search

NLCR / CZIDLO

CZech IDentification and LOcalization Tool
4 stars 0 forks source link

Bump spring.version from 4.2.9.RELEASE to 5.3.1.RELEASE in /api #207

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

Bumps spring.version from 4.2.9.RELEASE to 5.3.1.RELEASE. Updates spring-security-core from 4.2.9.RELEASE to 5.3.1.RELEASE

Release notes

Sourced from spring-security-core's releases.

5.3.1.RELEASE

:star: New Features

  • SpringTestContext returns ConfigurableWebApplicationContext #8237
  • OAuth2LoginAuthenticationProvider uses OAuth2AuthorizationCodeAuthenticationProvider #8234
  • SwitchUserFilter vulnerable to CSRF #8222
  • Clarify use case for ServerBearerExchangeFilterFunction #8221
  • Update Encryptors documentation for standard and stronger #8211
  • Document JwtGrantedAuthoritiesConverter #8183
  • userNameAttribute case style is different others #8179
  • Document AuthNRequest POST binding support #8165
  • Polish SAML 2.0 Login Sample #8164
  • OpenSamlImplementation should not use reflection #8161
  • Document AuthorizedClientServiceOAuth2AuthorizedClientManager #8153
  • Assign sensible default for OAuth2AuthorizedClientProvider #8151
  • Document OAuth2Authorization success and failure handlers #8146
  • Document Jackson serialization support for OAuth 2.0 Client #8145
  • Document OAuth 2.0 Authorization Request improvements #8133
  • Document OAuth 2.0 Login XML Support #8132
  • Document OAuth 2.0 Client XML Support #8131
  • Basic auth header without user results in exception #8122
  • Document AuthenticationEventPublisher improvements #8103
  • Typo 'properites' -> 'properties' in documentation #8098
  • Document OAuth 2.0 Resource Server XML Support #8094
  • Provide spring-security-5*.xsd for https://www.springframework.org/schema/security/ #8091
  • Document OIDC Logout Success Handler Improvements #8088
  • Add OAuth 2.0 Test Support Docs #8087
  • Update test to have comment about secure salt length #8084
  • Document JwtClaimValidator #8076

:beetle: Bug Fixes

  • HttpServletRequest.logout() not functioning #8238
  • OAuth2 ClientRegistrations NPE when UserInfo endpoint missing #8209
  • oauth2Login WebFlux should not auto-redirect for XHR request #8201
  • Fix OAuth2AuthorizationRequest additionalParameters/attributes Consumer #8178
  • RSocket test should throw AccessDeniedException #8160
  • Make OAuth2ErrorHttpMessageConverter more resilient #8158
  • Fix typo in Javadoc of HttpSecurity#csrf() #8134
  • NPE thrown when token response contains a null value #8121
  • Google's top result for "Spring Security Reference" returns a 404 #8086
  • 5.3.0 Documentation What's New has some broken links #8069

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

5.3.0.RELEASE

... (truncated)
Commits
  • 8bd60e6 Release 5.3.1.RELEASE
  • 88c0268 Lock dependencies for 5.3.1.RELEASE
  • 0e6e2b2 Fix HttpServlet3RequestFactory Logout Handlers
  • f82d59a SpringTestContext returns ConfigurableWebApplicationContext
  • 45eb34c Improve OAuth2LoginAuthenticationProvider
  • 4c040e9 Revert "Fix links in oauth2 doc"
  • 138e676 Fix links in oauth2 doc
  • 034c23d SwitchUserFilter Defaults to POST
  • 0bde3c5 Clarify ServerBearerExchangeFilterFunction Docs
  • 4e8c177 Update Encryptors documentation
  • Additional commits viewable in compare view


Updates spring-security-web from 4.2.9.RELEASE to 5.3.1.RELEASE

Release notes

Sourced from spring-security-web's releases.

5.3.1.RELEASE

:star: New Features

  • SpringTestContext returns ConfigurableWebApplicationContext #8237
  • OAuth2LoginAuthenticationProvider uses OAuth2AuthorizationCodeAuthenticationProvider #8234
  • SwitchUserFilter vulnerable to CSRF #8222
  • Clarify use case for ServerBearerExchangeFilterFunction #8221
  • Update Encryptors documentation for standard and stronger #8211
  • Document JwtGrantedAuthoritiesConverter #8183
  • userNameAttribute case style is different others #8179
  • Document AuthNRequest POST binding support #8165
  • Polish SAML 2.0 Login Sample #8164
  • OpenSamlImplementation should not use reflection #8161
  • Document AuthorizedClientServiceOAuth2AuthorizedClientManager #8153
  • Assign sensible default for OAuth2AuthorizedClientProvider #8151
  • Document OAuth2Authorization success and failure handlers #8146
  • Document Jackson serialization support for OAuth 2.0 Client #8145
  • Document OAuth 2.0 Authorization Request improvements #8133
  • Document OAuth 2.0 Login XML Support #8132
  • Document OAuth 2.0 Client XML Support #8131
  • Basic auth header without user results in exception #8122
  • Document AuthenticationEventPublisher improvements #8103
  • Typo 'properites' -> 'properties' in documentation #8098
  • Document OAuth 2.0 Resource Server XML Support #8094
  • Provide spring-security-5*.xsd for https://www.springframework.org/schema/security/ #8091
  • Document OIDC Logout Success Handler Improvements #8088
  • Add OAuth 2.0 Test Support Docs #8087
  • Update test to have comment about secure salt length #8084
  • Document JwtClaimValidator #8076

