Picnic-DevPla-Bot
commented
2 months ago Suggested commit message:
Upgrade Spring Security 6.3.0 -> 6.3.1 (#1222)
See:
- https://github.com/spring-projects/spring-security/releases/tag/6.3.1
- https://github.com/spring-projects/spring-security/compare/6.3.0...6.3.1
sonarcloud[bot]
No data about Coverage
This PR contains the following updates:
6.3.0->6.3.1Release Notes
spring-projects/spring-security (Spring Security)
### [`v6.3.1`](https://togithub.com/spring-projects/spring-security/releases/tag/6.3.1) [Compare Source](https://togithub.com/spring-projects/spring-security/compare/6.3.0...6.3.1) #### :star: New Features - Clarify the behavior of Concurrent Session Management when an IdP is involved [#15071](https://togithub.com/spring-projects/spring-security/issues/15071) - Mention all required dependencies in LDAP documentation [#15245](https://togithub.com/spring-projects/spring-security/issues/15245) - Minor docs fix [#15144](https://togithub.com/spring-projects/spring-security/issues/15144) #### :beetle: Bug Fixes - AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc [#15211](https://togithub.com/spring-projects/spring-security/issues/15211) - Assert WebSession is not null [#15179](https://togithub.com/spring-projects/spring-security/issues/15179) - DispatcherServletDelegatingRequestMatcher causes errors when running tests with MockMvc [#15197](https://togithub.com/spring-projects/spring-security/issues/15197) - Documentation clarification after [#12783](https://togithub.com/spring-projects/spring-security/issues/12783) has been closed is needed. [#15208](https://togithub.com/spring-projects/spring-security/issues/15208) - Fix Java example in multitenanci.adoc [#15151](https://togithub.com/spring-projects/spring-security/issues/15151) - Fix Kotlin example in authorize-http-requests.adoc [#15129](https://togithub.com/spring-projects/spring-security/pull/15129) - Incorrect documentation for OIDC Back-Channel Logout [#15212](https://togithub.com/spring-projects/spring-security/issues/15212) - IpAddressMatcher.matches(String address) still accepts URLs [#15172](https://togithub.com/spring-projects/spring-security/issues/15172) - LDIF file on official documentation breaks the startup process [#15167](https://togithub.com/spring-projects/spring-security/issues/15167) - Link to article with remember-me-persistent-token strategy is broken [#15149](https://togithub.com/spring-projects/spring-security/issues/15149) - OpenSaml4AssertionValidator is not respecting clock skew settings [#15183](https://togithub.com/spring-projects/spring-security/issues/15183) - Resolving invalid CSRF token values is not consistent [#15186](https://togithub.com/spring-projects/spring-security/issues/15186) - spring-security/docs/modules/ROOT/pages/servlet/authorization /method-security [#15143](https://togithub.com/spring-projects/spring-security/issues/15143) - SpringOpaqueTokenIntrospector does not add scopes as granted authorities properly [#15165](https://togithub.com/spring-projects/spring-security/issues/15165) #### :hammer: Dependency Upgrades - Bump io.micrometer:micrometer-observation from 1.12.6 to 1.12.7 [#15225](https://togithub.com/spring-projects/spring-security/pull/15225) - Bump io.projectreactor:reactor-bom from 2023.0.6 to 2023.0.7 [#15229](https://togithub.com/spring-projects/spring-security/pull/15229) - Bump org.apache.directory.shared:shared-ldap from 0.9.15 to 0.9.19 [#15161](https://togithub.com/spring-projects/spring-security/pull/15161) - Bump org.apache.maven:maven-resolver-provider from 3.9.6 to 3.9.7 [#15168](https://togithub.com/spring-projects/spring-security/pull/15168) - Bump org.gretty:gretty from 4.1.3 to 4.1.4 [#15133](https://togithub.com/spring-projects/spring-security/pull/15133) - Bump org.hibernate.orm:hibernate-core from 6.4.8.Final to 6.4.9.Final [#15228](https://togithub.com/spring-projects/spring-security/pull/15228) - Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 [#15193](https://togithub.com/spring-projects/spring-security/pull/15193) - Bump org.springframework.data:spring-data-bom from 2024.0.0 to 2024.0.1 [#15260](https://togithub.com/spring-projects/spring-security/pull/15260) - Bump org.springframework.ldap:spring-ldap-core from 3.2.3 to 3.2.4 [#15251](https://togithub.com/spring-projects/spring-security/pull/15251) - Bump org.springframework:spring-framework-bom from 6.1.7 to 6.1.8 [#15134](https://togithub.com/spring-projects/spring-security/pull/15134) - Bump org.springframework:spring-framework-bom from 6.1.8 to 6.1.9 [#15252](https://togithub.com/spring-projects/spring-security/pull/15252) #### :nut_and_bolt: Build Updates - Bump `@antora`/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs [#15159](https://togithub.com/spring-projects/spring-security/pull/15159) - Bump `@springio`/antora-extensions from 1.10.0 to 1.11.1 in /docs [#15141](https://togithub.com/spring-projects/spring-security/pull/15141) - Bump com.gradle.develocity from 3.17.4 to 3.17.5 [#15239](https://togithub.com/spring-projects/spring-security/pull/15239) - Bump gradle/gradle-build-action from 2 to 3 [#15157](https://togithub.com/spring-projects/spring-security/pull/15157) - Bump io-spring-javaformat from 0.0.41 to 0.0.42 [#15219](https://togithub.com/spring-projects/spring-security/pull/15219) - Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.15 to 4.33.16 [#15176](https://togithub.com/spring-projects/spring-security/pull/15176) - Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.16 to 4.33.17 [#15218](https://togithub.com/spring-projects/spring-security/pull/15218) - Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.17 to 4.33.19 [#15261](https://togithub.com/spring-projects/spring-security/pull/15261) - Bump spring-io/spring-doc-actions from [`17ed79e`](https://togithub.com/spring-projects/spring-security/commit/17ed79ea5fbd65813c69ef1062a024d4a37ff0ca) to [`5a57bcc`](https://togithub.com/spring-projects/spring-security/commit/5a57bcc6a0da2a1474136cf29571b277850432bc) [#15139](https://togithub.com/spring-projects/spring-security/pull/15139) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@dependabot](https://togithub.com/dependabot)\[bot] and [@theHacker](https://togithub.com/theHacker)