.

While exploiting this requires other unsafe practices (letting a user dictate template input), it seems prudent to disable template class resolution.

Please see GHSA-mggx-p7jf-jgw4 for more details.

Upgrade to testcontainers 2.x

While this required no code changes, the testcontainers project has renamed a number of their jar files. Jdbi still supports testcontainers 1.x and now also testcontainers 2.x:

If you are using testcontainers with Jdbi today and can not update to 2.x, make sure that you reference the org.testcontainers:jdbc and org.testcontainers:junit-jupiter dependencies. Those used to be available as transitive dependency from jdbi3-testcontainers.

If you upgrade to testcontainers 2.x, the org.testcontainers:testcontainers-jdbc and org.testcontainers:testcontainers-junit-jupiter dependencies must be available.

  • Update testcontainers dependency to 2.0.5 (from 1.21.4)
  • Add StatementContext parameter to SqlExceptionHandler and remove return value
Changelog

Sourced from org.jdbi:jdbi3-core's changelog.

3.53.0

Fixes: Jdbi-Freemarker Security Advisory GHSA-mggx-p7jf-jgw4

The Freemarker configuration allows templates to construct arbitrary Java types, including freemarker.template.utility.Execute.

While exploiting this requires other unsafe practices (letting a user dictate template input), it seems prudent to disable template class resolution.

Please see GHSA-mggx-p7jf-jgw4 for more details.

Upgrade to testcontainers 2.x

While this required no code changes, the testcontainers project has renamed a number of their jar files. Jdbi still supports testcontainers 1.x and now also testcontainers 2.x:

If you are using testcontainers with Jdbi today and can not update to 2.x, make sure that you reference the org.testcontainers:jdbc and org.testcontainers:junit-jupiter dependencies. Those used to be available as transitive dependency from jdbi3-testcontainers.

If you upgrade to testcontainers 2.x, the org.testcontainers:testcontainers-jdbc and org.testcontainers:testcontainers-junit-jupiter dependencies must be available.

  • Update testcontainers dependency to 2.0.5 (from 1.21.4)
  • Add StatementContext parameter to SqlExceptionHandler and remove return value
Commits
  • 5361840 [maven-release-plugin] prepare release v3.53.0
  • 59a8376 Release notes 3.53.0
  • 1f1a5c5 freemarker: disable template class resolution
  • 83465ac Merge remote-tracking branch 'origin/master' into sqlexception-handler-statem...
  • 5d4191f Merge pull request #2969 from hgschmie/testcontainers2
  • 05f9bdb align mysql docker image property name
  • ce9f12c align oracle docker image property name
  • ebceb8a move to testcontainers 2.x
  • 9a42863 add documentation and example
  • d53118f SqlExceptionHandler: add StatementContext parameter, remove confusing return ...
  • Additional commits viewable in compare view

Updates org.jdbi:jdbi3-sqlobject from 3.52.1 to 3.53.0

Release notes

Sourced from org.jdbi:jdbi3-sqlobject's releases.

3.53.0

Fixes: Jdbi-Freemarker Security Advisory GHSA-mggx-p7jf-jgw4

The Freemarker configuration allows templates to construct arbitrary Java types, including freemarker.template.utility.Execute.

While exploiting this requires other unsafe practices (letting a user dictate template input), it seems prudent to disable template class resolution.

Please see GHSA-mggx-p7jf-jgw4 for more details.

Upgrade to testcontainers 2.x

While this required no code changes, the testcontainers project has renamed a number of their jar files. Jdbi still supports testcontainers 1.x and now also testcontainers 2.x:

If you are using testcontainers with Jdbi today and can not update to 2.x, make sure that you reference the org.testcontainers:jdbc and org.testcontainers:junit-jupiter dependencies. Those used to be available as transitive dependency from jdbi3-testcontainers.

If you upgrade to testcontainers 2.x, the org.testcontainers:testcontainers-jdbc and org.testcontainers:testcontainers-junit-jupiter dependencies must be available.

