The recent changes to EmptyTargetSource have broken Spring Security's tests.
Spring Security relies on checking to see if a MethodInvocation.getThis() is null to determine if the method is static. This seems to be a safe assumption based on the javadoc which states:
the object (can be null if the accessible object is static).
What's more is it would seem non-obvious for me to use the EmptyTargetSource.EMPTY_TARGET (which is not accessible, so I need to use EmptyTargetSource.INSTANCE.getTarget() from Spring Framework to compare against the result of MethodInvocation.getThis() from aopalliance.
I think it makes sense to ensure that the construction of ReflectiveMethodInvocation contains target=null and targetClass=null for static methods.