Skip to content
This repository was archived by the owner on Apr 5, 2024. It is now read-only.

fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.8.3 #144

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.8.3 #144

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 21, 2021
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.springframework.security:spring-security-crypto (source) 5.6.0 -> 5.8.3 age adoption passing confidence

Release Notes

spring-projects/spring-security

v5.8.3

Compare Source

⭐ New Features

  • Clarify documentation code snippet(s) (unclear where static imported methods come from) #​12991
  • Document 5.8 Migration for DefaultMethodSecurityExpressionHandler #​12356
  • Documentation should mention that an empty SecurityContext should also be saved #​12906
  • Expression-Based Access Control do not working as explain in spring security document for 6.0.2 also tried 6.0.5 the issue persist #​12928
  • Fixed test in DefaultLoginPageGeneratingFilterTests #​12694

🪲 Bug Fixes

  • Bug in documentation of Storing the Authentication manually #​12850
  • DaoAuthenticationProvider is not usable on RHEL 8.7 with enforced FIPS mode #​12873
  • EntityId ignored in xml relying-party-registration #​12776
  • Fix .access(...) parameter #​12676
  • Fix a javadoc typo in ReactiveAuthorizationManager #​12999
  • Fix a javadoc typo in ReactiveAuthorizationManager #​12982
  • Fix ID of WebSocket Authorization section #​12872
  • HttpSessionSecurityContextRepository fails to create a session because of the deferred security context support #​12314
  • JdkSerializationRedisSerializer is not able to serialize Saml2LogoutRequest because of a lambda encoder #​12472
  • Missing spring-security-oauth2 xsds after release #​12805
  • NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder holds a reference to JWSVerificationKeySelector before ConfigurableJWTProcessor.setJWSKeySelector is executed #​13004
  • RelyingPartyRegistrations should not fail when SPSSODescriptor elements are present #​13054
  • Saml2 RelyingPartyRegistration.nameIdFormat is ignored and not set in AuthnRequest from OpenSamlAuthenticationRequestResolver #​12935
  • SecurityWebApplicationInitializer.getSecurityDispatcherTypes example is wrong in migration guide #​12939
  • SwitchUserFilter should use HttpSessionSecurityContextRepository by default #​12835

🔨 Dependency Upgrades

  • Update blockhound to 1.0.8.RELEASE #​13024
  • Update io.projectreactor to 2020.0.31 #​13022
  • Update io.spring.javaformat to 0.0.38 #​13025
  • Update logback-classic to 1.2.12 #​13021
  • Update org.eclipse.jetty to 9.4.51.v20230217 #​13026
  • Update org.springframework to 5.3.27 #​13027
  • Update org.springframework.data to 2021.2.10 #​13028
  • Update org.springframework.data to 2021.2.11 #​13029
  • Update reactor-netty to 1.0.31 #​13023

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.2

Compare Source

⭐ New Features

  • Add XorCsrfChannelInterceptor #​12562
  • Document @EnableWebFluxSecurity requiring @Configuration in 6.0.0 #​12434
  • fix unclosed block in docs #​12553
  • Improve documentation on what changed in the default behaviour in version 6 vs 5.7 #​12462
  • Spring Security 6.0 Migration Guide Should Mention @Configuration Meta-Annotation Removal From Configuration Annotations #​12486

🪲 Bug Fixes

  • AuthorizationManager method security documentation should use AnnotationMatchingPointcut #​12516
  • DefaultSavedRequest.doesRequestMatch does not work, when matchingRequestParameterName is set #​12665
  • Document XMLObject retreival for Asserting Party metadata #​12693
  • Jackson serialization of DefaultSaml2AuthenticatedPrincipal: LinkedMultiValueMap is not in the allowlist #​12458
  • NimbusJwtDecoder unknown KID scenario is not correctly tested #​12494
  • NPE in HttpSecurity#addFilterBefore when mixing custom DSL and standard #​12686
  • SwitchUserFilter not working in Spring Security 6 #​12510
  • Wrong name of the filter in the SecurityContextHolderFilter diagram #​12526

