search

bcgov / bcparis-service

BCParis API is a restful API that accepts Driver, Vehicle and POR (Protection Order Registry) queries
Apache License 2.0
3 stars 8 forks source link

Bump spring-security.version from 5.7.10 to 6.2.3 #322

Open dependabot[bot] opened 7 months ago

dependabot[bot] commented 7 months ago

Bumps spring-security.version from 5.7.10 to 6.2.3. Updates org.springframework.security:spring-security-core from 5.7.10 to 6.2.3

Release notes

Sourced from org.springframework.security:spring-security-core's releases.

6.2.3

:star: New Features

  • Structure101 Plugin Should Ignore Deprecated Files #14640

:beetle: Bug Fixes

  • Check for null Authentication #14666
  • Fix Package Tangle in CAS #14641
  • LogoutConfigurer#createLogoutFilter sets the SecurityContextHolderStrategy twice #14648
  • ObservationTextHandler class is not defined in a reactive context #14653
  • PostAuthorize Method Interceptors Should Use Order from AuthorizationInterceptorsOrder #14723
  • Spring security's ServerLogoutHandler order problem. #14682

:hammer: Dependency Upgrades

  • Bump io.micrometer:micrometer-observation from 1.12.3 to 1.12.4 #14719
  • Bump io.mockk:mockk from 1.13.9 to 1.13.10 #14661
  • Bump io.projectreactor:reactor-bom from 2023.0.3 to 2023.0.4 #14726
  • Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.1 to 4.0.2 #14705
  • Bump org-aspectj from 1.9.21.1 to 1.9.21.2 #14734
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.22 to 1.9.23 #14706
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.22 to 1.9.23 #14704
  • Bump org.springframework.data:spring-data-bom from 2023.1.3 to 2023.1.4 #14770
  • Bump org.springframework:spring-framework-bom from 6.1.4 to 6.1.5 #14757

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​dependabot[bot]

6.2.2

:star: New Features

  • Configuration examples in docs are out of date #14392

:beetle: Bug Fixes

  • "Span wasn't started - an observation must be started (not only created)" (Micrometer) due to observation handling in Spring Security Web? #14568
  • HandlerMappingIntrospectorRequestTransformer is registered twice in AOT #14367
  • OAuth2AuthorizationExchange is not serializable #14405
  • WebTestUtilsTestRuntimeHints should implement RuntimeHintsRegistrar #14468
  • Application context fails to load: Couldn't find FilterChainProxy #14380
  • Back-Channel Logout should use localhost for internal logout request #14553
  • Cannot configure SecurityContextRepository in CasAuthenticationFilter #14536
  • Documentation about configuring SecuritySocketAcceptorInterceptor in Spring Boot is confusing #14348
  • fix typo in anonymous.adoc #14424
  • fix: typo in Authentication Architecture ProviderManager #14448
  • Missing native-image reflection hint for HandlerMappingIntrospectorCachFilterFactoryBean #14377

... (truncated)

Commits
  • 2455feb Release 6.2.3
  • a972338 Merge branch '6.1.x' into 6.2.x
  • f84c4ea Merge branch '5.8.x' into 6.1.x
  • 2c9dc08 Merge branch '5.7.x' into 5.8.x
  • 5a7f12f Check for null Authentication
  • c0fe212 Bump org.springframework.data:spring-data-bom from 2023.1.3 to 2023.1.4
  • a7105d8 Merge branch '6.1.x' into 6.2.x
  • 8d6ede2 Bump org.springframework:spring-framework-bom from 6.0.17 to 6.0.18
  • 2e53745 Merge branch '6.1.x' into 6.2.x
  • 747b806 Merge branch '5.8.x' into 6.1.x
  • Additional commits viewable in compare view


Updates org.springframework.security:spring-security-web from 5.7.10 to 6.2.3

Release notes

Sourced from org.springframework.security:spring-security-web's releases.

6.2.3

:star: New Features

  • Structure101 Plugin Should Ignore Deprecated Files #14640

:beetle: Bug Fixes

  • Check for null Authentication #14666
  • Fix Package Tangle in CAS #14641
  • LogoutConfigurer#createLogoutFilter sets the SecurityContextHolderStrategy twice #14648
  • ObservationTextHandler class is not defined in a reactive context #14653
  • PostAuthorize Method Interceptors Should Use Order from AuthorizationInterceptorsOrder #14723
  • Spring security's ServerLogoutHandler order problem. #14682

:hammer: Dependency Upgrades

  • Bump io.micrometer:micrometer-observation from 1.12.3 to 1.12.4 #14719
  • Bump io.mockk:mockk from 1.13.9 to 1.13.10 #14661
  • Bump io.projectreactor:reactor-bom from 2023.0.3 to 2023.0.4 #14726
  • Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.1 to 4.0.2 #14705
  • Bump org-aspectj from 1.9.21.1 to 1.9.21.2 #14734
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.22 to 1.9.23 #14706
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.22 to 1.9.23 #14704
  • Bump org.springframework.data:spring-data-bom from 2023.1.3 to 2023.1.4 #14770
  • Bump org.springframework:spring-framework-bom from 6.1.4 to 6.1.5 #14757

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​dependabot[bot]

6.2.2

:star: New Features

  • Configuration examples in docs are out of date #14392

:beetle: Bug Fixes

  • "Span wasn't started - an observation must be started (not only created)" (Micrometer) due to observation handling in Spring Security Web? #14568
  • HandlerMappingIntrospectorRequestTransformer is registered twice in AOT #14367
  • OAuth2AuthorizationExchange is not serializable #14405
  • WebTestUtilsTestRuntimeHints should implement RuntimeHintsRegistrar #14468
  • Application context fails to load: Couldn't find FilterChainProxy #14380
  • Back-Channel Logout should use localhost for internal logout request #14553
  • Cannot configure SecurityContextRepository in CasAuthenticationFilter #14536
  • Documentation about configuring SecuritySocketAcceptorInterceptor in Spring Boot is confusing #14348
  • fix typo in anonymous.adoc #14424
  • fix: typo in Authentication Architecture ProviderManager #14448
  • Missing native-image reflection hint for HandlerMappingIntrospectorCachFilterFactoryBean #14377

... (truncated)

Commits
  • 2455feb Release 6.2.3
  • a972338 Merge branch '6.1.x' into 6.2.x
  • f84c4ea Merge branch '5.8.x' into 6.1.x
  • 2c9dc08 Merge branch '5.7.x' into 5.8.x
  • 5a7f12f Check for null Authentication
  • c0fe212 Bump org.springframework.data:spring-data-bom from 2023.1.3 to 2023.1.4
  • a7105d8 Merge branch '6.1.x' into 6.2.x
  • 8d6ede2 Bump org.springframework:spring-framework-bom from 6.0.17 to 6.0.18
  • 2e53745 Merge branch '6.1.x' into 6.2.x
  • 747b806 Merge branch '5.8.x' into 6.1.x
  • Additional commits viewable in compare view


Updates org.springframework.security:spring-security-config from 5.7.10 to 6.2.3

Release notes

Sourced from org.springframework.security:spring-security-config's releases.

6.2.3

:star: New Features

  • Structure101 Plugin Should Ignore Deprecated Files #14640

:beetle: Bug Fixes

  • Check for null Authentication #14666
  • Fix Package Tangle in CAS #14641
  • LogoutConfigurer#createLogoutFilter sets the SecurityContextHolderStrategy twice #14648
  • ObservationTextHandler class is not defined in a reactive context #14653
  • PostAuthorize Method Interceptors Should Use Order from AuthorizationInterceptorsOrder #14723
  • Spring security's ServerLogoutHandler order problem. #14682

:hammer: Dependency Upgrades

  • Bump io.micrometer:micrometer-observation from 1.12.3 to 1.12.4 #14719
  • Bump io.mockk:mockk from 1.13.9 to 1.13.10 #14661
  • Bump io.projectreactor:reactor-bom from 2023.0.3 to 2023.0.4 #14726
  • Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.1 to 4.0.2 #14705
  • Bump org-aspectj from 1.9.21.1 to 1.9.21.2 #14734
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.22 to 1.9.23 #14706
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.22 to 1.9.23 #14704
  • Bump org.springframework.data:spring-data-bom from 2023.1.3 to 2023.1.4 #14770
  • Bump org.springframework:spring-framework-bom from 6.1.4 to 6.1.5 #14757

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​dependabot[bot]

6.2.2

:star: New Features

  • Configuration examples in docs are out of date #14392

:beetle: Bug Fixes

  • "Span wasn't started - an observation must be started (not only created)" (Micrometer) due to observation handling in Spring Security Web? #14568
  • HandlerMappingIntrospectorRequestTransformer is registered twice in AOT #14367
  • OAuth2AuthorizationExchange is not serializable #14405
  • WebTestUtilsTestRuntimeHints should implement RuntimeHintsRegistrar #14468
  • Application context fails to load: Couldn't find FilterChainProxy #14380
  • Back-Channel Logout should use localhost for internal logout request #14553
  • Cannot configure SecurityContextRepository in CasAuthenticationFilter #14536
  • Documentation about configuring SecuritySocketAcceptorInterceptor in Spring Boot is confusing #14348
  • fix typo in anonymous.adoc #14424
  • fix: typo in Authentication Architecture ProviderManager #14448
  • Missing native-image reflection hint for HandlerMappingIntrospectorCachFilterFactoryBean #14377

... (truncated)

Commits
  • 2455feb Release 6.2.3
  • a972338 Merge branch '6.1.x' into 6.2.x
  • f84c4ea Merge branch '5.8.x' into 6.1.x
  • 2c9dc08 Merge branch '5.7.x' into 5.8.x
  • 5a7f12f Check for null Authentication
  • c0fe212 Bump org.springframework.data:spring-data-bom from 2023.1.3 to 2023.1.4
  • a7105d8 Merge branch '6.1.x' into 6.2.x
  • 8d6ede2 Bump org.springframework:spring-framework-bom from 6.0.17 to 6.0.18
  • 2e53745 Merge branch '6.1.x' into 6.2.x
  • 747b806 Merge branch '5.8.x' into 6.1.x
  • Additional commits viewable in compare view


Updates org.springframework.security:spring-security-crypto from 5.7.10 to 6.2.3

Release notes

Sourced from org.springframework.security:spring-security-crypto's releases.

6.2.3

:star: New Features

  • Structure101 Plugin Should Ignore Deprecated Files #14640

:beetle: Bug Fixes

  • Check for null Authentication #14666
  • Fix Package Tangle in CAS #14641
  • LogoutConfigurer#createLogoutFilter sets the SecurityContextHolderStrategy twice #14648
  • ObservationTextHandler class is not defined in a reactive context #14653
  • PostAuthorize Method Interceptors Should Use Order from AuthorizationInterceptorsOrder #14723
  • Spring security's ServerLogoutHandler order problem. #14682

:hammer: Dependency Upgrades

  • Bump io.micrometer:micrometer-observation from 1.12.3 to 1.12.4 #14719
  • Bump io.mockk:mockk from 1.13.9 to 1.13.10 #14661
  • Bump io.projectreactor:reactor-bom from 2023.0.3 to 2023.0.4 #14726
  • Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.1 to 4.0.2 #14705
  • Bump org-aspectj from 1.9.21.1 to 1.9.21.2 #14734
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.22 to 1.9.23 #14706
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.22 to 1.9.23 #14704
  • Bump org.springframework.data:spring-data-bom from 2023.1.3 to 2023.1.4 #14770
  • Bump org.springframework:spring-framework-bom from 6.1.4 to 6.1.5 #14757

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​dependabot[bot]

6.2.2

:star: New Features

  • Configuration examples in docs are out of date #14392

:beetle: Bug Fixes

  • "Span wasn't started - an observation must be started (not only created)" (Micrometer) due to observation handling in Spring Security Web? #14568
  • HandlerMappingIntrospectorRequestTransformer is registered twice in AOT #14367
  • OAuth2AuthorizationExchange is not serializable #14405
  • WebTestUtilsTestRuntimeHints should implement RuntimeHintsRegistrar #14468
  • Application context fails to load: Couldn't find FilterChainProxy #14380
  • Back-Channel Logout should use localhost for internal logout request #14553
  • Cannot configure SecurityContextRepository in CasAuthenticationFilter #14536
  • Documentation about configuring SecuritySocketAcceptorInterceptor in Spring Boot is confusing #14348
  • fix typo in anonymous.adoc #14424
  • fix: typo in Authentication Architecture ProviderManager #14448
  • Missing native-image reflection hint for HandlerMappingIntrospectorCachFilterFactoryBean #14377

... (truncated)

Commits
  • 2455feb Release 6.2.3
  • a972338 Merge branch '6.1.x' into 6.2.x
  • f84c4ea Merge branch '5.8.x' into 6.1.x
  • 2c9dc08 Merge branch '5.7.x' into 5.8.x
  • 5a7f12f Check for null Authentication
  • c0fe212 Bump org.springframework.data:spring-data-bom from 2023.1.3 to 2023.1.4
  • a7105d8 Merge branch '6.1.x' into 6.2.x
  • 8d6ede2 Bump org.springframework:spring-framework-bom from 6.0.17 to 6.0.18
  • 2e53745 Merge branch '6.1.x' into 6.2.x
  • 747b806 Merge branch '5.8.x' into 6.1.x
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)