:beetle: Bug Fixes

  • HttpServletRequest.logout() not functioning #8238
  • OAuth2 ClientRegistrations NPE when UserInfo endpoint missing #8209
  • oauth2Login WebFlux should not auto-redirect for XHR request #8201
  • Fix OAuth2AuthorizationRequest additionalParameters/attributes Consumer #8178
  • RSocket test should throw AccessDeniedException #8160
  • Make OAuth2ErrorHttpMessageConverter more resilient #8158
  • Fix typo in Javadoc of HttpSecurity#csrf() #8134
  • NPE thrown when token response contains a null value #8121
  • Google's top result for "Spring Security Reference" returns a 404 #8086
  • 5.3.0 Documentation What's New has some broken links #8069

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

5.3.0.RELEASE

... (truncated)
Commits
  • 8bd60e6 Release 5.3.1.RELEASE
  • 88c0268 Lock dependencies for 5.3.1.RELEASE
  • 0e6e2b2 Fix HttpServlet3RequestFactory Logout Handlers
  • f82d59a SpringTestContext returns ConfigurableWebApplicationContext
  • 45eb34c Improve OAuth2LoginAuthenticationProvider
  • 4c040e9 Revert "Fix links in oauth2 doc"
  • 138e676 Fix links in oauth2 doc
  • 034c23d SwitchUserFilter Defaults to POST
  • 0bde3c5 Clarify ServerBearerExchangeFilterFunction Docs
  • 4e8c177 Update Encryptors documentation
  • Additional commits viewable in compare view


Updates spring-security-config from 4.2.9.RELEASE to 5.3.1.RELEASE

Release notes

Sourced from spring-security-config's releases.

5.3.1.RELEASE

:star: New Features

  • SpringTestContext returns ConfigurableWebApplicationContext #8237
  • OAuth2LoginAuthenticationProvider uses OAuth2AuthorizationCodeAuthenticationProvider #8234
  • SwitchUserFilter vulnerable to CSRF #8222
  • Clarify use case for ServerBearerExchangeFilterFunction #8221
  • Update Encryptors documentation for standard and stronger #8211
  • Document JwtGrantedAuthoritiesConverter #8183
  • userNameAttribute case style is different others #8179
  • Document AuthNRequest POST binding support #8165
  • Polish SAML 2.0 Login Sample #8164
  • OpenSamlImplementation should not use reflection #8161
  • Document AuthorizedClientServiceOAuth2AuthorizedClientManager #8153
  • Assign sensible default for OAuth2AuthorizedClientProvider #8151
  • Document OAuth2Authorization success and failure handlers #8146
  • Document Jackson serialization support for OAuth 2.0 Client #8145
  • Document OAuth 2.0 Authorization Request improvements #8133
  • Document OAuth 2.0 Login XML Support #8132
  • Document OAuth 2.0 Client XML Support #8131
  • Basic auth header without user results in exception #8122
  • Document AuthenticationEventPublisher improvements #8103
  • Typo 'properites' -> 'properties' in documentation #8098
  • Document OAuth 2.0 Resource Server XML Support #8094
  • Provide spring-security-5*.xsd for https://www.springframework.org/schema/security/ #8091
  • Document OIDC Logout Success Handler Improvements #8088
  • Add OAuth 2.0 Test Support Docs #8087
  • Update test to have comment about secure salt length #8084
  • Document JwtClaimValidator #8076

:beetle: Bug Fixes

  • HttpServletRequest.logout() not functioning #8238
  • OAuth2 ClientRegistrations NPE when UserInfo endpoint missing #8209
  • oauth2Login WebFlux should not auto-redirect for XHR request #8201
  • Fix OAuth2AuthorizationRequest additionalParameters/attributes Consumer #8178
  • RSocket test should throw AccessDeniedException #8160
  • Make OAuth2ErrorHttpMessageConverter more resilient #8158
  • Fix typo in Javadoc of HttpSecurity#csrf() #8134
  • NPE thrown when token response contains a null value #8121
  • Google's top result for "Spring Security Reference" returns a 404 #8086
  • 5.3.0 Documentation What's New has some broken links #8069

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

5.3.0.RELEASE

... (truncated)
Commits
  • 8bd60e6 Release 5.3.1.RELEASE
  • 88c0268 Lock dependencies for 5.3.1.RELEASE
  • 0e6e2b2 Fix HttpServlet3RequestFactory Logout Handlers
  • f82d59a SpringTestContext returns ConfigurableWebApplicationContext
  • 45eb34c Improve OAuth2LoginAuthenticationProvider
  • 4c040e9 Revert "Fix links in oauth2 doc"
  • 138e676 Fix links in oauth2 doc
  • 034c23d SwitchUserFilter Defaults to POST
  • 0bde3c5 Clarify ServerBearerExchangeFilterFunction Docs
  • 4e8c177 Update Encryptors documentation
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/NLCR/CZIDLO/network/alerts).
dependabot[bot] commented 4 years ago

Looks like these dependencies are up-to-date now, so this is no longer needed.