🔨 Dependency Upgrades

  • Update blockhound to 1.0.7.RELEASE #​12719
  • Update hibernate-entitymanager to 5.6.15.Final #​12722
  • Update io.projectreactor to 2020.0.28 #​12717
  • Update io.spring.nohttp to 0.0.11 #​12720
  • Update jackson-bom to 2.13.5 #​12714
  • Update jackson-databind to 2.13.5 #​12715
  • Update jackson-datatype-jsr310 to 2.13.5 #​12716
  • Update junit-bom to 5.9.2 #​12723
  • Update org.aspectj to 1.9.19 #​12721
  • Update org.junit.jupiter to 5.9.2 #​12724
  • Update org.springframework to 5.3.25 #​12725
  • Update org.springframework.data to 2021.2.8 #​12739
  • Update org.springframework.data to 2021.2.8 #​12726
  • Update reactor-netty to 1.0.28 #​12718

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.1

Compare Source

⭐ New Features

  • Add EnableWebSecurity migration steps to 5.8 guide #​12334
  • Replace deprecated set-state set-output GitHub Action's commands #​12298

🪲 Bug Fixes

  • codes in spring security docs fail to work #​11396
  • DefaultLdapAuthoritiesPopulator throws NullPointerException #​12408
  • Fix AuthorizationFilter diagram in docs #​12286
  • Fix password encoder migration guide #​12318
  • Fix typo #​12316
  • Incorrect Javadoc for class ExpressionAuthorizationDecision #​12411
  • Incorrect sample code in securityMatcher migration docs #​12296
  • SecurityContextHolderFilter does not apply to async dispatch #​11962

🔨 Dependency Upgrades

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.8.0

Compare Source

⭐ New Features

  • Add Kotlin example showing integration with WebTestClient #​11611
  • Add MethodExpressionAuthorizationManager #​11502
  • Add Polish localization to error messages from ExceptionTranslationFi… #​12201
  • Add support AuthorizationManager + #​11503
  • AnonymousAuthenticationFilter should cache its Supplier #​11900
  • CookieServerCsrfTokenRepository doesn't support setting MaxAge #​11441
  • DefaultFilterChainValidator should check AuthorizationFilter #​11473
  • Deprecate Resource Owner Password Credentials grant #​11591
  • Document Configure Default CsrfToken BREACH Protection #​12107
  • Document Defer load CsrfToken #​12105
  • Document DelegatingSecurityContextRepository #​12069
  • Document deprecations in oauth2-client #​12193
  • Document how to opt-in for SHA256 in RememberMe #​12097
  • Document how to use the new requestMatchers and securityMatchers #​12100
  • Document Migration to SecurityContextHolderFilter #​12098
  • Document new oauth2Login() authority defaults #​12188
  • Document reactive CSRF migration steps #​12226
  • Document Saved Requests Spring Security 6 Migration #​12089
  • Document Update to 5.8 for Migration Guide #​12196
  • Fix Javadoc in EnableWebSocketSecurity #​12211
  • Improve deprecation notice in WebSecurityConfigurerAdapter #​12261
  • InterceptMethodsBeanDefinitionDecorator should allow using AuthorizationManager #​11469
  • Migration guide for CAS support removal #​12240
  • Preparation and Migration Guides should point to each other #​12093
  • Preparation Guide should follow Reference Manual standards #​12096
  • Preparation Guide should show opt-out steps after opt-in steps #​12104
  • Provide guide for migrating from FilterSecurityInterceptor to AuthorizationFilter #​11337
  • Register FilterChainProxy for All Dispatcher Types Migration Steps #​12186
  • SAML: OpenSaml4AuthenticationProvider.createDefaultAssertionValidator() should make it easier to add ValidationContext static parameters #​11675
  • trigger partial docs build on push (5.8.x) #​12195

