Disable Expression Language by default for custom constraint violations

Description

While Hibernate Validator provides the tools to make this perfectly safe and also documents it properly, it looks like users are not very aware of it and have a tendency to push user input to custom constraint violation message templates.

We will have to release a 6.2 for that as it breaks compatibility with the older versions.

Environment

None
Fixed

Assignee

Guillaume Smet

Reporter

Guillaume Smet

Labels

None

Feedback Requested

None

Feedback Requested By

None

backPortable

None

Suitable for new contributors

None

backportDecision

None

backportReEvaluate

None

Components

Fix versions

Priority

Major
Configure