search

arrumm / veragg

0 stars 0 forks source link

Bump spring-security-test from 5.5.2 to 5.7.3 #151

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 2 years ago

Bumps spring-security-test from 5.5.2 to 5.7.3.

Release notes

Sourced from spring-security-test's releases.

5.7.3

:star: New Features

  • Add Kotlin example showing integration with WebTestClient #9998
  • Set permissions for GitHub actions #11642
  • Update javadoc of EnableWebSecurity to reflect deprecation of WebSecurityConfigurerAdapter #11650

:beetle: Bug Fixes

  • Add Deprecated annotation to WebSecurity#securityInterceptor #11637
  • Check saganCreateRelease saganDeleteRelease Required Permissions #11425
  • org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal fails to return more than one "attribute" #11605
  • RequestAttributeSecurityContextRepository.loadContext(HttpServletRequest) should never return null SecurityContext #11606
  • RequestRejectedHandler does not reliable prevent Internal Server Error #11672
  • Sources and javadocs missing in latest snapshots #11628
  • Spring Security Bcrypt with strength/log rounds = 31 results in 'Bad number of rounds' error although 31 should be ok #11484
  • Update javadoc of HttpSecurity, WebSecurityConfiguration and WebSecurity to reflect deprecation of WebSecurityConfigurerAdapter #11651

:hammer: Dependency Upgrades

  • Update hibernate-entitymanager to 5.6.10.Final #11694
  • Update io.projectreactor to 2020.0.22 #11691
  • Update jsonassert to 1.5.1 #11696
  • Update mockk to 1.12.5 #11690
  • Update org.eclipse.jetty to 9.4.48.v20220622 #11693
  • Update org.jetbrains.kotlinx to 1.6.4 #11695
  • Update org.springframework to 5.3.22 #11697
  • Update org.springframework.data to 2021.2.2 #11698

5.7.2

:star: New Features

  • Consider updating testing examples to use JUnit Jupiter #11293

:beetle: Bug Fixes

  • Some Security Expressions cause NPE when used within @Query #11289
  • CsrfWebFilter null save content-type check #11341
  • Docs example uses access(String) with authorizeHttpRequests() #11296
  • Fix typo in BasicLookupStrategy Javadoc #11339
  • KeyInfo missing in AuthnRequest when using OpenSaml4AuthenticationRequestResolver #11358
  • OidcClientInitiatedLogoutSuccessHandler url-encodes PostLogoutRedirectUri twice #11384
  • SAML request encoding: on redirect binding, base64 encoded message contains CRLF #11284
  • SecurityContextRepository.loadContext(HttpServletRequest) cache result #11390
  • Should SAML metadata EntityDescriptor tag have the md: prefix? #11311
  • Update opaque-token.adoc #11303

:hammer: Dependency Upgrades

  • Update aspectj-plugin to 6.4.3.1 #11402

... (truncated)

Commits
  • 173d74d Release 5.7.3
  • 66cb3e0 Update org.springframework.data to 2021.2.2
  • 74675ef Update org.springframework to 5.3.22
  • a92ac82 Update jsonassert to 1.5.1
  • db638c2 Update org.jetbrains.kotlinx to 1.6.4
  • f884527 Update hibernate-entitymanager to 5.6.10.Final
  • dbd1744 Update org.eclipse.jetty to 9.4.48.v20220622
  • 2eeee99 Update io.projectreactor to 2020.0.22
  • e8c5642 Update mockk to 1.12.5
  • 6a2ca52 Consistently handle RequestRejectedException if it is wrapped
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #161.