Let's first explain the reasons of the deprecation: we recently had a security issue (CVE) due to this very constraint. It was due to an error in our implementation but it made us realize that this was very fragile and potentially a can of worms security wise.
The alternative for now would be to implement it yourself based on our latest implementation and maintain it in your own application (with potentially your own tweaks).
We have a very nice article on our blog explaining how to do that easily: https://in.relation.to/2017/03/02/adding-custom-constraint-definitions-via-the-java-service-loader/ .
Basically, this change is us saying that we don't want to take the responsibility of something that is potentially fragile and will need a lot of attention, with tweaks potentially specific to the application platform it is deployed on.
Update: I have posted a full announcement here: https://in.relation.to/2019/11/20/hibernate-validator-610-6018-released/ .
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
