search

interview-com-ua / website

8 stars 23 forks source link

Bump spring.security.version from 3.1.3.RELEASE to 5.4.0 in /web #117

Open dependabot[bot] opened 3 years ago

dependabot[bot] commented 3 years ago

Bumps spring.security.version from 3.1.3.RELEASE to 5.4.0. Updates spring-security-web from 3.1.3.RELEASE to 5.4.0

Release notes

Sourced from spring-security-web's releases.

5.4.0

:star: New Features

  • Add What's New in 5.4 #9002
  • Add What's New in 5.4 Section to Docs #9001
  • Add Resource Server Servlet Logging #9000
  • Simplify saml2Login Samples #8990
  • Remove Framework Tests from saml2Login Sample #8989
  • Add authenticationManagerResolver to resource server Kotlin DSL #8981
  • Generalize SAML 2.0 Assertion Validation Support #8970
  • Update abstract-authentication-processing-filter.adoc #8965
  • Add spring-javaformat checkstyle and formatting #8946
  • Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL #8926
  • Add hasAnyAuthority(String...) and hasAnyRole(String...) to authorizeRequests in Kotlin DSL #8892
  • Resolve oauth2 client-id, client-secret placeholders #8880
  • Restructure SAML 2.0 documentation #8763
  • security:client-registrations doesn't take propertyconfigurer properties #8453

:beetle: Bug Fixes

  • Clickjacking demo in docs: YouTube link in X-Frame-Options section leads to private video #8986
  • NoClassDefFoundError: AuthMetadataFlyweight at o.s.s.r.m.SimpleAuthenticationEncoder #8948
  • SAML attributes not parsed correctly with prefixed XML elements #8864
  • Don't use oidc scopes_supported for scope as default in ClientRegistrations #8790
  • scopes_supported metadata should not be used as default in ClientRegistrations #8514

:hammer: Dependency Upgrades

  • Set springDataVersion to Neumann-SR+ #9007
  • Set rsocketVersion to 1.0.+ #9006

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

5.4.0-RC1

:star: New Features

  • Deprecate CustomUserTypesOAuth2UserService #8908
  • Deprecate ClientRegistration.redirectUriTemplate #8906
  • Allow for custom ClientRegistration.clientAuthenticationMethod #8903
  • Deprecate ImplicitGrantConfigurer #8902
  • Remove use of Mono.deferWithContext() #8901

... (truncated)

Commits
  • 651c94b Disable parallel deployment build in Jenkins
  • 7681fa6 Release 5.4.0
  • 3d0e459 Lock Dependency Versions for 5.4.0
  • 6222c5f Add What's New in 5.4
  • edecb47 Set springDataVersion to Neumann-SR+
  • 8615c4a Set rsocketVersion to 1.0.+
  • 94bc197 Polish "Add Spring Checkstyle with all checks disabled"
  • 4e2a050 Customizer for WebSecurity
  • bf067d6 Add Logging to Resource Server
  • 593a556 Remove broken link from docs
  • Additional commits viewable in compare view


Updates spring-security-config from 3.1.3.RELEASE to 5.4.0

Release notes

Sourced from spring-security-config's releases.

5.4.0

:star: New Features

  • Add What's New in 5.4 #9002
  • Add What's New in 5.4 Section to Docs #9001
  • Add Resource Server Servlet Logging #9000
  • Simplify saml2Login Samples #8990
  • Remove Framework Tests from saml2Login Sample #8989
  • Add authenticationManagerResolver to resource server Kotlin DSL #8981
  • Generalize SAML 2.0 Assertion Validation Support #8970
  • Update abstract-authentication-processing-filter.adoc #8965
  • Add spring-javaformat checkstyle and formatting #8946
  • Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL #8926
  • Add hasAnyAuthority(String...) and hasAnyRole(String...) to authorizeRequests in Kotlin DSL #8892
  • Resolve oauth2 client-id, client-secret placeholders #8880
  • Restructure SAML 2.0 documentation #8763
  • security:client-registrations doesn't take propertyconfigurer properties #8453

:beetle: Bug Fixes

  • Clickjacking demo in docs: YouTube link in X-Frame-Options section leads to private video #8986
  • NoClassDefFoundError: AuthMetadataFlyweight at o.s.s.r.m.SimpleAuthenticationEncoder #8948
  • SAML attributes not parsed correctly with prefixed XML elements #8864
  • Don't use oidc scopes_supported for scope as default in ClientRegistrations #8790
  • scopes_supported metadata should not be used as default in ClientRegistrations #8514

:hammer: Dependency Upgrades

  • Set springDataVersion to Neumann-SR+ #9007
  • Set rsocketVersion to 1.0.+ #9006

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

5.4.0-RC1

:star: New Features

  • Deprecate CustomUserTypesOAuth2UserService #8908
  • Deprecate ClientRegistration.redirectUriTemplate #8906
  • Allow for custom ClientRegistration.clientAuthenticationMethod #8903
  • Deprecate ImplicitGrantConfigurer #8902
  • Remove use of Mono.deferWithContext() #8901

... (truncated)

Commits
  • 651c94b Disable parallel deployment build in Jenkins
  • 7681fa6 Release 5.4.0
  • 3d0e459 Lock Dependency Versions for 5.4.0
  • 6222c5f Add What's New in 5.4
  • edecb47 Set springDataVersion to Neumann-SR+
  • 8615c4a Set rsocketVersion to 1.0.+
  • 94bc197 Polish "Add Spring Checkstyle with all checks disabled"
  • 4e2a050 Customizer for WebSecurity
  • bf067d6 Add Logging to Resource Server
  • 593a556 Remove broken link from docs
  • Additional commits viewable in compare view


Updates spring-security-core from 3.1.3.RELEASE to 5.4.0

Release notes

Sourced from spring-security-core's releases.

5.4.0

:star: New Features

  • Add What's New in 5.4 #9002
  • Add What's New in 5.4 Section to Docs #9001
  • Add Resource Server Servlet Logging #9000
  • Simplify saml2Login Samples #8990
  • Remove Framework Tests from saml2Login Sample #8989
  • Add authenticationManagerResolver to resource server Kotlin DSL #8981
  • Generalize SAML 2.0 Assertion Validation Support #8970
  • Update abstract-authentication-processing-filter.adoc #8965
  • Add spring-javaformat checkstyle and formatting #8946
  • Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL #8926
  • Add hasAnyAuthority(String...) and hasAnyRole(String...) to authorizeRequests in Kotlin DSL #8892
  • Resolve oauth2 client-id, client-secret placeholders #8880
  • Restructure SAML 2.0 documentation #8763
  • security:client-registrations doesn't take propertyconfigurer properties #8453

:beetle: Bug Fixes

  • Clickjacking demo in docs: YouTube link in X-Frame-Options section leads to private video #8986
  • NoClassDefFoundError: AuthMetadataFlyweight at o.s.s.r.m.SimpleAuthenticationEncoder #8948
  • SAML attributes not parsed correctly with prefixed XML elements #8864
  • Don't use oidc scopes_supported for scope as default in ClientRegistrations #8790
  • scopes_supported metadata should not be used as default in ClientRegistrations #8514

:hammer: Dependency Upgrades

  • Set springDataVersion to Neumann-SR+ #9007
  • Set rsocketVersion to 1.0.+ #9006

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

5.4.0-RC1

:star: New Features

  • Deprecate CustomUserTypesOAuth2UserService #8908
  • Deprecate ClientRegistration.redirectUriTemplate #8906
  • Allow for custom ClientRegistration.clientAuthenticationMethod #8903
  • Deprecate ImplicitGrantConfigurer #8902
  • Remove use of Mono.deferWithContext() #8901

... (truncated)

Commits
  • 651c94b Disable parallel deployment build in Jenkins
  • 7681fa6 Release 5.4.0
  • 3d0e459 Lock Dependency Versions for 5.4.0
  • 6222c5f Add What's New in 5.4
  • edecb47 Set springDataVersion to Neumann-SR+
  • 8615c4a Set rsocketVersion to 1.0.+
  • 94bc197 Polish "Add Spring Checkstyle with all checks disabled"
  • 4e2a050 Customizer for WebSecurity
  • bf067d6 Add Logging to Resource Server
  • 593a556 Remove broken link from docs
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/interview-com-ua/website/network/alerts).