search

chhorz / oas-generator

Build-Time generation of OpenAPI specification files
https://chhorz.github.io/oas-generator/
Apache License 2.0
3 stars 1 forks source link

Bump org.springframework.security:spring-security-core from 6.2.4 to 6.3.1 #497

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps org.springframework.security:spring-security-core from 6.2.4 to 6.3.1.

Release notes

Sourced from org.springframework.security:spring-security-core's releases.

6.3.1

:star: New Features

  • Clarify the behavior of Concurrent Session Management when an IdP is involved #15071
  • Mention all required dependencies in LDAP documentation #15245
  • Minor docs fix #15144

:beetle: Bug Fixes

  • AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #15211
  • Assert WebSession is not null #15179
  • DispatcherServletDelegatingRequestMatcher causes errors when running tests with MockMvc #15197
  • Documentation clarification after #12783 has been closed is needed. #15208
  • Fix Java example in multitenanci.adoc #15151
  • Fix Kotlin example in authorize-http-requests.adoc #15129
  • Incorrect documentation for OIDC Back-Channel Logout #15212
  • IpAddressMatcher.matches(String address) still accepts URLs #15172
  • LDIF file on official documentation breaks the startup process #15167
  • Link to article with remember-me-persistent-token strategy is broken #15149
  • OpenSaml4AssertionValidator is not respecting clock skew settings #15183
  • Resolving invalid CSRF token values is not consistent #15186
  • spring-security/docs/modules/ROOT/pages/servlet/authorization /method-security #15143
  • SpringOpaqueTokenIntrospector does not add scopes as granted authorities properly #15165

:hammer: Dependency Upgrades

  • Bump io.micrometer:micrometer-observation from 1.12.6 to 1.12.7 #15225
  • Bump io.projectreactor:reactor-bom from 2023.0.6 to 2023.0.7 #15229
  • Bump org.apache.directory.shared:shared-ldap from 0.9.15 to 0.9.19 #15161
  • Bump org.apache.maven:maven-resolver-provider from 3.9.6 to 3.9.7 #15168
  • Bump org.gretty:gretty from 4.1.3 to 4.1.4 #15133
  • Bump org.hibernate.orm:hibernate-core from 6.4.8.Final to 6.4.9.Final #15228
  • Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15193
  • Bump org.springframework.data:spring-data-bom from 2024.0.0 to 2024.0.1 #15260
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.3 to 3.2.4 #15251
  • Bump org.springframework:spring-framework-bom from 6.1.7 to 6.1.8 #15134
  • Bump org.springframework:spring-framework-bom from 6.1.8 to 6.1.9 #15252

:nut_and_bolt: Build Updates

  • Bump @antora/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs #15159
  • Bump @springio/antora-extensions from 1.10.0 to 1.11.1 in /docs #15141
  • Bump com.gradle.develocity from 3.17.4 to 3.17.5 #15239
  • Bump gradle/gradle-build-action from 2 to 3 #15157
  • Bump io-spring-javaformat from 0.0.41 to 0.0.42 #15219
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.15 to 4.33.16 #15176
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.16 to 4.33.17 #15218
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.17 to 4.33.19 #15261
  • Bump spring-io/spring-doc-actions from 17ed79ea5fbd65813c69ef1062a024d4a37ff0ca to 5a57bcc6a0da2a1474136cf29571b277850432bc #15139

... (truncated)

Commits
  • 6adc3b3 Release 6.3.1
  • 363159e Merge branch '6.2.x' into 6.3.x
  • 2a6f6ec Bump org.springframework.data:spring-data-bom from 2023.1.6 to 2023.1.7
  • 3ec2a2c Bump org.jfrog.buildinfo:build-info-extractor-gradle
  • e5b54ed Bump org.springframework.data:spring-data-bom from 2024.0.0 to 2024.0.1
  • 73e2e75 Merge branch '5.8.x' into 6.2.x
  • 64b698f Merge branch '6.2.x' into 6.3.x
  • 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
  • d4e151c Bump org.springframework:spring-framework-bom from 6.1.8 to 6.1.9
  • 5587fe1 Bump org.springframework.ldap:spring-ldap-core from 3.2.3 to 3.2.4
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)