🪲 Bug Fixes

  • AuthenticationServiceException propagation flag is unconfigurable in 5.8 #​12132
  • CsrfAuthenticationStrategy does not check for existing token #​12236
  • CsrfAuthenticationStrategy does not regenerate CsrfToken with CookieCsrfTokenRepository #​12141
  • fix deploy docs workflow (5.8.x) #​12197
  • Fix saganCreateRelease saganDeleteRelease Required Permissions #​11424
  • Incorrect scope map fix #​12206
  • IpAddressServerWebExchangeMatcher throws NullPointerException with framework forward-headers-strategy #​12076
  • org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal fails to return more than one "attribute" #​11604
  • SAML logout: Incorrect log messages #​12209
  • Saml2MetadataFilter response should configure writer to UTF-8 #​12222
  • SEC-2839: SecurityNamespaceHandler - related to SEC-1455 #​12126
  • SecurityContextRepository.loadContext(HttpServletRequest) cache result #​11391
  • Spring Security Bcrypt with strength/log rounds = 31 results in 'Bad number of rounds' error although 31 should be ok #​11483
  • Update the RP-initiated Logout links #​12122

🔨 Dependency Upgrades

  • Change gradle.plugin.org.gretty:gretty:3.0.1 to org.gretty:gretty:3.0.9 #​12154
  • Update aspectj-plugin to 6.5.0.3 #​11583
  • Update assertj-core to 3.23.1 #​11572
  • Update com.nimbusds to 9.38.1 #​11570
  • Update Gradle to 7.5.1 #​12158
  • Update hibernate-entitymanager to 5.6.10.Final #​11578
  • Update hibernate-entitymanager to 5.6.14.Final #​12245
  • Update hsqldb to 2.7.1 #​12246
  • Update htmlunit to 2.63.0 #​11575
  • Update htmlunit-driver to 2.63.0 #​11580
  • Update io.projectreactor to 2020.0.21 #​11567
  • Update io.projectreactor to 2020.0.25 #​12243
  • Update io.spring.javaformat to 0.0.34 #​11573
  • Update jackson-bom to 2.13.3 #​11574
  • Update jsonassert to 1.5.1 #​11581
  • Update junit-bom to 5.9.0-RC1 #​11571
  • Update mockk to 1.12.4 #​11568
  • Update org.eclipse.jetty to 9.4.48.v20220622 #​11576
  • Update org.jetbrains.kotlin to 1.7.10 #​11582
  • Update org.jetbrains.kotlin to 1.7.21 #​12247
  • Update org.jetbrains.kotlinx to 1.6.4 #​11566
  • Update org.springframework to 5.3.22 #​11569
  • Update org.springframework to 5.3.24 #​12248
  • Update org.springframework.data to 2021.2.2 #​11579
  • Update org.springframework.data to 2021.2.6 #​12249
  • Update reactor-netty to 1.0.25 #​12244
  • Update spring-ldap-core to 2.4.1 #​11577

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.7.8

Compare Source

⭐ New Features

  • Clarify documentation code snippet(s) (unclear where static imported methods come from) #​6597
  • Document relationship between registrationId, EntityID, and resolving a relying party #​12764

🪲 Bug Fixes

  • Add test to SimpleUrlAuthenticationSuccessHandlerTests #​12740
  • Avoid NPE in FilterInvocation #​12922
  • EntityId ignored in xml relying-party-registration #​11898
  • Fix a javadoc typo in ReactiveAuthorizationManager #​12998
  • Fix a javadoc typo in ReactiveAuthorizationManager #​12978
  • Fix typo in SessionManagementConfigurer javadoc #​12820
  • Missing spring-security-oauth2 xsds after release #​12804
  • NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder holds a reference to JWSVerificationKeySelector before ConfigurableJWTProcessor.setJWSKeySelector is executed #​12960
  • RelyingPartyRegistrations should not fail when SPSSODescriptor elements are present #​12664
  • SwitchUserFilter should use HttpSessionSecurityContextRepository by default #​12834

🔨 Dependency Upgrades

  • Update blockhound to 1.0.8.RELEASE #​13016
  • Update io.projectreactor to 2020.0.31 #​13014
  • Update logback-classic to 1.2.12 #​13013
  • Update org.eclipse.jetty to 9.4.51.v20230217 #​13017
  • Update org.springframework to 5.3.27 #​13018
  • Update org.springframework.data to 2021.2.11 #​13019
  • Update reactor-netty to 1.0.31 #​13015

