search

spring-projects / spring-session

Spring Session
https://spring.io/projects/spring-session
Apache License 2.0
1.85k stars 1.1k forks source link

Bump org.springframework.security:spring-security-bom from 6.2.4 to 6.2.5 #3048

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps org.springframework.security:spring-security-bom from 6.2.4 to 6.2.5.

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

6.2.5

:star: New Features

  • doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #15063
  • Enhance Logging in RequestMatcherDelegatingAuthorizationManage #14922
  • InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #14974
  • Mention all required dependencies in LDAP documentation #15244

:beetle: Bug Fixes

  • Assert WebSession is not null #15178
  • AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #15210
  • DispatcherServletDelegatingRequestMatcher causes errors when running tests with MockMvc #15196
  • Fix Java example in multitenanci.adoc #15150
  • Incorrect documentation for OIDC Back-Channel Logout #15198
  • InMemoryUserDetailsManager Setting User Roles in Official Documentation Example Causes Error #14972
  • LDIF file on official documentation breaks the startup process #15166
  • Link to article with remember-me-persistent-token strategy is broken #15148
  • OIDC Logout section is not shown in the navbar #15112
  • OpenSaml4AssertionValidator is not respecting clock skew settings #15022
  • ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #14958
  • Resolving invalid CSRF token values is not consistent #15185
  • spring-security/docs/modules/ROOT/pages/servlet/authorization /method-security #15045
  • Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #14995

:hammer: Dependency Upgrades

  • Bump com.fasterxml.jackson:jackson-bom from 2.17.0 to 2.17.1 #15011
  • Bump io.micrometer:micrometer-observation from 1.12.5 to 1.12.6 #15069
  • Bump io.micrometer:micrometer-observation from 1.12.6 to 1.12.7 #15224
  • Bump io.mockk:mockk from 1.13.10 to 1.13.11 #15079
  • Bump io.projectreactor:reactor-bom from 2023.0.5 to 2023.0.6 #15075
  • Bump io.projectreactor:reactor-bom from 2023.0.6 to 2023.0.7 #15232
  • Bump org-apache-maven-resolver from 1.9.18 to 1.9.19 #14939
  • Bump org-apache-maven-resolver from 1.9.19 to 1.9.20 #15031
  • Bump org-aspectj from 1.9.22 to 1.9.22.1 #15049
  • Bump org-eclipse-jetty from 11.0.20 to 11.0.21 #15080
  • Bump org.apache.maven:maven-resolver-provider from 3.9.6 to 3.9.7 #15170
  • Bump org.hibernate.orm:hibernate-core from 6.4.4.Final to 6.4.5.Final #14949
  • Bump org.hibernate.orm:hibernate-core from 6.4.5.Final to 6.4.6.Final #14953
  • Bump org.hibernate.orm:hibernate-core from 6.4.6.Final to 6.4.7.Final #14960
  • Bump org.hibernate.orm:hibernate-core from 6.4.7.Final to 6.4.8.Final #14981
  • Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15192
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.23 to 1.9.24 #15024
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.23 to 1.9.24 #15023
  • Bump org.opensaml:opensaml-core4 from 4.3.1 to 4.3.2 #14947
  • Bump org.springframework.data:spring-data-bom from 2023.1.5 to 2023.1.6 #15101
  • Bump org.springframework.data:spring-data-bom from 2023.1.6 to 2023.1.7 #15262
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.3 to 3.2.4 #15248
  • Bump org.springframework:spring-framework-bom from 6.1.6 to 6.1.7 #15081

... (truncated)

Commits
  • 2966a72 Release 6.2.5
  • 2a6f6ec Bump org.springframework.data:spring-data-bom from 2023.1.6 to 2023.1.7
  • 73e2e75 Merge branch '5.8.x' into 6.2.x
  • 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
  • 79c8eb3 Bump org.springframework:spring-framework-bom from 6.1.8 to 6.1.9
  • 3d9df37 Bump org.springframework.ldap:spring-ldap-core from 3.2.3 to 3.2.4
  • e417714 Merge branch '5.8.x' into 6.2.x
  • f622d8e Polish gh-15235
  • 92cab2b Add 'Required Dependencies' section in ldap.adoc file
  • 0913903 Bump com.gradle.develocity from 3.17.4 to 3.17.5
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)