  • Update testcontainers dependency to 2.0.5 (from 1.21.4)
  • Add StatementContext parameter to SqlExceptionHandler and remove return value
Changelog

Sourced from org.jdbi:jdbi3-sqlobject's changelog.

3.53.0

Fixes: Jdbi-Freemarker Security Advisory GHSA-mggx-p7jf-jgw4

The Freemarker configuration allows templates to construct arbitrary Java types, including freemarker.template.utility.Execute.

While exploiting this requires other unsafe practices (letting a user dictate template input), it seems prudent to disable template class resolution.

Please see GHSA-mggx-p7jf-jgw4 for more details.

Upgrade to testcontainers 2.x

While this required no code changes, the testcontainers project has renamed a number of their jar files. Jdbi still supports testcontainers 1.x and now also testcontainers 2.x:

If you are using testcontainers with Jdbi today and can not update to 2.x, make sure that you reference the org.testcontainers:jdbc and org.testcontainers:junit-jupiter dependencies. Those used to be available as transitive dependency from jdbi3-testcontainers.

If you upgrade to testcontainers 2.x, the org.testcontainers:testcontainers-jdbc and org.testcontainers:testcontainers-junit-jupiter dependencies must be available.

  • Update testcontainers dependency to 2.0.5 (from 1.21.4)
  • Add StatementContext parameter to SqlExceptionHandler and remove return value
Commits
  • 5361840 [maven-release-plugin] prepare release v3.53.0
  • 59a8376 Release notes 3.53.0
  • 1f1a5c5 freemarker: disable template class resolution
  • 83465ac Merge remote-tracking branch 'origin/master' into sqlexception-handler-statem...
  • 5d4191f Merge pull request #2969 from hgschmie/testcontainers2
  • 05f9bdb align mysql docker image property name
  • ce9f12c align oracle docker image property name
  • ebceb8a move to testcontainers 2.x
  • 9a42863 add documentation and example
  • d53118f SqlExceptionHandler: add StatementContext parameter, remove confusing return ...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels May 4, 2026
@ferenc-csaky
Copy link
Copy Markdown
Collaborator

ferenc-csaky commented May 6, 2026

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/maven/jdbi3.version-3.53.0 branch from 1216acf to 758ef67 Compare May 6, 2026 20:14
@ferenc-csaky
Copy link
Copy Markdown
Collaborator

ferenc-csaky commented May 8, 2026

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/maven/jdbi3.version-3.53.0 branch from 758ef67 to f769c42 Compare May 8, 2026 16:37
@ferenc-csaky
Copy link
Copy Markdown
Collaborator

ferenc-csaky commented May 8, 2026

@dependabot recreate

@dependabot
Bump jdbi3.version from 3.52.1 to 3.53.0
5879626 
Bumps `jdbi3.version` from 3.52.1 to 3.53.0.

Updates `org.jdbi:jdbi3-core` from 3.52.1 to 3.53.0
- [Release notes](https://github.com/jdbi/jdbi/releases)
- [Changelog](https://github.com/jdbi/jdbi/blob/master/RELEASE_NOTES.md)
- [Commits](jdbi/jdbi@v3.52.1...v3.53.0)

Updates `org.jdbi:jdbi3-sqlobject` from 3.52.1 to 3.53.0
- [Release notes](https://github.com/jdbi/jdbi/releases)
- [Changelog](https://github.com/jdbi/jdbi/blob/master/RELEASE_NOTES.md)
- [Commits](jdbi/jdbi@v3.52.1...v3.53.0)

---
updated-dependencies:
- dependency-name: org.jdbi:jdbi3-core
  dependency-version: 3.53.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
- dependency-name: org.jdbi:jdbi3-sqlobject
  dependency-version: 3.53.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/maven/jdbi3.version-3.53.0 branch from f769c42 to 5879626 Compare May 8, 2026 16:53
@ferenc-csaky ferenc-csaky merged commit 6ea8202 into main May 8, 2026
13 checks passed
@ferenc-csaky ferenc-csaky deleted the dependabot/maven/jdbi3.version-3.53.0 branch May 8, 2026 17:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ferenc-csaky