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.7.7

Compare Source

⭐ New Features

  • chore: Use cache in continuous-integration-workflow.yml #​12503
  • fix unclosed block in docs #​12542

🪲 Bug Fixes

  • AuthorizationManager method security documentation should use AnnotationMatchingPointcut #​11095
  • Document XMLObject retreival for Asserting Party metadata #​12667
  • Fix typo in OAuth 2.0 testing docs #​12437
  • Jackson serialization of DefaultSaml2AuthenticatedPrincipal: LinkedMultiValueMap is not in the allowlist #​11785
  • NimbusJwtDecoder unknown KID scenario is not correctly tested #​12238
  • NPE in HttpSecurity#addFilterBefore when mixing custom DSL and standard #​12637
  • SwitchUserFilter not working in Spring Security 6 #​12504
  • Wrong name of the filter in the SecurityContextHolderFilter diagram #​11800

🔨 Dependency Upgrades

  • Update blockhound to 1.0.7.RELEASE #​12733
  • Update hibernate-entitymanager to 5.6.15.Final #​12736
  • Update io.projectreactor to 2020.0.28 #​12732
  • Update io.spring.nohttp to 0.0.11 #​12734
  • Update jackson-bom to 2.13.5 #​12731
  • Update org.aspectj to 1.9.19 #​12735
  • Update org.springframework to 5.3.25 #​12737
  • Update org.springframework.data to 2021.2.8 #​12738

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.7.6

Compare Source

⭐ New Features

  • Improve deprecation notice in WebSecurityConfigurerAdapter #​12260
  • Replace deprecated set-state set-output GitHub Action's commands #​12297

🪲 Bug Fixes

  • DefaultLdapAuthoritiesPopulator throws NullPointerException #​12407
  • Fix AuthorizationFilter diagram in docs #​12285
  • Incorrect scope map fix #​12205
  • SAML logout: Incorrect log messages #​12208
  • Saml2MetadataFilter response should configure writer to UTF-8 #​12221
  • SEC-2839: SecurityNamespaceHandler - related to SEC-1455 #​12125
  • Update the RP-initiated Logout links #​12121

🔨 Dependency Upgrades

  • Change gradle.plugin.org.gretty:gretty:3.0.1 to org.gretty:gretty:3.0.9 #​12153
  • Update Gradle to 7.5.1 #​12157
  • Update hibernate-entitymanager to 5.6.14.Final #​12397
  • Update httpclient to 4.5.14 #​12395
  • Update io.projectreactor to 2020.0.26 #​12393
  • Update jackson-bom to 2.13.4.20221013 #​12391
  • Update jackson-databind to 2.13.4.2 #​12392
  • Update org.eclipse.jetty to 9.4.50.v20221201 #​12396
  • Update org.springframework to 5.3.24 #​12398
  • Update org.springframework.data to 2021.2.6 #​12399
  • Update reactor-netty to 1.0.26 #​12394

v5.7.5

Compare Source

🪲 Bug Fixes
  • Fix AuthorizationFilter incorrectly extending OncePerRequestFilter #​12113
  • Fix scope mapping #​12112
  • IpAddressServerWebExchangeMatcher throws NullPointerException with framework forward-headers-strategy #​11888

