We just released Hibernate Validator 6.0.14.Final which comes with a critical bugfix.
This is a recommended upgrade for everyone using Hibernate Validator and it is a drop-in replacement for 6.0.13.Final.
We fixed one critical issue: HV-1684.
If you have a constraint on a
Map like this:
@Size(min=1) Map<String, String> map = new HashMap<>();
the validation of this constraint will at some point lead to a
StackOverflowError (how long time it takes will depend on how often you validate this constraint).
In this case, you have no other choice than restarting your application.
In a normal setup, only
Maps (and the JavaFX
*MapProperty) are concerned as they are the only ones with 2 value extractors (one for the key and one for the value).
In the case of a single value extractor, the issue is mitigated.
You might also encounter the issue for other types if you added multiple custom value extractors for the same type.
The issue was reported to us late last week and we decided to release an emergency fix for it, considering how critical it can be for some applications. It has been introduced in Hibernate Validator 6.0.8.Final.
The complete list of fixed issues can be found on our JIRA.
To get the release with Maven, Gradle etc. use the following GAV coordinates:
Note that the group id has changed from
org.hibernate (Hibernate Validator 5 and earlier) to
org.hibernate.validator (from Hibernate Validator 6 onwards).
To get in touch, use the usual channels: