spring-projects / spring-ldap

Spring LDAP
https://spring.io/spring-ldap
Apache License 2.0
348 stars 483 forks source link

Bump org.springframework.security:spring-security-core from 5.8.14 to 5.8.15 #949

Closed dependabot[bot] closed 1 week ago

dependabot[bot] commented 1 month ago

Bumps org.springframework.security:spring-security-core from 5.8.14 to 5.8.15.

Release notes

Sourced from org.springframework.security:spring-security-core's releases.

5.8.15

:star: New Features

  • Address unnecessary method invocation in AbstractRequestMatcherRegistry #15718
  • The SecuredAuthorizationManager can now find @Secured annotations on … #15014

:beetle: Bug Fixes

  • Disabling credentials erasure on custom AuthenticationManager is not working #15683
  • Methods annotated with @PostFilter are processed twice by PostFilterAuthorizationMethodInterceptor #15624
  • SecurityJackson2Modules.getModules(): Cannot load module org.springframework.security.cas.jackson2.CasJackson2Module #15749
  • The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect #15533

:hammer: Dependency Upgrades

  • Bump io.projectreactor.tools:blockhound from 1.0.9.RELEASE to 1.0.10.RELEASE #15928
  • Bump org-eclipse-jetty from 9.4.55.v20240627 to 9.4.56.v20240826 #15730
  • Bump org.springframework.ldap:spring-ldap-core from 2.4.1 to 2.4.2 #15941

:nut_and_bolt: Build Updates

  • Bump @antora/collector-extension from 1.0.0-beta.2 to 1.0.0-beta.3 in /docs #15908
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.13 to 1.0.0-alpha.14 in /docs #15837
  • Migrate slack notifications to GChat #15503
  • Release 5.8.15 #15963

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

Commits
  • 72a208e Release 5.8.15
  • 542071b Merge Add Firewall for WebFlux
  • 4ce7cde Add Firewall for WebFlux
  • c66ee4a Bump org.springframework.ldap:spring-ldap-core from 2.4.1 to 2.4.2
  • 517ea7f Bump io.projectreactor.tools:blockhound
  • fe79766 Bump @​antora/collector-extension in /docs
  • 755e9f2 Bump @​springio/asciidoctor-extensions in /docs
  • 7b7a304 Polish gh-15533
  • 8a79102 Fix array values of additionalParameters
  • 0a4eb0f Update credential erasure examples
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 week ago

Superseded by #971.