v5.7.4

Compare Source

⭐ New Features
  • automatically manage docs version (with collector) #​11955
🪲 Bug Fixes
  • AuthenticationEventPublisher bean is not picked up if no UserDetailsService bean #​11729
  • Build fails with missing project property cloneOutputDirectory #​11979
  • GitHubMilestoneApiTests due_on Should Use LocalDate #​11707
  • HttpSecurity Bean does not set DefaultAuthenticationEventPublisher #​11727
  • NamespaceLdapAuthenticationProviderTests Should Use Dynamic Port #​11711
  • RemoteJwkSet is not refreshed when encountering an unknown KID #​11723
  • RequestRejectedHandler does not reliable prevent Internal Server Error #​11744
🔨 Dependency Upgrades
  • Update Gradle Enterprise plugin to 3.11.1 #​11830
  • Update hibernate-entitymanager to 5.6.10.Final #​11745
  • Update hibernate-entitymanager to 5.6.12.Final #​12016
  • Update io.projectreactor to 2020.0.22 #​11743
  • Update io.projectreactor to 2020.0.24 #​12012
  • Update io.rsocket to 1.1.3 #​12014
  • Update jackson-bom to 2.13.4.20221012 #​12008
  • Update jackson-databind to 2.13.4.1 #​12009
  • Update jackson-datatype-jsr310 to 2.13.4 #​12010
  • Update jsonassert to 1.5.1 #​11741
  • Update mockk to 1.12.8 #​12011
  • Update org.eclipse.jetty to 9.4.48.v20220622 #​11740
  • Update org.eclipse.jetty to 9.4.49.v20220914 #​12015
  • Update org.springframework to 5.3.22 #​11739
  • Update org.springframework to 5.3.23 #​12017
  • Update org.springframework.data to 2021.1.6 #​11742
  • Update org.springframework.data to 2021.2.4 #​12018
  • Update reactor-netty to 1.0.24 #​12013

v5.7.3

Compare Source

⭐ New Features

  • Add Kotlin example showing integration with WebTestClient #​9998
  • Set permissions for GitHub actions #​11642
  • Update javadoc of EnableWebSecurity to reflect deprecation of WebSecurityConfigurerAdapter #​11650

🪲 Bug Fixes

  • Add Deprecated annotation to WebSecurity#securityInterceptor #​11637
  • Check saganCreateRelease saganDeleteRelease Required Permissions #​11425
  • org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal fails to return more than one "attribute" #​11605
  • RequestAttributeSecurityContextRepository.loadContext(HttpServletRequest) should never return null SecurityContext #​11606
  • RequestRejectedHandler does not reliable prevent Internal Server Error #​11672
  • Sources and javadocs missing in latest snapshots #​11628
  • Spring Security Bcrypt with strength/log rounds = 31 results in 'Bad number of rounds' error although 31 should be ok #​11484
  • Update javadoc of HttpSecurity, WebSecurityConfiguration and WebSecurity to reflect deprecation of WebSecurityConfigurerAdapter #​11651

🔨 Dependency Upgrades

  • Update hibernate-entitymanager to 5.6.10.Final #​11694
  • Update io.projectreactor to 2020.0.22 #​11691
  • Update jsonassert to 1.5.1 #​11696
  • Update mockk to 1.12.5 #​11690
  • Update org.eclipse.jetty to 9.4.48.v20220622 #​11693
  • Update org.jetbrains.kotlinx to 1.6.4 #​11695
  • Update org.springframework to 5.3.22 #​11697
  • Update org.springframework.data to 2021.2.2 #​11698

v5.7.2

Compare Source

⭐ New Features

  • Consider updating testing examples to use JUnit Jupiter #​11293

🪲 Bug Fixes

  • Some Security Expressions cause NPE when used within @Query #​11289
  • CsrfWebFilter null save content-type check #​11341
  • Docs example uses access(String) with authorizeHttpRequests() #​11296
  • Fix typo in BasicLookupStrategy Javadoc #​11339
  • KeyInfo missing in AuthnRequest when using OpenSaml4AuthenticationRequestResolver #​11358
  • OidcClientInitiatedLogoutSuccessHandler url-encodes PostLogoutRedirectUri twice #​11384
  • SAML request encoding: on redirect binding, base64 encoded message contains CRLF #​11284
  • SecurityContextRepository.loadContext(HttpServletRequest) cache result #​11390
  • Should SAML metadata EntityDescriptor tag have the md: prefix? #​11311
  • Update opaque-token.adoc #​11303

🔨 Dependency Upgrades

  • Update aspectj-plugin to 6.4.3.1 #​11402
  • Update hibernate-entitymanager to 5.6.9.Final #​11405
  • Update io.projectreactor to 2020.0.20 #​11403
  • Update jackson-bom to 2.13.3 #​11399
  • Update jackson-databind to 2.13.3 #​11400
  • Update jackson-datatype-jsr310 to 2.13.3 #​11401
  • Update org.jetbrains.kotlinx to 1.6.3 #​11406
  • Update org.opensaml:opensaml-core4 to 4.1.1 #​11410
  • Update org.springframework to 5.3.21 #​11407
  • Update org.springframework.data to 2021.2.1 #​11408
  • Update reactor-netty to 1.0.20 #​11404
  • Update spring-ldap-core to 2.4.1 #​11409

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.7.1

Compare Source

🪲 Bug Fixes

  • StrictHttpFirewall incorrectly rejects valid CJKV characters #​11266

v5.7.0

Compare Source

⭐ New Features

  • Check Samples should run against the current artifacts #​11199
  • Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager#isAuthorized #​11188
  • Remember me should detect UserDetailsService bean #​11170
  • WebSessionServerSecurityContextRepository provides Mono.cache option #​8422
  • X509 should detect UserDetailsService bean #​11174

🪲 Bug Fixes

  • @EnableMethodSecurity doesn't resolve annotations on interfaces through a Proxy #​11177
  • Add shouldFilterAllDispatcherTypes to Kotlin DSL #​11153
  • Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator #​11165
  • Multiple .requestMatchers().mvcMatchers() override previous one #​11185

🔨 Dependency Upgrades

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.6.10

Compare Source

⭐ New Features

  • Replace deprecated set-state set-output GitHub Action's commands #​12032
  • update generateAntora task to make prereleases unique #​12083

🪲 Bug Fixes

  • DefaultLdapAuthoritiesPopulator throws NullPointerException #​12090
  • docs: fix realm typo #​12120
  • Fix AuthorizationFilter diagram in docs #​12274
  • Fix typo in DefaultLoginPageConfigurer Javadoc #​12311
  • Fix typo on opaque-token.adoc #​12114
  • Fix: Replace tenantRepository with tenants #​12269
  • Incorrect scope map fix #​12144
  • OAuth 2.0 Resource Server Multi-tenancy - documentation improvement #​12295
  • Outdated example in Javadoc of UrlAuthorizationConfigurer #​11487
  • Saml2MetadataFilter response should configure writer to UTF-8 #​12026
  • SEC-2839: SecurityNamespaceHandler - related to SEC-1455 #​3065
  • Update the RP-initiated Logout links #​12081

🔨 Dependency Upgrades

  • Change gradle.plugin.org.gretty:gretty:3.0.1 to org.gretty:gretty:3.0.9 #​12152
  • Update Gradle to 7.5.1 #​11779
  • Update hibernate-entitymanager to 5.6.14.Final #​12388
  • Update httpclient to 4.5.14 #​12386
  • Update io.projectreactor to 2020.0.26 #​12384
  • Update jackson-bom to 2.13.4.20221013 #​12381
  • Update jackson-databind to 2.13.4.2 #​12382
  • Update mockk to 1.12.8 #​12383
  • Update org.eclipse.jetty to 9.4.50.v20221201 #​12387
  • Update org.springframework to 5.3.24 #​12389
  • Update org.springframework.data to 2021.1.10 #​12390
  • Update reactor-netty to 1.0.26 #​12385

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.6.9

Compare Source

🪲 Bug Fixes

  • Fix AuthorizationFilter incorrectly extending OncePerRequestFilter #​12102
  • Fix scope mapping #​12101

v5.6.8

Compare Source

⭐ New Features

  • automatically manage docs version (with collector) #​11943

🪲 Bug Fixes

  • Add rncToXsd task description to CONTRIBUTING.adoc #​11935
  • AuthenticationEventPublisher bean is not picked up if no UserDetailsService bean #​11730
  • Build fails with missing project property cloneOutputDirectory #​11969
  • GitHubMilestoneApiTests due_on Should Use LocalDate #​11708
  • HttpSecurity Bean does not set DefaultAuthenticationEventPublisher #​11728
  • NamespaceLdapAuthenticationProviderTests Should Use Dynamic Port #​11712
  • RemoteJwkSet is not refreshed when encountering an unknown KID #​11724
  • Updated reference to architecture page #​11778

🔨 Dependency Upgrades

  • Update Gradle Enterprise plugin to 3.11.1 #​11827
  • Update hibernate-entitymanager to 5.6.12.Final #​12005
  • Update io.projectreactor to 2020.0.24 #​12001
  • Update io.rsocket to 1.1.3 #​12003
  • Update jackson-bom to 2.13.4.20221012 #​11997
  • Update jackson-databind to 2.13.4.1 #​11998
  • Update jackson-datatype-jsr310 to 2.13.4 #​11999
  • Update mockk to 1.12.8 #​12000
  • Update org.eclipse.jetty to 9.4.49.v20220914 #​12004
  • Update org.springframework to 5.3.23 #​12006
  • Update org.springframework.data to 2021.1.8 #​12007
  • Update reactor-netty to 1.0.24 #​12002

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

v5.6.7

Compare Source

⭐ New Features

  • Add Kotlin example showing integration with WebTestClient #​11612
  • Set permissions for GitHub actions #​11644

🪲 Bug Fixes

  • Add Deprecated annotation to WebSecurity#securityInterceptor #​11636
  • Fix saganCreateRelease saganDeleteRelease Required Permissions #​11426
  • org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal fails to return more than one "attribute" #​11608
  • RequestRejectedHandler does not reliable prevent Internal Server Error #​11673
  • Sources and javadocs missing in latest snapshots #​11629
  • Spring Security Bcrypt with strength/log rounds = 31 results in 'Bad number of rounds' error although 31 should be ok #​11485

🔨 Dependency Upgrades

  • Update hibernate-entitymanager to 5.6.10.Final #​11683
  • Update io.projectreactor to 2020.0.22 #​11680
  • Update jsonassert to 1.5.1 #​11684
  • Update mockk to 1.12.5 #​11679
  • Update org.eclipse.jetty to 9.4.48.v20220622 #​11682
  • Update org.springframework to 5.3.22 #​11685
  • Update org.springframework.data to 2021.1.6 #​11686
  • Update reactor-netty to 1.0.22 #​11681

v5.6.6

Compare Source

⭐ New Features

  • Consider updating testing examples to use JUnit Jupiter #​11292

🪲 Bug Fixes

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/spring-security branch from 2b17314 to e65cddc Compare February 22, 2022 14:07
@renovate renovate bot changed the title Update dependency org.springframework.security:spring-security-crypto to v5.6.1 Update dependency org.springframework.security:spring-security-crypto to v5.6.2 Feb 22, 2022
@renovate renovate bot force-pushed the renovate/spring-security branch from e65cddc to a714c6c Compare April 24, 2022 23:01
@renovate renovate bot changed the title Update dependency org.springframework.security:spring-security-crypto to v5.6.2 fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.6.3 Apr 24, 2022
@renovate renovate bot changed the title fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.6.3 fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.0 May 16, 2022
@renovate renovate bot force-pushed the renovate/spring-security branch from a714c6c to 5b9289a Compare May 16, 2022 20:02
@renovate renovate bot changed the title fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.0 fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.1 May 18, 2022
@renovate renovate bot force-pushed the renovate/spring-security branch from 5b9289a to 736cada Compare May 18, 2022 17:42
@renovate renovate bot force-pushed the renovate/spring-security branch from 736cada to de85ca0 Compare June 20, 2022 19:22
@renovate renovate bot changed the title fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.1 fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.2 Jun 20, 2022
@renovate renovate bot force-pushed the renovate/spring-security branch from de85ca0 to 07e17cf Compare September 25, 2022 18:42
@renovate renovate bot changed the title fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.2 fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.3 Sep 25, 2022
@renovate renovate bot force-pushed the renovate/spring-security branch from 07e17cf to d1c8837 Compare November 20, 2022 10:44
@renovate renovate bot changed the title fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.3 fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.5 Nov 20, 2022
@renovate renovate bot force-pushed the renovate/spring-security branch from d1c8837 to de9e015 Compare March 17, 2023 08:02
@renovate renovate bot changed the title fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.7.5 fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.8.2 Mar 17, 2023
@renovate renovate bot force-pushed the renovate/spring-security branch from de9e015 to bde8861 Compare April 17, 2023 18:03
@renovate renovate bot changed the title fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.8.2 fix(deps): update dependency org.springframework.security:spring-security-crypto to v5.8.3 Apr 17, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants